Announcement Announcement Module
No announcement yet.
Problems with multiple instances of same session form Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Problems with multiple instances of same session form


    We have a requirement that more than one form of the same class be open at the same time for edit/view. Ie: edit two different clients at the same time in their own window. But since the forms calls the same FormController, the command put into the session by AbstractController's ShowForm method have the same name and they end up overwriting each other.

    To give a more concrete example:

    1.User requests edit client #1 form
    2.AbstractController put command into session
    3.User request edit client #2 form
    4. AbstractController put command into session, overriting client #1 command
    5.user post client #1 form
    6.Client#2 command is retreived from session instead of client #1

    I've been strugling with this issue for quite a while now and reading post, it seem some have had the same problem before.

    Any ideas or comments would be greatly appreciated.


  • #2
    Option 1.

    Can you make it stateless, i.e. no session usage by that controller?

    What do you need to store in session for that controller?

    Option 2.

    Otherwise, check out protected getFormSessionAttributeName in AbstractFormController.

    You might be able to override this, and then deal with session cleanup yourself.

    I'd try to lean towards option 1, and use hidden fields to store any state. I serialise some more complex page state objects to XML and store that as a hidden field in the page in some rare cases. You have to strip all the CR's out and remove the XML header, but it works ok.


    • #3
      Hmmm...that's a good strategy. However, the problems lies with security and data integrity of state. Hidden fields are too easy to hack and modify with the right tool. Sure I could serialize my object then encrypt it, then convert it to base64 and then store it as a hidden field. But this takes much more network bandwidth. But at the same time it reduces the session memory footprint.

      I still wonder if others have had this issue...


      • #4
        What's wrong with Option 2? It looks clean and reasonably straightforward to me.