Regarding Session Variables -
Can't the session be set to expire , so that if
someone tried to reload later it would fail ?
Stuart
--- Frank Flynn <[EMAIL PROTECTED]> wrote:
> Using hidden fields is not less secure than using
> visible fields - or
> session variables which were filled out by
Using hidden fields is not less secure than using visible fields - or
session variables which were filled out by end user input.
Hidden fields can be modified but so can any other field and you need
to check that the values you receive are expected and proper before you
process them. There are
> Not sure if I posted about this yesterday, anyway new
> question.
> I'm building a multi page form. So I"m using hidden
> fields and echoing them to the next page in the loop.
>
> Now someone tells me this is dangerous.
> "because someone can save the final page (with most
> of the hidden value
