--- Stuart Felenstein <stuart4m@xxxxxxxxx> wrote: > I had this thread going yesterday. Then basically > think it reached a stalemate. I think you need to try to simplify your code to the most basic example that demonstrates the problem. By doing this, you'll achieve one of two things: 1. Figure out the problem yourself. 2. Generate a perfect example that we can use to better understand your problem and suggest a solution. > I'm wondering has anyone setup forms using session variables > and validation. Yes, this is very, very common. :-) > Validation where the validating is done on the same page, and > the redirected on success? This is also very, very common. > Let me ask though if I setup just a validation page, > then on success I'm still doing a redirect (cause it's > a multi page form) > > Or if I validate on the next page and there is an > error, I redirect back, but then I also have to > consider how the error is going to get printed on the > first page. How you design this is subjective, but my opinion is that redirects are only handy when you want to avoid the user's browser asking whether to resubmit a POST request when they're using the history mechanism, as I describe here: http://www.phpmag.net/itr/online_artikel/psecom,id,637,nodeid,114.html Aside from that case (which is your case if you're using the POST method), I prefer to include the appropriate module rather than redirecting the user. It seems silly for them to request a resource only to be told to go somewhere else to find it. If we know where it is, why not just return it? That's the basis of my opinion. :-) Hope that helps. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming January 2004 http://httphandbook.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
