Also, if you're worried about users unscrupulously changing parameters and submitting your form, you could compute a checksum of the (original) parameter values, put that in the page as a hidden field, then recompute the checksum and compare when you receive the submission.

I've done essentially that in the past, using Digest::MD5, which did the job fine.

HTH,
--roundboy