On Fri, 27 May 2005, Uri Guttman wrote: > >>>>> "JR" == Jim Rose <[EMAIL PROTECTED]> writes: > > JR> I'm missing something here. Why can't you just test to see > JR> if the variable is defined or not on your script? > > because he doesn't know in the code what the list of fields is.
This probably -- read, "is" -- insane, but why not force the form to have in it a hidden field with the URL from which the page was served? If that information is available, then the server script can grab its own copy of the HTML, compare what it has against what it received from the client, and then fill in any missing fields as needed. The performance would suck, the load on the server will go up, it would all be more complicated to write & maintain, and there's probably at least half a dozen good reasons why it wouldn't be reliable under lots of circumstances. But, once you get past all that, it would, if nothing else, provide a reasonable shot at comparing what was in the original form to what was submitted by the client. That or figure out a way to submit the HTML itself as another field, but I suspect that wouldn't be possible without Javascript trickery, which we've already ruled out as being unviable. That or just don't allow page authors to put any old random crap into the form like this :-) -- Chris Devers _______________________________________________ Boston-pm mailing list Boston-pm@mail.pm.org http://mail.pm.org/mailman/listinfo/boston-pm
