Solved

[PHP] $_GET data clear

Posted on 2011-09-19
3
423 Views
Last Modified: 2013-12-13
I am creating a form that will work as a search form for a database, and I wanted to use get as the method for getting the information so that they could bookmark the searches.  The problem is that some of the residual data is left over from search to search.  

I can reset the headers on the page to only show the data that I want, but I was wondering if that was the most secure/best way to do this or if there is something else that people do to remove the extra data from the URL.

Thanks so much!
0
Comment
Question by:prileyosborne
3 Comments
 
LVL 13

Accepted Solution

by:
Hugh McCurdy earned 250 total points
ID: 36564252
Against whom are you trying to secure information?  What type of information are you trying to secure?  Are you adding information you want to keep secret to the URL?  (That's the only thing that makes sense to me so far because the user knows his own search.)

If you are adding information to the URL that should be secret, I suggest you store the secret information in a session variable ($_SESSION).  This sets a cookie that expires when either your software expires it or when the browser closes (whichever comes first).  Banks use session variables.  Nothing is 100% secure but they are pretty good if you are careful.

See http://www.w3schools.com/php/php_sessions.asp
0
 
LVL 14

Expert Comment

by:Scott Madeira
ID: 36564316
Just because they are sending you data that doesn't mean you need to process it.  You can always ignore the extra data that is coming in the request.
0
 

Author Closing Comment

by:prileyosborne
ID: 36568153
Oh, great link on Sessions.  So I can just unset the session every time I change the search. That works perfectly!  Thanks!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction HTML checkboxes provide the perfect way for a web developer to receive client input when the client's options might be none, one or many.  But the PHP code for processing the checkboxes can be confusing at first.  What if a checkbox is…
Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now