Hi,
I'm not really sure exactly how the question should be phrased, so please be patient if I ask the wrong thing.
I'm writing an ASP.NET application using VB as the code behind language. I have a data access class that connects to the DB to run the query (parameterized, of course), and another class to perform the validation tasks - I access this class from my aspx page.
What I would like is to be able to store the data server side and wait for the user to choose from a few options based on the validity of the data. But unless my understanding is completely off, having persistent data objects on the server will give problems when multiple users connect?
My ultimate goal is that once the data has been validated the end user can't modify it. Currently I'm validating the data, but I still have to retrieve it from the web form AFTER the user says OK, which obviously leaves open the possibility of injecting bad data either accidentally (unlikely) or on purpose (also unlikely for the use, but I'd prefer not to take the chance).
So am I completely off in my understanding? If so, can someone point me to a resource that provides some instructions on keeping persistent data on the server, or provide instruction?
Thanks!
Concrete Example:
We recently hired Inspector Gadget to insert data for the Sign Inspectors who go 'round inspecting the highway signs to make sure none of them have been mangled or stolen by bubble-gum chewing, normally upstanding members of the youth city council.
If Gadget can prove his mettle then he might get promoted to do the actual sign inspections. For now, his only job consists of going to this intranet site an inputing information about the most recent inspections. The district, county, route #, section of road, and dates the sign was installed and inspected.
Of course any of us who were alive in the late 80's are familiar with Gadgets ineptitude. So the site is about as Gadget proof as we can make it. The district/county/route is all filled out through a dropdown list, he only has to manually enter the section start and end and the dates. On occasion he fumbles the mouse and ends out swapping the begin and end of the section, doh! So the text turns red to alert him of the mistake. Unfortunately he chose to wear his anti-red sunglasses today that turn all red colors to black. Well, after attempting to submit the data it shows him an error message telling him where and what he needs to fix. Unfortunately he fat fingered the keyboard and instead of inputting 1.337 he put in 13.37 (miles)- and the road is only 10 miles long! Well, now a message (a modal div) pops up and tells him that the real mileage for the road is 0-10, and that his entry will combine three sections of the road. Then he is given three buttons to choose from. Cancel, which allows him to go and modify his data, Constrain, which will convert 13.37 to 10, and Override which will allow him to input that data anyway.
"Yowza!" Gadget exclaimed, and clicked cancel to go back and fix his mistake. Well the next set of data he input correctly, so a confirmation message popped up showing him the changes he was about to make and asking if it was OK to continue. Well, unfortunately Inspector Gadget knocked over his coffee cup, scattering detritus across his desk. In his haste to clean it up, he clicked "OK", but not before his Go-Go-Gadget electro-magnet accidentally flipped a few bits on his computer, changing the county in the form from ARKANSAS to AKRSANAS, doh!
Had the data been stored on the server across campus, and the only information passed was "OK" or "Cancel", this would have been avoided.
Of course I can always validate again after the "OK", but it just seems like a hacky workaround.
Anyhow, I hope this clarifies!