Re: Options on session control in a web application
Date: 3 Aug 2008 18:15:36 -0800
Ed Prochak (edprochak_at_gmail.com) wrote:
: Malcolm Dew-Jones wrote:
: > Ed Prochak (edprochak_at_gmail.com) wrote:
: > : Connected to:
: > : Oracle9i Enterprise Edition Release 126.96.36.199.0 - 64bit Production
: > : With the Partitioning and Oracle Data Mining options
: > : JServer Release 188.8.131.52.0 - Production
: > : Showing my lack of User interface application skills here.
: > : We have web applications built with PL/SQL. The goal is to develop a
: > : simple timing application. When the user enters the fist screen, make
: > : a log entry which include the time. When they exit that screen, note
: > : how they exited (e.g. OK or CANCEL button pressed) and update the log
: > : with a stop time. Given the stateless nature of HTML, what's the best
: > : practice to deal with this situation?
: > : Use a cookie?
: > : Use hidden HTML form fields?
: > : Other?
: > As long as the hidden field does not have security issues, then I think a
: > hidden field is the easiest for simple tasks.
: Sounds good. Just wondered if a cookie might be better.
The "problem" with a hidden field is that every page of the applicaiton has to pass it along. For example, if a user visits an html page with instructions then they can't "continue" to the next page and keep the hidden field unless the "html" file is actually a cgi script that populates a hidden field (or url parameter). In a simple situation that is not a hassle, but with multiple screens it does get to be a hassle.
A cookie is potentially more hassle to program. But if your tools / ennvironment have simnple routines then handle cookies then a cookie becomes simple and the only downside at all is that you have more "things" that your code has to handle.
: > Your application will see the hidden field just as if it were a normal
: > field. In fact during test/development you could use the field as a
: > normal input field so as to test various inputs.
: We have hidden fields for some other information on this and other
: pages, so I'm comfortable with that.
--Received on Sun Aug 03 2008 - 21:15:36 CDT