I'm not sure if there's really a way to make this more secure - but, this is what I have...
I have a form with a hidden field that retrieves a hashed user ID from a session, and then inserts that info into the hidden form field.
How can I make sure that a user doesn't change this info when submitting the form?
I'm guessing that it's impossible to guard against, since it's a hidden form field and a user could simply change either the session info or just the hidden form field data.
Any ideas on how to make this more secure?