hiding variables in URL

silly question: does your thePage.php work as expected without the id variable

No.  I must at least get an ID var. Typically this is provided in a POST but because the project is not a linear set of form pages I also have code that will use a GET if the POST is null.  When this happens, the ID is displayed in the URL and this is what I want to hide.

Guys, most Google API's uses header fields to pass values that are not shown in URL
http://en.wikipedia.org/wiki/List_of_HTTP_header_fields

This is a common and completely acceptable practice.  Yes having values in the URL is easier to read (and manipulate) however they can also make URL's completely unwieldy and if they do not need to be saved as bookmarks it's better to put values as header fields.

Unfortunately many believe the only way to pass information is in the body of the request or in the URL.  The cookie is actually just a specialized header field value honoured by the browser.

Most importantly, HTTPS will encrypt header fields along with the body of the message.

I believe the function header() in PHP will allow you to control them.

as the obvious have already been written and explained: anything in a GET request can not be hidden!
we can focus on the the goal to archive:  what should be hidden, why, and what threats are expected?

@ahoffman: I disagree with your assessment of hiding data in the GET request.  Variables encrypted using any encryption like AES 128 or 256 can be hidden in the HTTP header fields.  That is what many web API's do and we do at my employer.  Session and authentication fields are often hidden in GET requests using this technique.

@ tedbilly , , I can see the workability of your ID data in the headers, I use Header data alot in AJAX GET and POST, for sending and getting "version" or "dated" data sets. But you can set and get the headers in a AJAX javascript call. . . . . You say - "hidden in the HTTP header fields", , so I was wondering what method you might use for setting the headers (any header, not just an encrypted one), if you create your page with  PHP and Have a URL link like -
<a href="http://isomewhere.org/thePage.php)" >The Page'</a>
maybe? =
<a href="http://isomewhere.org/thePage.php)" setHeader="ETag=ad3fc0bb" >The Page'</a>

Can you add send Header info with a Link having the <a href=    tag? ?
Although lvmllc says - "expose a var in a URL",  I just assumed from lack of other information they were referring a    <a   link tag.

I only refered to the request line, any header is "hidden" for browser users (but can be made visible very easyly:), don't know if that is sufficient for this question ...

you cannot add headers with plain HTML (a tag)
you need to do it with XHR's setRequestHeader()

This is all good info.  A little more background. One of the sites I need to use this on is a 20 page survey/project. After the initial values have been entered, a user can return to the main page where the see a table of contents that allows them to go back to any one of their pages. I can work around the get issue using a cookie or session var, but as the admin, I want to be able to go to a single page of a user  - thus the ID added to the URL as a param.

Maybe this is just to insecure and I need to build a data portal that is protected by a password that once in I can type the page and user ID and it takes me to that page.

Oh, you may or may not have the use of SSL, but if you do I might help to secure your admin log in with it.

is it acceptable for you if the users find and change the "hidden" id?
if so, you need some kind of encryption and/or authentication