|
|
Posted by "Mirco Blitz" on 10/07/97 11:32
HI,
I totaly agree to Jaspers answer.
Thats why I use ONE jumpto script and GET.
I usually encrypt the given Values I give over to the script and decrypt
them on recive. That way nearly nobody can assume wich values are really
given to the script.
If you want to make it rocket safe, generate a random string that you place
in a session variable for crypting and decrypting. By that way the value is
different on every startup and you can be ure that you have made it when
decrypting. If someone try's to use xsripting and try's to fool your script,
latest the case structure yould not work, cause no plausible data is
recived.
But who would like to xscript on a jump page, it can't harm really.
Greetings
Mirco
-----Ursprüngliche Nachricht-----
Von: Jasper Bryant-Greene [mailto:jasper@album.co.nz]
Gesendet: Sonntag, 20. November 2005 04:12
An: xkorakidis
Cc: php-general@lists.php.net
Betreff: Re: AW: [PHP] how can I CALL a PHP script from different TEXT
LINKSwith differentPARAMETERS?
xkorakidis wrote:
> Webmaster, thanks very much but I think it would be safer to do that by
> post, not by get. Furthermore, if I use indivudual files
It is a fallacy to ever tell someone that POST is safer than GET. They
both transmit data in plaintext and it should not be assumed that either
is inherently safer than the other, as this simply gives others a false
sense of security.
The difference between POST and GET lies in the semantics -- POST
represents something changing on the server, e.g. updating a database
field, and allows the browser to warn the user if they try to refresh.
GET represents nothing of importance changing on the server, e.g.
performing a search on the database, and can safely be repeated.
SSL/TLS is the best option if you wish to transmit sensitive data.
--
Jasper Bryant-Greene
General Manager
Album Limited
+64 21 708 334
jasper@album.co.nz
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Navigation:
[Reply to this message]
|