data attribute and security considerations
At first glance this topic seems to belong in another forum but the reason I am posting here will become apparent later.
I have a table in my app where one column is named staffID.
That being said,what is contained in that column(the values I mean) are placed as values in the data attribute of an in input element.
The data attribute has the name data-staffID and I need in order to run update queries on the server side.
Elaborating a little,the value that is contained in data-staffID is sent to the server via ajax.Here is an example:
I am afraid though that giving such a name to the data attribute will raise security issues.
?><input class='text' size='40' data-staffid='<?php echo $value['staff_ID']; ?>' value='<?php echo $value['name']; ?>' type="text" name="name">
Changing it maybe to a non so obvious name I think it would be a solution.
What do you think in general about the problem I describe above?
I want to here some opinions.