[thelist] Passing a very large data session-wide.

VOLKAN ÖZÇELİK volkan.ozcelik at gmail.com
Fri Sep 9 10:14:02 CDT 2005

> Storing the individual customer reports in the session object?
> Why not batch the reports to a secure directory structure
> and then use the session object to maintain authentication,
> (after login), for access to the appropriate file(s) instead?
> I guess I'm not seeing the reason for storing the data itself
> in the session object. What purpose does that have?

It is not essentially be stored in the session.
Some more information may be useful.
1. The client/agent loads an html file from server in preview mode
(with preview watermarks on it).
2. Then he presses a button on the GUI (print) which sends the content
on the screen to the printer.
3. Then we mark the file as "printed" in db. Which removes some (but
not all) modification rights from the client. That is, he can
change/update certain fields, append some extra stuff to the file
which can only be appended if it passes certain
server-side + administrative validation and marked as "ready to be printed".

The "ready to be printed" copy, the copy the client prints and the one
we store in db for reference and logging have to be identical.

And that's not actually a report, it's rather some sort of a legal
agreement/transaction which allows certain benefits given that the
client's client  pays some money to the client (not very explanatory
huh? :) ).

In short parts of the final copy cannot be altered and to validate it
in case a conflict occurs we store an identical copy of each printed
valuable paper on the DB as well.

> [If you charge 'per view', then surely you could run your billing
> off the log files.]

So what is valuable is the printed and stamped paper (we cannot charge
per log files) And we do not charge on a "per view" basis. Users are
free to view the preview copy. But when they print it, they legally
accept that what they print is a candidate to be the final version.

> <a different alternative />
> Ummm ... Just for the record, there are prepackaged report
> writer solutions that handle things like this.
> IIRC one of the major US stock exchanges, (NYSE?, AMEX?), used
> to use a package called Brio to {batch} create thousands of web
> accessible client reports on a daily basis.  [And I kinda doubt
> your security (no pun intended) / legal requirements are stricter
> than theirs.]

For the real reporting stuff (that we do on weekly and monthly basis)
we plan to purchase a reporting package when the project settles down.
Currently, our custom reporting application is good enough, since
reports are taken by only at most 30-50 managerial/administrative
personell which have special access rights. Ordinary agents are not
allowed to take reports. Plus reports do not count as money (provided
that they are not sold to competing firms :) )

Hope this is somewhat clearer.

And thank you Ron for your recommendation. I'll consider the secure
directory structure / file server as well. But it's early for a
reporting package (at least the top-level management thinks so).


More information about the thelist mailing list