[TYPO3-project-4-3] admin panel - why are the form options duplicated?
Jigal van Hemert
jigal at xs4all.nl
Tue Jul 7 13:58:33 CEST 2009
Martin Kutschker wrote:
>> DOM manipulation) it can become rather difficult for the script that
>> handles the submitted data to know what to expect.
> It is a must for the server-side to know what to expect. Accepting any
> values a client submits is a security risk. Granted, in this case I
> don't see any, but you know what I mean.
I may have put it a bit wrong, but I mean that the server side must
indeed know what kind of data to expect, but it can't always know the
number of fields, the exact fieldnames (for example with a numbered
suffix), etc.
So the structure and the fields that are potentially used must be well
known to the server side; I was referring to the fields which are
actually submitted (the 'successful' fields).
Regards,
--
Jigal van Hemert.
More information about the TYPO3-project-4-3
mailing list