On Friday, August 5, 2016 at 12:06:41 PM UTC-7, Anthony wrote: > > How about simply sending the user a link with a timestamp in the query > string and a digital signature? Then only allow the operation if the > signature is valid and the current time is prior to the timestamp. If you > need to ensure the same user cannot submit the form more than once using > the same link, you could add a unique code to the URL and store that code > in the database with the form submission -- then don't allow submissions > with codes that are already in the database. > > Anthony >
Okay. That sounds pretty straight forward. I take a look at this, and see how well I understood your suggestion. Thanks! /dps > > On Thursday, August 4, 2016 at 10:09:56 PM UTC-4, Dave S wrote: >> >> For support issues, I can imagine having a "one time account". That is, >> the account is created, info sent to the person-being-supported, p-b-s logs >> in and gets a form page to do what needs to be done, and then is logged out >> and the account disabled. Any good way to do that without having an admin >> sitting around watching for p-b-s to show up? >> >> I would probably prefer (as a potential p-b-s) to have a time-limited >> account, where the login queues a scheduler task that in n hours or n days >> or whatever does the disabling. That way, if p-b-s messes up on the first >> try at the form, there's a grace period for getting it right. But the >> original scheme could mostly handle that by having an admin (or support >> person) re-enable the account. If the support person is the one who >> recognizes the error, that would be a natural way of handling it. >> >> Thoughts? >> >> /dps >> >> >> >> -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.