Regarding Session Variables - 

Can't the session be set to expire , so that if
someone tried to reload later it would fail ?


--- Frank Flynn <[EMAIL PROTECTED]> wrote:

> Using hidden fields is not less secure than using
> visible fields - or 
> session variables which were filled out by end user
> input.
> Hidden fields can be modified but so can any other
> field and you need 
> to check that the values you receive are expected
> and proper before you 
> process them.  There are probably some good articles
> on this (better 
> than what I can come up with off the top of my head)
> but for each field 
> you need to check:

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to