Don't ask to ask, just ask | |
PerlMonks |
Re: Modiying values in html formby Anonymous Monk |
on Nov 03, 2013 at 18:32 UTC ( [id://1061058]=note: print w/replies, xml ) | Need Help?? |
You should store anything of value server-side (usually in a database or session), but the other way of protecting those is including a signature as a hidden field in the form. Something like sha1(concatenate($longsecrettoken, %importantformfields)) should be enough (but I'm not a cryptographer so don't quote me on that).
In Section
Seekers of Perl Wisdom
|
|