Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hiding PHP Parameters

Status
Not open for further replies.
Sort by date Sort by votes
There are several ways to do this with PHP. Do you need it for security purposes, or just to make the URL less "readable"? -------------------------------------------

Big Brother: "War is Peace" -- Big Business: "Suspicion is Trust"
(
 
Upvote 0 Downvote
Actually a little bit of both. Our primary goal is to protect our intellectual property and to not allow people to see how we are doing things

Thanks for the reply and look forward to hearing more

Dave
 
Upvote 0 Downvote
you could just base64encode things... its simple and not-hack proof, but for joe bloggs its good enough --BB
 
Upvote 0 Downvote
Well, think about it: there is no way to really hide what variables the browser is sending to the server. What happens on client-side space is wide open. How do you prevent users from seeing variables that are set in forms, etc...?

Now, if you are talking about hiding "accumulated" variables that go with the user from page to page, then you shouldn't be sending them through the browser anyway. Read about sessions ( This allows you to keep the variables on the server side, and simply send a unique identifier, which can be set in a cookie, or on the URL, which might look like
Additionally, if you are concerned about security at all, you should use SSL for everything, which will minimize the chance of people hijacking session keys.

Another step you can take is to make sure that all variable names inside your PHP code are different from form element names. Run every form through a small script which validates it and uses different names for the rest of your PHP code. (Setting register_globals = Off in php.ini is very helpful, also). This will minimize the possibility of hackers guessing your internal structure and naming conventions. -------------------------------------------

Big Brother: "War is Peace" -- Big Business: "Suspicion is Trust"
(
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cdlvj
  • Locked
  • Question
PHP Debugging
Replies
1
Views
503
cdlvj
cdlvj
W
  • Locked
  • Question
how to send checked row data in php
Replies
0
Views
356
wiltang2004
W
SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
719
SashaBuilder3
SashaBuilder3
PeDa
  • Locked
  • Question
Unwanted spaces in php HTML mail 1
Replies
4
Views
517
PeDa
PeDa
Mandy_crw
  • Locked
  • Question
How to send sms in PHP using usb gsm modem?
Replies
1
Views
635
vishvajit
vishvajit

Part and Inventory Search

Sponsor

Back
Top