While looking around at the CF output to determine my angle of approach to build a new screen I came across some code:
What I am doing it building a time entry system that will list and allow record detail update/editing all from a single page but before I proceed I was wondering what these two lines in the <form> are.
I will be using a semi JS/Ajax approach for changing and updating records while dynamically editing the value of <input type="hidden" name="cf_id" value="1" /> to ensure that the correct record it being modified. But I was wondering what the purpose of the above fields were and if they would have an adverse effect on my form creation.
Thanks!
- Eric
<input type="hidden" name="5ee48a2ecc79fd1c704ca8626b077075" value="1" />
<input type="hidden" name="1cf1" value="38359a4ad70f3e71e3ec2d47dfca7569" />
What I am doing it building a time entry system that will list and allow record detail update/editing all from a single page but before I proceed I was wondering what these two lines in the <form> are.
I will be using a semi JS/Ajax approach for changing and updating records while dynamically editing the value of <input type="hidden" name="cf_id" value="1" /> to ensure that the correct record it being modified. But I was wondering what the purpose of the above fields were and if they would have an adverse effect on my form creation.
Thanks!
- Eric
Hi Eric,
The first one is part of Joomla's 'token-check', which is used to prevent forged posts. The actual name will vary inbetween visits as to prevent malicious users/bots from guessing the value.
The second one is a similar test that is part of CF itself, but currently not in use. I'm not sure 'bout Max' plans for this however.
Altering the first one will prevent data submission unless you disable the token-check in your form setup. Altering any other form controls should not have any effect on the tokencheck however. Unless explicitly destroyed or renewed, the security token should remain the same for the user's session.
/Fredrik
The first one is part of Joomla's 'token-check', which is used to prevent forged posts. The actual name will vary inbetween visits as to prevent malicious users/bots from guessing the value.
The second one is a similar test that is part of CF itself, but currently not in use. I'm not sure 'bout Max' plans for this however.
Altering the first one will prevent data submission unless you disable the token-check in your form setup. Altering any other form controls should not have any effect on the tokencheck however. Unless explicitly destroyed or renewed, the security token should remain the same for the user's session.
/Fredrik
Ok, I was hoping it was something like that. Would it be safe to assume that this value does not change per logged in session?
- Eric
- Eric
This topic is locked and no more replies can be posted.
