Django: Managing Session Variables to manage the browser back button

Question

I am creating a web based Mock test paper, which needs to be fairly secure.

The needs are Each question can be attempted and answered just once. All are multiple Choice questions Once a question is answered and the submit pressed, then that session must expire, and the same question must not appear either through back button or some other way.

In case the browser crashes or the system crashes, the student must be able to go back to the last question which was being attempted, and not yet answered and submitted.

What would be the best strategies to adopt while implementing it in Django. How do you automatically kill the session, once the submit button is pressed? And how do you ensure that by pressing the back button, you are not able to access a question attempted and answered?

I tried googling, but I am not able to point to resources that would guide me better. I have seen django sessions documents, but I am not sure whether I know the right way to do this. Any suggestions can help

Answer 1

And how do you ensure that by pressing the back button, you are not able to access a question attempted and answered?

Post-Redirect-Get. http://en.wikipedia.org/wiki/Post/Redirect/Get

How do you automatically kill the session, once the submit button is pressed?

Doesn't really make sense. You don't need to 'kill' the session. You need to do two things.

1. Update the database entry for this user to indicate how far they've gotten.

2. Update the session to indicate how far they've gotten.

Don't try to "kill" the session. Keep the session information (and the underlying database) correct.

Killing the session will only force them to login again -- which is merely annoying. Further, when they login again, the database must be correct or they'll start the test again. So, you only need to keep the database and session synchronized.