Courses
Sections
Projects
Wiki
News
Forums
Surveys
Mailing Lists| Author | Message |
|---|---|
|
meera halani
Posts: 39
|
Posted 17:53 Jun 04, 2009 |
Hello Professor, I have provided secruity for creating blog but if the user already has blog and some how knows the url for creating a blog and if writes url directly for creating blog then blog is created . is it correct? |
|
cysun
Posts: 2935
|
Posted 20:52 Jun 04, 2009 |
That's not correct. One blog per user is application logic (i.e. it's not a security issue), which should be enforced in your controller code. Last edited by cysun at
20:52 Jun 04, 2009.
|
|
meera halani
Posts: 39
|
Posted 20:57 Jun 04, 2009 |
sir if the user already has blog then i am not provideing link for creating blog but if the person is using url direclty then is able to create blog. |
|
cysun
Posts: 2935
|
Posted 21:01 Jun 04, 2009 |
|
|
meera halani
Posts: 39
|
Posted 21:06 Jun 04, 2009 |
OK |
|
meera halani
Posts: 39
|
Posted 21:28 Jun 04, 2009 |
but if the user tries to use URL directly then on submit where the user should be redirected? |
|
cysun
Posts: 2935
|
Posted 07:25 Jun 05, 2009 |
It should show an error message. Check out the TakeSurveyController and see how to show an error message. |
|
meera halani
Posts: 39
|
Posted 08:11 Jun 05, 2009 |
When a user already has a blog it gives an error as you already have a blog and on clicking ok button it redirects to home page. IS this correct? Last edited by meera halani at
08:12 Jun 05, 2009.
|
|
cysun
Posts: 2935
|
Posted 08:33 Jun 05, 2009 |
Yes. |
