how to get Value from Hidden Field With Minimum or maximum SECURE
Question
I'm trying to solve this problem I need to get values from form Following code everything works great
<?php $var = 'Test-123';?>
<form action="go.php" method="post">
<input type="hidden" name="name" value="<?php echo $var;?>" />
<input value="GO_SUBMIT" type="submit">
</form>
The go.php file
<?php echo $_POST["name"]; ?>
But my problem the values of the form not Secure If I use For Example Firebag in the Value form Area I can send other values Although it is hidden is there a way to disable or encrypt this for security purposes
2 answers
solution1
1 2014-02-25 07:32:15
Form values are always visible to client. Form informations are located in user's browser. Let's come to your value change part. Form values are changeable. If you do not want to be changed one of your static variable, you need to put that value in the session on your server, and after user submit the form, you can make a server side validation. The users who want to change form value, can also do that things with curl requests. You can not avoid them. However, you can use csrf token for external form submitting. As a summary, do server side validation in order to be sure for trusting unchangaeable form values
solution2
-1 2014-02-25 07:27:27
You should use Encoding technique. Like in PHP base64_encode( ) function. For Example:
<?php
$str = 'This is an encoded string';
echo base64_encode($str);
?>
Output: VGhpcyBpcyBhbiBlbmNvZGVkIHN0cmluZw==
So noone can send the garbage to corrupt data.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.