The workshop is designed to help you anticipate possible questions, review what you've learned, and begin putting your knowledge into practice.
Quiz
1.
When removing an item from the cart, why do you suppose that the query validates the session ID of the user against the record?
2.
What would be a reason not to store the price in a hidden field when adding to the cart?
Answers
1.
Users should be able to remove only their own items.
2.
If you stored the price in a hidden field, a rogue user could change that value before posting the form, therefore, writing whatever price he wanted into the store_shoppertrack table, as opposed to the actual price.