On Fri, April 6, 2007 7:44 pm, Mike Shanley wrote: > With POST, everything stays hidden, mostly untamperable, and I must take exception to this statement... Step 1. Use your browser's "Save As..." menu to save the HTML FORM page to your hard drive. Step 2. Change any damn thing you want in the INPUT values, add some extra INPUT, take some away. Step 3. Open your hacked HTML page with your browser's "Open..." menu. Step 4. "Submit" the hacked FORM. In 4 trivial steps, which require no special browser plugins, no super-tricky knowledge, a casual visitor can break a [much too] large percentage of websites "out there" if they so desire. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
