form-session-id — insert hidden form field containing the session ID
It is necessary to include the Interchange session ID on HTML forms when
users are not accepting cookies, or they might lose the session information.
The [form-session-id]
tag inserts the appropriate hidden form field
containing session ID on a page, but only when necessary.
In most cases, the tag will insert the
hidden form field (that is, when users are not accepting cookies or public
display of session IDs — no_session_id
— is not disabled).
It will not, however, insert the field if
the user is accepting browser cookies
and no_session_id
is enabled.
Example: Simple form with an optional session ID form field
Here's a very simple login form. As you can see, all you have to do to
include the session ID on the form is to include [form-session-id]
somewhere in it.
<form action="[process secure=1]" method="POST"> <input type="hidden" name="mv_todo" value="return"> <input type="hidden" name="mv_click" value="Login"> <input type="hidden" name="mv_failpage" value="login"> <input type="hidden" name="mv_successpage" value="[either][scratchd mv_successpage][or]member/service[/either]"> <input type="hidden" name="mv_nextpage" value="index"> [form-session-id] [L]Username[/L]: <input name="mv_username" value="[scratch cookie_username]"><br/> [L]Password[/L]: <input type="password" name="mv_password" VALUE=""><br/> <input class="button3" type=submit value="[L]Log In[/L]"> </form>
Interchange 5.9.0:
Source: code/SystemTag/form_session_id.coretag
Lines: 16
# Copyright 2005-2007 Interchange Development Group and others # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. See the LICENSE file for details. # # $Id: form_session_id.coretag,v 1.3 2007-03-30 23:40:49 pajamian Exp $ UserTag form-session-id Version $Revision: 1.3 $ UserTag form-session-id Routine <<EOR sub { return if $Vend::Cookie and $::Scratch->{mv_no_session_id}; return qq{<input type="hidden" name="mv_session_id" value="$Vend::SessionID"$Vend::Xtrailer>}; } EOR