Solved

[PHP] $_GET data clear

Posted on 2011-09-19
3
426 Views
Last Modified: 2013-12-13
I am creating a form that will work as a search form for a database, and I wanted to use get as the method for getting the information so that they could bookmark the searches.  The problem is that some of the residual data is left over from search to search.  

I can reset the headers on the page to only show the data that I want, but I was wondering if that was the most secure/best way to do this or if there is something else that people do to remove the extra data from the URL.

Thanks so much!
0
Comment
Question by:prileyosborne
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 13

Accepted Solution

by:
Hugh McCurdy earned 250 total points
ID: 36564252
Against whom are you trying to secure information?  What type of information are you trying to secure?  Are you adding information you want to keep secret to the URL?  (That's the only thing that makes sense to me so far because the user knows his own search.)

If you are adding information to the URL that should be secret, I suggest you store the secret information in a session variable ($_SESSION).  This sets a cookie that expires when either your software expires it or when the browser closes (whichever comes first).  Banks use session variables.  Nothing is 100% secure but they are pretty good if you are careful.

See http://www.w3schools.com/php/php_sessions.asp
0
 
LVL 14

Expert Comment

by:Scott Madeira
ID: 36564316
Just because they are sending you data that doesn't mean you need to process it.  You can always ignore the extra data that is coming in the request.
0
 

Author Closing Comment

by:prileyosborne
ID: 36568153
Oh, great link on Sessions.  So I can just unset the session every time I change the search. That works perfectly!  Thanks!
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question