On Mar 29, 12:24 pm, bruno desthuilliers <bruno.desthuilli...@gmail.com> wrote: > On 29 mar, 09:12, Thierry Chich <thierry.ch...@gmail.com> wrote: > > > Le lundi 29 mars 2010 02:14:34, pjrhar...@gmail.com a écrit :> > OK. I can > > also put an hidden field in my form. I will evaluate what is > > > > the better option for me. > > > > Bear in mind if you exclude it from your form altogether there is > > > nothing to stop a malicious user setting it by modifying the post > > > data. > > > > Peter Yes, sorry, I rewrote this and left it making no sense! s/if/unless/!
What I meant to say is unless you exclude it then someone can edit the post data. The only way to ensure no one fiddles with hidden fields is to add a hash that you then check, but that's probably not needed here, just exclude it since you don't need it in the form. Peter -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
