Jump to content
xisto Community
Sign in to follow this  
kvarnerexpress

Securing Pages

Recommended Posts

just wondering if there is a easy safe way to secure some webpages.i have a payment facility on my site which is linked through paypal. when the member has paid they are taken back to my site "thanks your payment has been successful page", once its went to this page the item is no longer listed on my site.now i have found away people can mess with this using the url. this means people can change just a few digits in the url and and mess the listings up on my site.after payment has been made the member is redirected to:-mydomain.com/class/thanks_paypal.php?myprod_id=78&MemberID=11this means i could over ride the id (78) with another id (80) (90) etc etc, this would then mean these items would show as sold and come off my site.is there away to either hide my url: so it only shows the following mydomain.com/class/or is there another way to make it more secure,thankskvarnerexpress

Share this post


Link to post
Share on other sites

Change the action of the form from GET to POST and then use $_POST['variable'] rather than $_GET. This will hide the information being sent and it can't be changed by the user.

Share this post


Link to post
Share on other sites

Post forms would be better, as previously stated. You could also use hidden inputs if you have to take it through several pages:

<input type="hidden" name="prod_id" value="###" />

If you also want secure as in payment and such, then you have to buy a certificate.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.