I have implemented inline editing. The server-side script accepts the following information, which it receives from the client-side script: Table Name, Unique Field (to find which row to update), Unique Field Value, Field to update & value of field to update. What I am worried about however, is that the data sent to the server-side script can easily be changed by using something like Firebug, or a hacker could even create a new form and post it to my server-side script, and it would execute it. In this way, they could update any field in any table they like..

How do I solve this problem ?