Answer: Modiying values in html form

( #140685=categorized answer: print w/ replies, xml )

Need Help??

You have several options:

You can use $ENV{HTTP_REFERER} (or more simpler $cgi->referer) to make sure that your script is being submitted from the right place.
You could do a MD5 checksum of all the hidden fields to makre sure they haven't changed
You could use something like CGI::EncryptForm to encrypt the data so it can't be changed
You could not store anything in hidden fields and use sessions instead (see Apache::Session)

You definatly don't want to accept things like prices from form fields (I know of one major e-commerce system that does).

Hope this helps.

gav^

Comment on Answer: Modiying values in html form

Chatterbox^?

How do I use this? | Other CB clients

Other Users^?

Others browsing the Monastery: (11)

As of 2013-05-21 01:32 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?