nashrul wrote:
> This is a newbie question...
> Let's say there are 3 php files, page1.php, page2.php and page3.php. Form
> submission from page1.php or page2.php will take user to page3.php.
> I know that we can use parameter that is appended in the action attribute of
> the form (e.g <FORM METHOD=POST ACTION="tes.php?var1=val1">)
> But I think, appending this parameter is transparent to the user, since it's
> visible in the url.
> And I think we can also use the hidden field or (form name ??.).
> So which one is most secured and better ??
> Thanks..

I personally don't see a problem with using get or post vars, but to
keep the user from being able to manipulate it do this.  This could also
be in a header file included at the top of all pages:

//page1.php and page2.php
$_SESSION['page'] = $_SERVER['PHP_SELF'];

$page = $_SESSION['page']
// use $page somehow . . .


PHP General Mailing List (
To unsubscribe, visit:

Reply via email to