> -----Mensagem original----- > De: jblanchard > I don't see any problem with the approach, but I would ask why... Because if I write original ids or values matching those on database (or other data source) they can easily be changed on client side, that is the main purpose. Another purpose is to easily allow forward/back on a form with several steps without showing the 'internal step' and avoid the "The page you requested has expired"; Increased security (I think, that's why I posted) because the encryption key is different for every user/visit to the site (not page). The project in question has several long forms and different types of payments (sms, unique cc number, etc). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
