On Mon, Jun 1, 2009 at 12:32 PM, Matthew McKay <m...@mattmckay.org> wrote:
> It would be much simpler and cleaner to use Javascript to modify the form's
> action attribute onClick.

Not really. What about clients who don't have Javascript installed?
What about users who want to either do something nefarious or just to
see what happens,  - exposing your "Delete my record"-specific PHP
code could potentially cause security holes. The less of your internal
interface/structure you expose to the end user, the less easy it is
for the casual script kiddies to find the security holes that you have
(and yes, everyone has them... ;)  )


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to