Hello, I would like to know if it is possible to hide the action of my form, since it is giving information about the process that will be executed, which could be a security problem.
<form name="cambiar_datos" action="index.php?action=modifdata" method="POST" enctype="multipart/form-data">
In my case, if you give View Source Code of the Page, you will see that the action will invoke the index.php file with an action=modifdata. Can that information be protected?
In any case you could do this:
with a hidden input passing it an ID that only you will know what it really means... (ex:)
and in process.php you have
so you define a random name for X action, and in your php, as it is server side and nobody will know what it will actually do, most of the time it will ignore, or try to manipulate it with the developer tools but in the end it will not achieve anything ...
You could do it with javascript, but in the end it will have the same result. The destination URL will always be visible if inspected. Turns out, HTML is a public file, so there's no point in hiding that information when it's going to remain public by default. And I don't think you will have security problems if you take the proper measures.