Nilson Santos Figueiredo Junior wrote: > On 2/21/07, Jonathan Rockway <[EMAIL PROTECTED]> wrote: >> The idea is to let the user know why their action failed, not to pop up >> messages saying "something might fail in the future!" Plus it's easier >> to implement, and works with every browser. > > I've been a victim of web applications designed like this for several > times. It all seems like a good idea until you spend a long time > filling a form or writing a piece of text only to find out that you've > been logged out and your last 10 minutes were suddenly trashed. > > If you're *only* using server-side checks be sure to never drop user > submitted data when their session has timed out otherwise it might > become a major PITA for your users.
That goes without saying :) It's probably worth it for someone to write an abstraction that automates this: 1) Session expired; save $c->req->params and the intended action 2) Require authentication 3) restore params, forward to the saved intended action. Unfortunately I've only done this in my mini-PHP framework at $job. -- package JAPH;use Catalyst qw/-Debug/;($;=JAPH)->config(name => do { $,.=reverse qw[Jonathan tsu rehton lre rekca Rockway][$_].[split //, ";$;"]->[$_].q; ;for 1..4;$,=~s;^.;;;$,});$;->setup; _______________________________________________ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/