Solved

ColdFusion : Page/Form Sequences

Posted on 2013-06-17
14
312 Views
Last Modified: 2013-06-18
Hi Experts,

I have a user function that spans over 4 form/pages.  Let's say it's an application sign up process for argument sake.  Each page has Step 1, Step 2, Step 3, or Step 4 highlighted for the user.  "Next" and "Previous" buttons back the user up or submit the form for processing to the next step.

OK.  Question:  How do I ensure that someone on (say ) Page3, just came from Page2 and did not use a bookmark to get directly to the step?




I have a few of my own ideas but I don't want to say right now :)

FYI.  We are on ColdFusion 8.01 right now.  Going to 10 soon.

Thanks in advance,
hefterr
0
Comment
Question by:hefterr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
  • 2
14 Comments
 
LVL 29

Accepted Solution

by:
Pravin Asar earned 250 total points
ID: 39254607
DO you manage the session ?

Set up ( or update) a session variable for "Step" once user completes a page

 [ you can delete the variable once a form has been successfully processed].

This may be used to indicate the last step  user visited.

If session variable does not exist ?
   He started a fresh session, send him to Step 1
Else
   Take him to the last step he has completed.
0
 
LVL 1

Author Comment

by:hefterr
ID: 39254762
Hi pravinasar,
This is basically what I do but users can navigate away and come back again.  I guess that's OK.

In Your example:
If session variable does not exist ?
   He started a fresh session, send him to Step 1
Else
   Take him to the last step he has completed


What happens if he is still on the same page (not yet completed)?  Perhaps you mean the next page not yet completed?  If on that page, then continue?  I will be redisplaying the same page when errors are found.

Do you every use the CGI.referrer variable?  I think I heard this is not always honored by all browsers?
0
 
LVL 29

Assisted Solution

by:Pravin Asar
Pravin Asar earned 250 total points
ID: 39255889
Only after he completes  a step, you will update the session variable,
So based on the variable, you will send him to next step.

[if he not completed a the step, but revisits the page, this logic will send him to appropriate step.

You cannot modify the CGI variables, as these are passed with every request (post/get) from browser to server.

You can either use ColdFusion Session variables or Browser cookies.

Also another option is use ColdFusion client variables, which I think your case, is a overkill.
0
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

 
LVL 1

Author Comment

by:hefterr
ID: 39256119
I guess what I meant by the CGI.referrer is that

<cfif not exisits  "form.mybutton">  first time in page
   <cfif CGI.referrer neq  LastPage>
      send user to 1st page
   </cfif
<cfif/>

hefterr
0
 
LVL 52

Assisted Solution

by:_agx_
_agx_ earned 250 total points
ID: 39256167
Do you every use the CGI.referrer variable?  I think I heard this is not always honored by all browsers?

Yes, it's not always present. Browsers or firewall software can block it from being sent at all.  Plus, since it comes from the client it can be spoofed. So you shouldn't use it for anything important.

Session variables or cookies are a better choice. Keep in mind someone could still clear cookies or close/reopen the browser and get back to the 1st page.  There's no 100% fool-proof way of preventing an unknown/anonymous user from going back to page 1. If the pages are protected by a login, then you'd have full control, but that's unlikely given that this is a sign-up form.
0
 
LVL 1

Author Comment

by:hefterr
ID: 39256443
Hi agx,
I am using session variables,  just wanted to see how folks were using them exactly.

hefterr
0
 
LVL 52

Assisted Solution

by:_agx_
_agx_ earned 250 total points
ID: 39256601
I never use referrer for anything but informational purposes. In this scenario I'd choose session variables too, but with the expectation that - absent authentication, nothing is going to be 100% foolproof.
0
 
LVL 1

Author Comment

by:hefterr
ID: 39256943
Do you differentiate the first time into a program (no form variables exist) versus reprocessing of the page (form variables exist)?  The "first time" can be subverted by a cache version being used.
0
 
LVL 52

Assisted Solution

by:_agx_
_agx_ earned 250 total points
ID: 39257018
Yes and no.  If you're using POST, the submit can't be cached. The browser would warn that the page has expired and the data must be resent - though they could always click "yes" and re-submit the data.  What's your concern with a re-submit? In other words, what "bad" things would happen if you didn't prevent it? There may be ways around it, like storing the info in a temp table or session variables, but it depends on the problem scope...
0
 
LVL 1

Author Comment

by:hefterr
ID: 39257073
My first time into the page, I check to see if the page data needs to be migrated to the temp tables.  If the do a "repost from cache", this will be missed and an ABORT will occur when a variable is not found.

This is OK, I guess, as they will be sent to an application.CFC directed generic page and they are doing something they shouldn't.

OK - I think I have enough.
0
 
LVL 52

Assisted Solution

by:_agx_
_agx_ earned 250 total points
ID: 39257102
Unless I'm misunderstanding what you mean by "repost from cache", that's not what would happen.. If they click "yes" and re-post, the form variables will exist. So it won't appear any different than the initial submit.
0
 
LVL 1

Author Comment

by:hefterr
ID: 39257437
Hi agx,
Yes I understand.  That could cause me a problem when I do processing only on the initial display of the page (no form variables exist) - as this processing will be bypassed.

But that's somewhat the user's fault for trying to trick the system.
0
 
LVL 1

Author Closing Comment

by:hefterr
ID: 39257457
Thanks for your feedback.  This new point system just drove me nuts.  Sorry if I messed it up?
0
 
LVL 52

Expert Comment

by:_agx_
ID: 39257606
>  when I do processing only on the initial display of the page

Doh! I misunderstood your last question. I thought you were asking about submitting twice .. but I see what you're getting at now.
0

Featured Post

More Than Just A Video Library

Train for your certification. Learn the latest DevOps tools. Grow your skillset to do better work.

At Linux Academy, we release new training modules every week so you'll always be up to date on the latest tech.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, I was working on some optimization and spam-stopping techniques when I encountered Ben Nadel's post to reduce spam feature using Math (http://www.bennadel.com/blog/197-How-I-Stop-Spammers-On-My-ColdFusion-Blog.htm). While this method is not o…
CFGRID Custom Functionality Series -  Part 1 Hi Guys, I was once asked how it is possible to to add a hyperlink in the cfgrid and open the window to show the data. Now this is quite simple, I have to use the EXT JS library for this and I achiev…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question