On Nov 17, 2010, at 6:51 AM, Don Wieland <donw@xxxxxxxxxxxxxxxxxx> wrote: > Hello all, > > I have recently built a site using PHP. I was a little loose with GET and POST methods because I was using it for personal/private use. Now I am thinking of going public and allow different companies to use the site. I want to secure and hide as much data as possible to guard against user abuse. > > I have several instances where I use the GET method to pass IDS. I can use a POST but even that is visible in the source. How does one allow for processing but never really let the user see that actual ID? Do I use a HASH for IDs? Do I need to get more familiar with SESSION VARS. > > I am doing some experimenting. Any words of wisdom or resources would be helpful. Thanks! > > Don Wieland > D W D a t a C o n c e p t s > ~~~~~~~~~~~~~~~~~~~~~~~~~ > donw@xxxxxxxxxxxxxxxxxx > Direct Line - (949) 336-4828 > > Integrated data solutions to fit your business needs. > > Need assistance in dialing in your FileMaker solution? Check out our Developer Support Plan at: > http://www.dwdataconcepts.com/DevSup.html > > Appointment 1.0v9 - Powerful Appointment Scheduling for FileMaker Pro 9 or higher > http://www.appointment10.com > > For a quick overview - > http://www.appointment10.com/Appt10_Promo/Overview.html > A hash is useful, but I think you are on the right track with session vars. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
