Overview
Examples
Screenshots
Comparisons
Applications
Download
Documentation
Tutorials
Bazaar
Status & Roadmap
FAQ
Authors & License
Forums
Funding Ultimate++
Search on this site
Search in forums












SourceForge.net Logo
Home » Developing U++ » U++ Developers corner » Skylark reaching "beta" status, first 6 chapters of tutorial available..
Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. [message #36826 is a reply to message #36825] Mon, 09 July 2012 20:42 Go to previous messageGo to previous message
mirek is currently offline  mirek
Messages: 13975
Registered: November 2005
Ultimate Member
zsolt wrote on Mon, 09 July 2012 13:43

mirek wrote on Mon, 09 July 2012 19:28


OK, one possible issue: User could provide some value before is is created in session and it could have been mistakingly considered a session value...

Yes, this can be a real danger in a large project with a lot of programmers (many of them can be very sloppy).
Don't you think, it would be more safe to separate session and post variables at least based on some configuration option?


Actually, I was a little bit afraid when introducing this "shared variable space", but decided to give it a try... anyway, I guess php $_REQUEST discussion applies here too (yep, cookies go there as well Smile so we have to take some measures. Even back when introducing the operator[], the option was to differentiate by first character of id.

So http[":var"] would be session, http["@var"] cookie and http["var"] either GET or POST (I guess not need to split those, as handlers react only to GET or POST, never both). GET and POST values with ':' and '@' at the start would be explicitly disallowed (and ignored).

The reason why not simply go with some Http::GetSession is that this way, some common processing is possible (e.g. Http::Int(const char *id)).

Do you see some catch in this remake?

Mirek

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Is U++ compatible with VC++ Express 2012?
Next Topic: Another problem with MT (damn it... :()
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Mon Apr 29 17:38:17 CEST 2024

Total time taken to generate the page: 0.02013 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.5.
Copyright ©2001-2013 FUDforum Bulletin Board Software