Answers


1.

Users should be able to remove only their own items.

2.

If you stored the price in a hidden field, a rogue user could change that value before posting the form, therefore, writing whatever price he wanted into the store_shoppertrack table, as opposed to the actual price.



Sams Teach Yourself PHP MySQL and Apache All in One
Sams Teach Yourself PHP, MySQL and Apache All in One (4th Edition)
ISBN: 067232976X
EAN: 2147483647
Year: 2003
Pages: 333
Authors: Julie Meloni

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net