html - Stop a session being overwritten -


I have a code that generates random numbers between 1 and 1000. It then stores that session as a session. You will then receive an email from the printed session in a form and submit it, but the problem occurs when you submit a form (two on the page) refreshes this random number and making the session invalid Reset

HTML 

  & lt; Form action = "cantaccess.asp" method = "post" & gt; & Lt; P & gt; Email: & lt; Input type = "text" name = "inputtedEmail" value = "" /> & lt; / P & gt; & Lt; Input type = "submit" name = "submitEmail" value = "submit" /> & Lt; / Form & gt; & Lt; Form action = "cantaccess.asp" method = "post" & gt; & Lt; P & gt; Code: & lt; Input type = "text" name = "inputted code" value = "" /> & Lt; / P & gt; & Lt; Input type = "submit" name = "submitcode" value = "submit" /> & Lt; / Form & gt;

ASP 

  declares the variable for the random number that will be sent and the blank unique code ' Random generator random () 'GenCating a random number between 1 and 1000 unique code = CINT (int ((1000 * Rnd ()) 1) Write it for the answer to the test purposes. Write (Unique Copy) 'to save the code as a one-time Session ("parent code") to save the code = Unique session session. Timeout = 1

I think the main problem you have is that the session timeout (After standard 20 minutes) you do not have access to the random number sent because you only store it in a session variable.

Now the only way for a user to access his page is when he receives an email with the "code" within the timeout value of the session and during that time your site is again Reviews.

To continue with that number and email address in any other way (e.g., database).

If you really want to apply it, as you describe the solution for, then you have to check whether the form field "input" value is present. If this is present then you should not generate a random number. 

  if request.form ("inputted") & lt; & Gt; "" And numerical (request.form ("inputted") and request.form ("input")> gt; = 1 and request.form ("inputted") & lt; = 1000 Then if request.form ("inputted") = session ("generated") then 'session value and input value are equal, but you are not sure that the user you sent has been entered in your form ! End if other 'generates random numbers and store it and send email end if

Another thought: Do you have a random number of inputs for that e-mail address Do you check that you sent? Otherwise I can try to fill the form and put in some number and access the taboo page without receiving the email with the "code". 1000 possibilities are not too much.


Comments

Post a Comment

Popular posts from this blog

ios - How do I use CFArrayRef in Swift? -

I am using Objective-class in my Swift Project through a bridging header. The method signature looks like this: - Some cement (some type) some parameters; I started by getting an example of class, calling method, and storing the value: var myInstance = MyClassWithThatMethod (); Var cfArr = myInstance.someMethod (some value); Then try to get the value in the array: var valueInArrayThatIWant = CFArrayGetValueAtIndex (cfArr, 0); However, I get the error unmanaged & lt; Cfarray & gt; Not like 'CFArray' . Unmanaged & lt; Cfarray & gt; also means? I looked, but I do not need to change the array in a fast array (though it would be good). I need to be able to get value from the array. I also tried CFArray method to pass in a function: func doSomeStuffOnArray (myArray: NSArray) {} Although I get the same error when using: doSomeStuffOnArray (cfArr); // unmanaged & lt; CFArray & gt; I am using CFArray because I want to sto...
Read more

eclipse plugin - Run java code error: Workspace is closed -

To create an automated project, I created a plug-in project with the following dependencies: Org.eclipse.core.resources org.eclipse.equinox.registry org.eclipse.core.runtime and the following The Java class is located in the src folder: Package Examiner; Import org.eclipse.core.resources.IProject; Import org.eclipse.core.resources.IWorkspaceRoot; Import org.eclipse.core.resources.ResourcesPlugin; Import org.eclipse.core.runtime.CoreException; Import org.eclipse.core.runtime.IProgressMonitor; Import org.eclipse.core.runtime.NullProgressMonitor; Public class tes {public static zero main (string [] args) {// TODO auto generated method stub IProgressMonitor progress monitor = new NullProgressMonitor (); IWorkspaceRoot root = ResourcesPlugin.getWorkspace (). GetRoot (); Ipoject project = root.jetproject ("desired projectname"); Try {Project.create (progress monitor); Project.open (progressMonitor); } Grip (CoreException E) {// TODO Auto generated blocking block e....
Read more

c - Error on building source code in VC 6 -

When I create my project in VC6, the BScMKE reports the following error Linking .. Creating Library ... .. / ... / PB / Bean / Debub / ICEERP.Lib and Object ........ P.B. / Bean / DBube / ICREPlay.APP Browse information file ... BSMMK: ​​error can not be read from BK 1505: file '../../PB/bin/TmpOut/ICReplay/Debug/ICReplay_PB.bsc' Error executing bscmake.exe Can someone help me? 2 Reason for reference from: "ICReplay_PB .bsc "file will be corrupted The trunk of the file will be happening with the compiler running out of disk space or is being interrupted when creating .sbr file I think this answer will help you!
Read more