You could add an extra field consisting of an encrypted* checksum of the existing fields. This will allow you to detect tampering and that data came from your own script since only your script knows the key used to encrypt and decrypt the checksum.

Alternatively (and more commonly used), you could store a session id instead of the data in the hidden fields. On the downside, this requires some sort of database to hold the data associated with the session. The security in this method comes from the near impossibility** of guessing the long session ids of active sessions.

* – A symetric encrpytion algorithm, such as Crypt::Rijndael, would be ideal.

** – If you're using 128 bit session ids, and there are 1024 (2¹⁰) active sessions on your site, the attacker has a 1 in 3.3*10³⁵ (2^(128-10)) chance of guessing an active session id.

---

---

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

• How do I compose an effective node title?
• How do I post a question effectively?
• Markup in the Monastery

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		&
	<		&lt;
	>		&gt;
	[		&#91;
	]		&#93;

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.