Join Up! 104886 members and counting!

Login To PHPBuilder User Name: Password: Register A New Site Account * NOTE: This is for logging into the main site only! To login to the forums, click here

Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Hiermenus DatabaseJournal Technology Jobs Covalent Extends Apache 2.0 to Microsoft ASP.NET ShopWorX - Support for Windows PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1 Network Risk Assessment Full-Featured, Java-Based Apache GUI PHP Web Blog - Part 2 Use PHPUnit to Implement Unit Testing in Your PHP Development PHP and Shell Scripting: Using Pipes Reading RSS feeds in PHP: Part 1 Using XML: A PHP Developer's Primer, Part 4, Section 2

php3-list | 199903

From: Jim Winstead (jimw <email protected>)
Date: 03/31/99

• Next message: Chad Cunningham: "Re: [PHP3] Fwd: Passing variables invisable/security"
• Previous message: Stephen Benjamin: "Re: [PHP3] Urgent Help Required"
• In reply to: Remco: "[PHP3] Fwd: Passing variables invisable/security"
• Next in thread: Chad Cunningham: "Re: [PHP3] Fwd: Passing variables invisable/security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Don't pass them. Just pass along some sort of identifier that you
can use to look up the data that you've tucked away somewhere on
your side. PHPLIB (http://phplib.shonline.de/) includes an
implementation of this.

Jim

On Apr 01, Remco wrote:
>
> Hello people,
>
> I'm currently doing some sort of a shop project in PHP, and everything works
> fine, except passing variables between pages secure.
>
> I don't want people to see what variables are passing between pages (and so be
> able to change them in the HTML or URL), but I didn't find any info on how to
> do this. Things like itemnumber, number of the person are needed in various
> pages during the orderingprocess, but can be seen. (and I dont' want it to be)
>
> Thought about the crypt() -function, but when someone knows what he has
> entered and he sees the passed (encrypted) text, the hacker can still
> find out the key and know what's passed and will be able to change these.

--
PHP 3 Mailing List   http://www.php.net/
To unsubscribe send an empty message to php3-unsubscribe <email protected>
To subscribe to the digest list:  php3-digest-subscribe <email protected>
For help: php3-help <email protected>  Archive:  http://www.php.net/mailsearch.php3
List administrator:  zeev-list-admin <email protected>

• Next message: Chad Cunningham: "Re: [PHP3] Fwd: Passing variables invisable/security"
• Previous message: Stephen Benjamin: "Re: [PHP3] Urgent Help Required"
• In reply to: Remco: "[PHP3] Fwd: Passing variables invisable/security"
• Next in thread: Chad Cunningham: "Re: [PHP3] Fwd: Passing variables invisable/security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Columns / Articles | Tips / Quickies | News | News Linking and RSS Feeds | Shared Code Library Mail Archives | Support / Discussion Forums | Get Started! Links | Contribute! | Docs