SaranacLake

Because I am not building a form, I am building something like this... Sample

@kickin I wasn't assuming it couldn't be seen or changed, just curious how it comapred to other form elements.

Let me clarify... I am building an ecommerce site where people can sign up for dfferent membership plans. When I person clicks "Subscribe", I display a page containing a couple of different choices. (Currently, Silver, Gold, Platinum) When the user - who doesn't have an account yet - clicks on a "Select" button beneath one of the currently displayed plans, I need to capture that choice so it can ultimately be sent to my checkout.php script. I have already decided I want a generic "Select" button beneath any plans displayed as this is a pretty common ecommerce design. (So no radio buttons or dropdown menus.) In order to make my design flexible, I was thinking of the following... In my product comparison (html) table, for each plan I have a tiny sub-form like this... <td> <form id="offer01" action="" method="post"> <input name="planID" type="hidden" value="mp-1111" /> <input name="planSelected" type="submit" value="Select" /> </form> </td> // Repeat for however many plans are being offered Now when the user clicks "Select", I can check IF (isset($_POST['planSelected']} and if so, then grab $_POST['planID'] and stuff it in my user session. This will allow me to then use that planID on my checkout.php script during checkout. Obviously you have to sanitize and verify all form data, but I was just wondering if the above approach poses any additional risks than I'd have with a normal form that is getting submitted (e.g. log in page, form submission)? Hope that makes sense!

Is it a problem storing images in MySQL? Long ago I heard it would blow up a non-enterprose database like MySQL. Is this still a concern?/

If I store a value in a hidden form control, and then use that as a means to pass the value to another PHP script, could that cause any security issues?