form = document.createElement("form");
form.setAttribute("method","post");
form.setAttribute("action","");
form.setAttribute("name","form");
form.setAttribute("id","form");
// First Name
name = document.createElement("input");
name.setAttribute("type","text");
name.setAttribute("name","name");
name.setAttribute("value","name");
form.appendChild(first_name);
Can a user somehow edit these values and submit something eles like change the name input to chris ?
Why bother playing with the Javascript, all one needs to do is send a HTTP request. You can't tell if its from your web page or a Perl script server-side which is why validating the user data is an absolute must.
Ahh, I see. I guess I am just going to obfusctate it to make it harder for them to understand then.
Buddha443556 wrote:Why bother playing with the Javascript, all one needs to do is send a HTTP request. You can't tell if its from your web page or a Perl script server-side which is why validating the user data is an absolute must.
Thank, you gave me an idea. What I am working on is something for paypal, and now I got how to verify it. I am going to use the IPN infomation posted back to check and make sure everything that WAS enter correctly comes back as what it should be, and if not i'll just void the transaction.