introduction to web programming Hidden Widgets Another very useful input widget is the HIDDEN field that is used to pass administrative data to the server. The data and the value are hidden from the user so that they can't easily modify it. In fact, the HIDDEN input widget is totally invisible to the user.

For the most part, the HIDDEN tag is used so that you can pass administrative data. As such, it takes a NAME and a VALUE attribute.

For example, consider the following hidden field...

    <FORM>
    <INPUT TYPE = "HIDDEN" NAME = "admin"
           VALUE = "selena">
    <INPUT TYPE = "HIDDEN" NAME = "form_version"
           VALUE = "2.1">
    </FORM>

In this case, the browser would simply tag on the following name/value pair in the HTTP message body:

    admin=selena&form_version=2.1

Since the user is not concerned with this administrative data, it is hidden from them. However, you can pass as much data as you want using this input method

Regardless, we will talk a lot more about hidden fields tomorrow when we discuss "state maintenance" in more detail.

It is important to note that a crafty user could view the source of your form, copy it to their own web server, change the values of the hidden fields, and submit the faulty data to your server. So you cannot assume that hidden data is totally secure.

Previous | Next | Table of Contents