I have a form and when I submit it, I do an AJAX call to my server. On the server-side, I verify the informations by comparing them with some variables in the superglobale $_SESSION like below :
HeCanBuyIt = $ajaxData->priceProduct <= $_SESSION["user"]->moneyOfUser;
I am not sure if it is safe or not to do that (Can the user change the "moneyOfUser" variable in his session?).
I can also read the user from the database but it cost the time of a SELECT... I know it's not so slow but I prefer the fastest way.
