Quick Links

Re: Form Design Advice

From:	Colin McGuigan <cmcguigan(at)earthcomber(dot)com>
To:	ross(at)grinz(dot)com
Cc:	pgsql-novice(at)postgresql(dot)org
Subject:	Re: Form Design Advice
Date:	2005-03-04 16:38:05
Message-ID:	42288EED.3010007@earthcomber.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-novice

Ross Gohlke wrote:
> I'm not sure I understand. How could a user send incorrect data types if
> the types are included as hidden fields? Since the variables are
> declared as coming from $_POST, they cannot send anything in the URL.

Nothing stops anyone from copying the "View Source" of a webpage to a
local file, modifying it as they wish, and then pointing their web
browser at the local file and submitting from that.

--Colin McGuigan

In response to

Re: Form Design Advice at 2005-03-04 16:39:36 from Ross Gohlke

Responses

Re: Form Design Advice at 2005-03-04 17:00:24 from Ross Gohlke
Re: Form Design Advice at 2005-03-04 17:35:11 from Geoffrey

Browse pgsql-novice by date

	From	Date	Subject
Next Message	Ross Gohlke	2005-03-04 16:39:36	Re: Form Design Advice
Previous Message	Bruno Wolff III	2005-03-04 15:16:56	Re: Form Design Advice