92 Posts
10 years ago
6
Topic
Hello,
In the options menu links to a form we can choose variations such as "hide" and the value.
With Firebug, you can change the value of a hidden field. Is there a solution to prevent these changes?
Thank you in advance for your answers.
Seb
In the options menu links to a form we can choose variations such as "hide" and the value.
With Firebug, you can change the value of a hidden field. Is there a solution to prevent these changes?
Thank you in advance for your answers.
Seb
10 years ago
3
Level 1
Hi Seb,
In géneral now. With this manner, a user can change a value with firegub if he knows the feature.
However, if you have an real case, you can explain us more about your issue. We can give a specific solution for your specific case.
Regards,
Mehdi.
In géneral now. With this manner, a user can change a value with firegub if he knows the feature.
However, if you have an real case, you can explain us more about your issue. We can give a specific solution for your specific case.
Regards,
Mehdi.
92 Posts
10 years ago
2
Level 2
Hello Mehdi,
There is nothing serious in this form, but I was wondering for forms that may be more important.
Sometimes I use custom variations and form values from the links Joomla menu.
Example: I have a hidden field (since Joomla menu link) and is assigned the value "no". I could change the hidden field with the value in Firebug "yes" when editing the form and I sent formualire. The value "yes" was recorded in my database.
Thank you in advance for your response
Seb
There is nothing serious in this form, but I was wondering for forms that may be more important.
Sometimes I use custom variations and form values from the links Joomla menu.
Example: I have a hidden field (since Joomla menu link) and is assigned the value "no". I could change the hidden field with the value in Firebug "yes" when editing the form and I sent formualire. The value "yes" was recorded in my database.
Thank you in advance for your response
Seb
10 years ago
1
Level 3
Hi Seb,
As i said in my previous post, there is no general response for your question. The response depends on context.
When you have a specific case, you can resend your question in this forum.
Regards,
Mehdi.
As i said in my previous post, there is no general response for your question. The response depends on context.
When you have a specific case, you can resend your question in this forum.
Regards,
Mehdi.
92 Posts
10 years ago
0
Level 4
Hello Mehdi,
I do not have a specific case. I just did a test on a form that had a hidden field with a dynamic value. I realized that all web forms could be modified with Firebug (excluding specific protection such as https.
Thank you for your reply.
Seb
I do not have a specific case. I just did a test on a form that had a hidden field with a dynamic value. I realized that all web forms could be modified with Firebug (excluding specific protection such as https.
Thank you for your reply.
Seb
10 years ago
1
Level 1
It is not a good idea to put values you rely on, into hidden fields on the client side.
Never read back results form clientside calculations for use in the backend.
Even SSL/https won't help you here.
If you need results calculated in browser but don't want to disclose information needed for the calculation,
use Ajax to issue a request for calculation on the serverside and only display the returned results.
92 Posts
10 years ago
0
Level 2
Hi
Thank you for your reply. Do you know how to do this with Seblod?
Thank you for this information
Seb