Is there a security risk in exposing MySQL table fields name in form fields? so that both the form field and corresponding table field will have the same name?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is there a security risk in exposing MySQL table fields name in form fields? so that both the form field and corresponding table field will have the same name?
Not really. Even if you go out of your way to make sure that your field names don’t match with your form names, it’s still going to be pretty easy for an attacker to guess the association. I mean, there’s only so many ways you can name a field that contains an email address.