[Tutor] Design suggestion - is a cookie the answer?

Python python at venix.com
Mon Jan 16 22:09:10 CET 2006

On Mon, 2006-01-16 at 01:12 +0000, Alan Gauld wrote:
> > I'm sure this is implied in Alan's post, but I'm going to point it
> out
> ...
> > To avoid further cheating you might want to sure there is no way to
> > submit the form without javascript turned on. E.g. Don't have a
> submit
> > button and a form with an 'onSubmit' validation. Which some examples
> > do use. Otherwise, they can just turn off Javascript support in
> their
> > browser and bypass your validation.

Javascript might be the appropriate level of paranoia for your
situation, however, remember that people do not have to use your form to
submit data to your web script.  An enterprising student could save the
form and edit it him(her)self to bypass any javascript checks or even
synthesize their own submit data (e.g. use urllib to supply answers).  

There is no check to make sure that the answers fed back to the script
fit the problems that were written out in the form.  Of course any kid
who could figure out how to maximize points cheating your script can
probably handle simple multiplication.

I liked the variable name insertpupilsnick.  If Dr Seuss had written a
book on programming, I'm sure it would have had variable names like

Lloyd Kvam
Venix Corp

More information about the Tutor mailing list