On 16 Aug 2009, at 14:02, Arthus Erea wrote:
> Sorry, but I don't see the benefit.But even now we have to specify the field names in both the place we
> Since this is FormUI, we already know the names of the fields we're
create the form, and the place we handle the form data. So yes, you do
have to know what the name of the fields are in the $_POST array.
> That's why I'd prefer a random string. FormUI knows what its lookingUm, how is this making a form more secure? Making the id random means
> for, but it makes the form less vulnerable to sniffing/attack/
you can never target that input with CSS (bad idea.) and to stop
people submitting fake data, just means I request the form before
posting my data, and use the "random" values the form gives me when I
Plus you'd have to store which random values you used for the form
The reason I'm suggesting it is because you could then grab the
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.