This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

All other Modules /

Discuss all other Modules here.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

MultiForm | Sessions missuse / abuse

1215 Views

Dimmy

Community Member, 2 Posts

19 February 2010 at 10:25pm

Edited: 19/02/2010 10:40pm

Hello,

I was wondering on how to make sure that a session is only used by one person.
we had the next senario that an employee of us wanted to share the link to the form with lots of clients and copied a link similar to this:
www.domainame.tld/contactus/?MultiFormSessionID=a6f9a3076403068260a9057c93b488afee99e407

so now we got like 8 clients that used that url to start the 5step form session. and all those where saved so the db was updated I think each time a new client used that link.

is there a way to set a cookie or a check that looks at the session in combination with a cookie and a timeout of 1 hour maybe and that that sessionid can not be used again?

Return to top