|
|
|
|
|
|
|
|
|
|
- Why configure the "Back" button? Let's see a simple example...
- Step 1: Displaying the list of suppliers
- Step 2: Clicking the "Customers" tab
- Step 3: Clicking the "Back" button
- How to configure the "Back" button?
- "Back" button configuration example
13. Security advantage: "Back" button
A browser allows you to navigate through the different pages of a site using the "Next" and "Back" buttons. Each time a new Session page is displayed in the browser, a specific page session is created on the server. When the same Session page is used to display different data (page with a table based on a data file, loopers or "Form with browse" page, etc.), the page session is updated on the server side with the data displayed. When the user clicks the "Back" button, the browser doesn't send any update request to the site or the server. The browser goes back to the previous page with the last session information updated on the server. No specific operation is required when clicking the "Back" button to return to a previous page. However, a specific operation is required when the same Session page displays different data. Why configure the "Back" button? Let's see a simple example... Let's take a look at a simple example where the Back button has not been configured: A Session page that displays a list of suppliers and customers. Step 1: Displaying the list of suppliers
The session contains the list of suppliers displayed in the Table control. Step 2: Clicking the "Customers" tab
The list of customers is displayed. The page session is updated on the server. The session contains the list of elements displayed in the Table control (list of customers). Step 3: Clicking the "Back" button
The Session page displayed in the browser corresponds to the page displayed in step 1. However, the browser didn't send any update request to the server after the user clicked the "Back" button. The page session on the server side is still the one with the list of customers. If the user selects an element (a supplier) in the Table control, it will correspond to the server-side session data (i.e. a customer). The page displayed in the browser is not synchronized with the page session on the server side. The WEBDEV engine detects this desynchronization. This is why the Back button must be configured. How to configure the "Back" button? To configure the "Back" button, you can use: - the page synchronization code in Session mode. This code is called if a synchronization issue occurs.
- a hidden Edit control (invisible Edit control) to identify the record displayed in the browser.
- the option "Call page synchronization process if the user pressed the Back button" on your buttons and/or links ("Advanced" tab of the button description).
You can choose and combine either of these options according to the type of action that can be performed in the page in Session mode. "Back" button configuration example You can use dynamic pages to navigate through the different products of a website. These pages can contain the following buttons: - Back to main menu
You don't need to configure the "Back" button for this action. This button doesn't use data files. Therefore, desynchronization between the session on the server side and the page has no effect. - Delete the current product
The "Delete the current product" action handles a data file. It is important that the deleted record corresponds to the record viewed by the user.
To configure the "Back" button, it is recommend to use:- a hidden control in the dynamic page. This control will contain the identifier of the record actually displayed in the browser.
- the synchronization code. This code updates the session (searches for the record viewed by the user).
The following actions will be executed in the synchronization code: - The record corresponding to the identifier stored in the hidden control is read.
- If the record is not found, an error page is displayed and the code of the "Delete" button is not executed.
- If the record is found, the page session is automatically updated on the server and the code of the "Delete" button is executed.
Total security! |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|