>So what would be the best option to stop people from doing this?
>i.e. is there a better way instead of passing hidden parameters?
You could use session tracking and remember what needed in a session:
like this:
in the first servlet :
Session s= request.getSession(false);
String field1="1";
s.putValue("fieldvalue1",field1);
and in the other servlets :
Session s= request.getSession(false);
String field1;
filed1=(String)s.getValue("fieldvalue1");
and if necesary
s.removeValue("fieldvalue1");
or
s.putValue("fieldvalue1",newvalue);
Note : not every web server knows session tracking
Please see some docs about the Sessions for more information
p.s. If you have problems, just ask
Best wishes ,
Andras
p.s. Maybe you should wait another people's opnions too
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
