Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

mulipage form

Status
Not open for further replies.
ice78991

ice78991

Programmer
Nov 20, 2006
216
I am looking into ways of creating a form that spans multiple pages ( with 'Next Step' links on each page)

What is the best way to preserve data between each page. Is it best to use session variables or is it ok to write the form data entered for each step directly to the database table when 'next step' is clicked (and include a 'completed' column to indicate when the user has completed the form)
 
Sort by date Sort by votes
I usually use

Code: 
<cfoutput>
   <input type="hidden" name="previousFormVar" value="#FORM.prevFormVar#" />
</cfoutput>

or you can pass vars through the querystring.
 
Upvote 0 Downvote
Are there security issues associated with form and url variable methods that are avoided using session variables? Maybe a hacker could tamper with the querystring?
 
Upvote 0 Downvote
There are definitely security issues with querystring variables. They can be easily manipulated.

Form data, unless submitted over HTTPS, is also insecure, but not as easily forged as querystring variables.

You could use the SESSION scope which is maintained at the server level. And those time out when the session times out.
 
Upvote 0 Downvote
You should always not trust your users. Sanitize and validate everything at the server.

Storing or passing from form to form either as a post variable or as a session variable in them selves are not the problem -- it's what you do with it after you get it that's the problem or not.

[plug=shameless]
[/plug]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

lwfg
  • Locked
  • Question
getting form values from ColdFusion programn to asp.net program
Replies
2
Views
104
LyndonOHRC
LyndonOHRC
hifispin2015
  • Locked
  • Question
Creating a slect all button for A Multiple Slect HTML Form Field
Replies
1
Views
90
LyndonOHRC
LyndonOHRC
clearwave
  • Locked
  • Question
Timesheet entry form that auto-fills the Date range?
Replies
4
Views
122
clearwave
clearwave
LarrySteele
  • Locked
  • Question
Form variable problems with Safari 5.1.5
Replies
1
Views
74
jdhilljr
jdhilljr
mptwoadmin
  • Locked
  • Question
Update form from query preload?
Replies
1
Views
86
LyndonOHRC
LyndonOHRC

Part and Inventory Search

Sponsor

Back
Top