Do I need to create a sessionID or cookie?

Question

Hi ppl,

I have a simple form which submits to an Access db and
redirects to a thanks.asp page displaying the contents entered into
the form - basic stuff and all working like a dream.

Scenario - My problem is that if a user goes to the form and
completes it to get to the thanks page, they could in theory
refresh the page after another user has completed the form and then
see the other users information instead of their own.

My page is simply displaying the last record entered using
ORDER BY DESC in my SQl.

Can someone guide me in the right direction of how to do this
correctly so that a form user will only ever see data they have
personally entered. Do I need to create a session or use cookies? I
have not done this before and so would welcome any pointers as to
how this is done correctly.

Thanks as always

Jules

Newsgroup_User · Answer

If you can make changes to the db structure, I'd add a "Timestamp" field to
the record, with the default value set to get the current date/time, I
believe it's Now() in Access.

However, on the .asp page I would modify the SQL to insert Now() into the
Timestamp field as part of the insert transaction. Ideally you'd want the
time to be as precise as possible to avoid duplicates: Month, Day, Year,
Hour, Minute, Second, Millisecond if possible.

So, the sql inserts all the fields for the record including a value for the
Timestamp. Then pass that timestamp value over to the thanks page and pull
the record out that has the matching timestamp.

I think it's safe to say that no value of MM

D:YY::HH::MM::SS::MS will be
equivalent to another.

It would be better to insert the record and retrieve the ID of the newly
inserted record and use that versus Timestamp, but it's still good practice
to have a Timestamp field.

Ron

"Julesmg" <webforumsuser@macromedia.com> wrote in message
news:e6217m$bs2$1@forums.macromedia.com...
> Hi ppl,
>
> I have a simple form which submits to an Access db and redirects to a
> thanks.asp page displaying the contents entered into the form - basic
> stuff and
> all working like a dream.
>
> Scenario - My problem is that if a user goes to the form and completes it
> to
> get to the thanks page, they could in theory refresh the page after
> another
> user has completed the form and then see the other users information
> instead of
> their own.
>
> My page is simply displaying the last record entered using ORDER BY DESC
> in my
> SQl.
>
> Can someone guide me in the right direction of how to do this correctly so
> that a form user will only ever see data they have personally entered. Do
> I
> need to create a session or use cookies? I have not done this before and
> so
> would welcome any pointers as to how this is done correctly.
>
> Thanks as always
>
> Jules

>

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded