YEs, and appending something like &discountpercent=100 :-)
>
> By substituting the location of the action page, which is usually a
> relative URL, with the absolute URL of the action page and pressing
> "Submit".
>
> Jochem
>
>
Phoeun Pha wrote:
> "Security
> Don't use hidden fields to pass any sensitive or important variable
> (e.g., "price" or a limitation on record set returns). While it's less
> of a problem with ColdFusion, it takes seconds to hack a page written
> in Perl or any CGI/server-side language that pas
"Security
Don't use hidden fields to pass any sensitive or important variable (e.g.,
"price" or a limitation on record set returns).
While it's less of a problem with ColdFusion, it takes seconds to hack a
page written in Perl or any CGI/server-side language that passes hidden form
field variables.