Enforcing / Securing POST parameters

Question

My title is probably vague so please check my situation below.

I have a web application to manage a list of employees. The application is set up in a hub-spoke pattern w

Answer 1

What you usualy do is - click on a row, get the employee ID and send it to the server, retrieve information by ID and publish it to the user. Usualy you keep the ID as some jind of hidden value, so when you update, you update this ID. And, usualy, you don't allow ID changes. IMO no need of checking ID, but if you think some one can jump over, just check if the ID of the page is the same you have in the hidden value.