Hidden fields are not hidden!!!

phplearner

I thought 'hidden' fields were NOT supposed to show if someone clicked on View | Source !!!

Maybe there is some kind of trick to coding them (either PHP or HTML) so they will NOT show???

Thanks for any insight here. It freaked me out when they displayed sensitive data :mad:

LordShryku

They're hidden to the page, not the page source....

ymir

Use session data instead, preferrably in a file on your server.

laserlight

good that you realised that, generally placing sensitive data in "hidden" fields is a good way to reveal your secrets, ro allow others to change them.

in this respect, you cannot trust the client.

phplearner

Wow...thank you, folks for clarifying this.

But this is the method Authorize.Net uses to pass the info to its Gateway ("SIM")...and I just realized...it should only be the user/customer who is viewing the page at that point anyway (and no credit card info being passed).

However, I am going to take heed with some other stuff on 'public access' pages.