[html-formfu] Securely set the account status
Moritz Onken
onken at houseofdesign.de
Fri May 8 16:34:59 GMT 2009
use add_valid:
$form->add_valid('status', 'Requested');
$form->model->create; # or whatever you are doing
Am 08.05.2009 um 18:31 schrieb Ascii King:
> I should have mentioned, that I am currently doing it this way.
>
> my $set_status = $form->get_all_element({ name => 'status' });
> $set_status->attributes->{ 'value' } = 'Requested';
>
> But, I know grabbing the element isn't the proper way.
>
> Ascii King wrote:
>> I am using Catalyst and the Authentication plugin to handle logins.
>> I have a field called status which I use to determine if the
>> account has been activated or not. The three settings for this
>> field are 'Active', 'Disabled' and 'Requested'.
>> How can I securely set the field to 'Requested' from the
>> registration page?
>>
>> If I create a hidden field called 'status' and set it to 'Disabled'
>> in the .yml, then couldn't someone on the web could submit a
>> request where the field has been set to 'Active'? i am looking for
>> some way to set the field to Requested in the subroutine that calls
>> the page, rather than on the page itself.
>>
>> I know it's easy, but I can't figure it out.
>>
>> _______________________________________________
>> HTML-FormFu mailing list
>> HTML-FormFu at lists.scsys.co.uk
>> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
>>
>
> _______________________________________________
> HTML-FormFu mailing list
> HTML-FormFu at lists.scsys.co.uk
> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
More information about the HTML-FormFu
mailing list