Okay. If you have random values for form names, don't you think that thats overkill? How will you figure them out during data retrieval? Storing them in session cookies? The attacker can see those too. Remember, anything in session cookies is viewable to the user mate.
The thing is...you have to agree, Ajax is the way to go.
Last edited by Redcoder; 01-13-2013 at 02:23 AM..