Ross Gohlke wrote:
> I'm not sure I understand. How could a user send incorrect data types if
> the types are included as hidden fields? Since the variables are
> declared as coming from $_POST, they cannot send anything in the URL.
Nothing stops anyone from copying the "View Source" of a webpage to a
local file, modifying it as they wish, and then pointing their web
browser at the local file and submitting from that.
--Colin McGuigan
