tonyair/silverstripe-multiform
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-multiform synced 2024-10-22 11:05:49 +02:00
Code Issues Projects Releases Wiki Activity

Added TODO about expiration

Browse Source
This commit is contained in:
Sean Harvey 2008-04-19 00:05:02 +00:00
parent 101771a096
commit cb0a14e601
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
code/MultiForm.php
View File

@ -32,6 +32,16 @@ abstract class MultiForm extends Form {
*/ */
protected static $start_step; protected static $start_step;
/**
* Define what type of URL you want to use throughout the step process.
*
* The non-secure way is to go by ID, for example: http://mysite.com/my-form/?MultiFormSessionID=50
* Alternatively, we store a hash, for example: http://mysite.com/my-form/?MultiFormSessionID=de9f2c7fd25e1b3afad3e850bd17d9b100db4b3
*
* @var $url_type either "ID", or "Hash"
*/
protected static $url_type = 'Hash';
static $casting = array( static $casting = array(
'CompletedStepCount' => 'Int', 'CompletedStepCount' => 'Int',
'TotalStepCount' => 'Int', 'TotalStepCount' => 'Int',
@ -69,6 +79,9 @@ abstract class MultiForm extends Form {
* *
* @TODO Security. Currently you're able to just change the ID of MultiFormSessionID in the URL. We need some * @TODO Security. Currently you're able to just change the ID of MultiFormSessionID in the URL. We need some
* sort of identification so you can't just change to another session by changing the ID. * sort of identification so you can't just change to another session by changing the ID.
*
* @TODO Expiration. We need to make sure that these sessions, making use of {@link MultiFormPurgeTask} and
* {@link MultiFormObjectDecorator}
*/ */
public function init() { public function init() {
$startStepClass = $this->stat('start_step'); $startStepClass = $this->stat('start_step');