Hidden Widgets
Hidden Input Widgets
-
Another very useful input widget is the HIDDEN
field that is used to pass administrative data to the server. The data
and the value are hidden from the user so that they can't easily modify
it. In fact, the HIDDEN
input widget is totally invisible to the user.
-
For the most part, the HIDDEN
tag is used so that you can pass administrative data. As such, it takes
a NAME and a VALUE attribute.
-
For example, consider the following hidden field...
<FORM ACTION ="">
<INPUT TYPE = "HIDDEN"
NAME = "admin"
VALUE = "selena">
<INPUT TYPE = "HIDDEN"
NAME = "form_version"
VALUE = "2.1"
>
</FORM>
In this case, the browser would simply tag on the following name/value
pair in the HTTP message body:
admin=selena&form_version=2.1
Since the user is not concerned with this administrative data, it is hidden
from them. However, you can pass as much data as you want using this input
method
Regardless, we will talk a lot more about hidden fields tomorrow when we
discuss "state maintenance" in more detail.
| It is important to note that a crafty user could
view the source of your form, copy it to their own web server, change the
values of the hidden fields, and submit the faulty data to your server.
So you cannot assume that hidden data is totally secure |
 File
Upload Widget
Table of Contents
Image Input
|
