Ok guys, I think you're beating a dead horse, the idea is understood, and there are quite a few ways to do what is needed, there have been like 30 posts on this... On Tue, 21 Sep 2004 14:12:43 -0400, John Holmes <holmes072000@xxxxxxxxxxx> wrote: > From: "Stuart Felenstein" <stuart4m@xxxxxxxxx> > > > I still want to pass the id's through hidden. > > > > So the html in the first form looks like this: > > > > <input name="hiddenField" type="hidden" > > value="recordID"> > > <input name="hiddenField" type="hidden" value="user > > id"></td> > > > > Form is set to post. > > Why would you pass UserID in the form when you turn around and pull it from > the session in your code? It's a waste. > > Also, with the above, if I were to change UserID to 5 (assuming that a valid > userID) and recordID to 20 (assuming that's a valid recordID that userID 5 > has access to), would I be able to see the record? I shouldn't be... > > ---John Holmes... > > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- <<-------------------------------------------------------- Jasper Howard - Database Administration ApexEleven.com 530 559 0107 ------------------------------------------------------->> -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
