[html-formfu] Securely set the account status
Ascii King
tech at swattermatter.com
Fri May 8 16:28:07 GMT 2009
I am using Catalyst and the Authentication plugin to handle logins. I
have a field called status which I use to determine if the account has
been activated or not. The three settings for this field are 'Active',
'Disabled' and 'Requested'.
How can I securely set the field to 'Requested' from the registration page?
If I create a hidden field called 'status' and set it to 'Disabled' in
the .yml, then couldn't someone on the web could submit a request where
the field has been set to 'Active'? i am looking for some way to set
the field to Requested in the subroutine that calls the page, rather
than on the page itself.
I know it's easy, but I can't figure it out.
More information about the HTML-FormFu
mailing list