[html-formfu] Securely set the account status
Ascii King
tech at swattermatter.com
Fri May 8 16:31:21 GMT 2009
I should have mentioned, that I am currently doing it this way.
my $set_status = $form->get_all_element({ name => 'status' });
$set_status->attributes->{ 'value' } = 'Requested';
But, I know grabbing the element isn't the proper way.
Ascii King wrote:
> I am using Catalyst and the Authentication plugin to handle logins. I
> have a field called status which I use to determine if the account has
> been activated or not. The three settings for this field are 'Active',
> 'Disabled' and 'Requested'.
> How can I securely set the field to 'Requested' from the registration
> page?
>
> If I create a hidden field called 'status' and set it to 'Disabled' in
> the .yml, then couldn't someone on the web could submit a request
> where the field has been set to 'Active'? i am looking for some way
> to set the field to Requested in the subroutine that calls the page,
> rather than on the page itself.
>
> I know it's easy, but I can't figure it out.
>
> _______________________________________________
> HTML-FormFu mailing list
> HTML-FormFu at lists.scsys.co.uk
> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
>
More information about the HTML-FormFu
mailing list