Avoiding hidden form fields

Hidden fields in a form can be useful, but they can also pose a huge security risk. Take an example of a web page which allows a user to edit a customer’s details.

Using a browser add-on such as Firebug it’s very easy for a user to change the value of that customer_id field…


Read More