On Nov 17, 2010, at 6:51 AM, Don Wieland <d...@dwdataconcepts.com> wrote:

> Hello all,
> I have recently built a site using PHP. I was a little loose with GET and 
> POST methods because I was using it for personal/private use. Now I am 
> thinking of going public and allow different companies to use the site. I 
> want to secure and hide as much data as possible to guard against user abuse.
> I have several instances where I use the GET method to pass IDS. I can use a 
> POST but even that is visible in the source. How does one allow for 
> processing but never really let the user see that actual ID? Do I use a HASH 
> for IDs? Do I need to get more familiar with SESSION VARS.
> I am doing some experimenting. Any words of wisdom or resources would be 
> helpful. Thanks!
> Don Wieland
> D W   D a t a   C o n c e p t s
> ~~~~~~~~~~~~~~~~~~~~~~~~~
> d...@dwdataconcepts.com
> Direct Line - (949) 336-4828
> Integrated data solutions to fit your business needs.
> Need assistance in dialing in your FileMaker solution? Check out our 
> Developer Support Plan at:
> http://www.dwdataconcepts.com/DevSup.html
> Appointment 1.0v9 - Powerful Appointment Scheduling for FileMaker Pro 9 or 
> higher
> http://www.appointment10.com
> For a quick overview -
> http://www.appointment10.com/Appt10_Promo/Overview.html

A hash is useful, but I think you are on the right track with session vars.
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to