nashrul wrote: > This is a newbie question... > Let's say there are 3 php files, page1.php, page2.php and page3.php. Form > submission from page1.php or page2.php will take user to page3.php. > I know that we can use parameter that is appended in the action attribute of > the form (e.g <FORM METHOD=POST ACTION="tes.php?var1=val1">) > But I think, appending this parameter is transparent to the user, since it's > visible in the url. > And I think we can also use the hidden field or (form name ??.). > So which one is most secured and better ?? > Thanks.. I personally don't see a problem with using get or post vars, but to keep the user from being able to manipulate it do this. This could also be in a header file included at the top of all pages: //page1.php and page2.php session_start(); $_SESSION['page'] = $_SERVER['PHP_SELF']; //page3.php session_start(); $page = $_SESSION['page'] // use $page somehow . . . -- Thanks! -Shawn http://www.spidean.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
