Hidden Parameters

Never trust hidden parameters! You ask why? Because it is very easy to change them. All it takes is to save the web page on the local hard drive, modify the action field to point to the necessary script on the server, modify the necessary parameter, and execute the modified file.

Despite their shortcomings, hidden parameters can still be used; you simply have to be very careful with them. We will start considering using hidden parameters with how to hide parameters from honest users and beginning hackers. Sometimes it is necessary to pass some service information from one page to another without using cookies for this. In this case we can make use of hidden parameters. This can be done is several ways, which we will consider.

The first way is to create an input field of the hidden type as follows: