CGI style -- alternatives to HIDDEN parms?

Keary Suska aksuska at webflyer.com
Thu Aug 2 13:07:27 CDT 2001


That's it--MD5 checksum. I keep forgetting the term. As I understand, MD5 is
accurate to the byte.

Keary Suska
Esoteritech, Inc.
"Leveraging Open Source for a better Internet"

> From: John Evans <evansj at kilnar.com>
> Date: Thu, 2 Aug 2001 12:47:34 -0400 (EDT)
> To: Tim Chambers <tbchambers at yahoo.com>
> Cc: Pikes Peak Perl Mongers <pikes-peak-pm-list at happyfunball.pm.org>
> Subject: Re: CGI style -- alternatives to HIDDEN parms?
> 
> On Thu, 2 Aug 2001, Tim Chambers wrote:
> 
>> I am writing a Perl CGI script that updates some information in a
>> database. The field can be hundreds of lines of text. If the field
>> hasn't been touched, then I don't want to update it in the database.
>> (The database logs updates, and we don't want redudant log entries.)
>> The user will press a Submit button, at which point I need to decide
>> which fields to update in the database. I'm assuming there isn't a
>> simple way of detecting which fields were modified from their initial
>> values. Am I wrong? I see my options this way:
>> 
>> 1. Query the database and compare before deciding whether to update.
>> The downside is that database queries are relatively expensive in time
>> and resources.
>> 
>> 2. Use a HIDDEN parm to forward the original field contents, then
>> compare it with the new value to see if it's changed. But I'm
>> concerned about sending contents (remember -- the field could be
>> hundreds of lines of text) back and forth between client to server.
>> Should I be? I studied http://www.w3.org/TR/html4/interact/forms.html
>> but found nothing talking about length limits on such data.
>> 
>> 3. Cache it on the server somehow. This would just be a cache of the
>> database, though.
> 
> You could get fancy and store a checksum of the field in a hidden field.
> Take the checksum of the original, the checksum of the submitted field and
> see if they match. If they do, then the field was not changed. If they
> don't, you have new information to submit to the database.
> 
> I'm just not sure what the chances are of two totally different sets of
> text generating the same checksum are. I know there are different methods,
> but not sure what the advantages and disadvantages are of those methods.
> 
> I checked to see if there was a way to do it with Javascript, but there is
> no method for doing something like:
> if (FormName.FieldName.hasChanged()) { .... }
> 
> I'm thinking that the best way would be to go with the checksum method,
> but since I don't know much about that, it's just a shot in the dark.
> 
> 
> -- 
> John Evans
> http://evansj.kilnar.com/
> 
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.1
> GCS d- s++:- a- C+++>++++ ULSB++++$ P+++$ L++++$
> E--- W++ N+ o? K? w O- M V PS+ !PE Y+ PGP t(--) 5-- X++(+++)
> R+++ tv+ b+++(++++) DI+++ D++>+++ G+ e h--- r+++ y+++
> ------END GEEK CODE BLOCK------
> 
> 




More information about the Pikes-peak-pm mailing list