On Tuesday 18 March 2003 17:24, Christian Rosentreter wrote: > use > > <input type="hidden" name="<name>" value="<your sensitve data>"> > > for transporting sensitive data.
That is not secure at all. > > can edit it and > > update the database. > > now I am running into walls. Some of the data is sensitive > > and can't be > > changed. But the only way I know how to display data > > so that it can't be edited directly is in a normal table > > format or print. For the data that cannot/should not be changed, quite simply do not accept that value from the user. Just re-read its value from your own records. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * ------------------------------------------ Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general ------------------------------------------ /* Where it is a duty to worship the sun it is pretty sure to be a crime to examine the laws of heat. -- Christopher Morley */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php