RE: [PHP] encryption needed?
If you've set things up so that the id is available client-side, then there's no point in encrypting the id (by any encryption methods). If the id is stored in the client browser, then you'd better make sure it's linked to public data. [Original Message] From: klaus [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: 07/13/2004 3:17:54 PM Subject: [PHP] encryption needed? Hi all, I am to set up a service where users can view news of companies. To identify the company selected an easy way is to use the company-id. The id is not displayed but stored in the client browser as JS-variable. Question: Is it ok to use the company-id or do I have to encrypt the id using mcrypt (takes some time)? Thanks in advance Klaus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] encryption needed?
I wouldn't encrypt the ID, but I can't help wonder why you don't want people knowing the company's ID. They can get access to it if you're storing it client-side. This is like using a single script to view documents where you provide the ID of the document to display. http://localhost/view.php?ID=33 You end up needing a different way to reference which document should be displayed, if you don't want people to know the ID. In this case, I'd end up specifying the name of the document to display. http://localhost/view.php?Name=The%20Pizza%20Caper As you can see, you end up having to deal with spaces and other special characters in the name... Basically, I'd just use the ID and not worry about encrypting it, unless you have a good reason to do so. -Ed -Original Message- Is it ok to use the company-id or do I have to encrypt the id using mcrypt (takes some time)? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
