Here's a little theory. Here's a little practice. See how nicely that works?I sometimes show and tell my students what not to do.
Let's put the price in the query string unencrypted and send the user to the payment page. What could possibly go wrong?I was reminded of this and the efficacy of teaching by counterexample when I attended a recent planning meeting at school. One of team members1 served as a spectacular counterexample of constructive participation. Every idea put forth was either rejected or scaled back beyond recognition. At every turn the member resisted brainstorming efforts at creativity. Adding insult to injury, the member left early for "another pressing matter" which turned out to be smoking a cigarette.
After my initial disgust I remembered learning by counterexample. I already knew that was bad behavior, but seeing it instantiated so clearly in the member will help me to remember never to "be that person" myself. (Or at least, I hope, to be able to catch myself in the act and stop it should I find myself being that person.)
1 I use the term "member" here in the same way that the late Buddy Hackett did.