473,382 Members | 1,749 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > post and get

Join Bytes to post your question to a community of 473,382 software developers and data experts.

POST and GEt

Is there any way of sending a few variables through $_POST instead of $_GET
without FORMS ?
OR any way that sensitive details will not appear in the URL ?
Because I suppose if I want to delete a record from the database and I pass
the records _id through _GET i might have some problems with people
deleting records....
Jul 17 '05 #1
6 1369
Angelos wrote:
Is there any way of sending a few variables through $_POST instead of
$_GET without FORMS ?
OR any way that sensitive details will not appear in the URL ?
Because I suppose if I want to delete a record from the database and
I pass the records _id through _GET i might have some problems with
people deleting records....


Use a hidden form...

Berislav
Jul 17 '05 #2
One quick glance of an experienced eye allowed to understand the blurred
and almost unreadable Berislav Lopac's handwriting:
Angelos wrote:
Is there any way of sending a few variables through $_POST instead of
$_GET without FORMS ?
OR any way that sensitive details will not appear in the URL ?
Because I suppose if I want to delete a record from the database and
I pass the records _id through _GET i might have some problems with
people deleting records....


Use a hidden form...

Berislav


In fact, you can even use PHP to send the POST data without the use of
forms. Such a topic has already been discussed here - try searching the
archives.

Cheers
Mike
Jul 17 '05 #3
Angelos wrote:
Is there any way of sending a few variables through $_POST instead of $_GET
without FORMS ?
OR any way that sensitive details will not appear in the URL ?
Because I suppose if I want to delete a record from the database and I pass
the records _id through _GET i might have some problems with people
deleting records....

Session variables.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Jul 17 '05 #4
Now nothing stops peope from making their own forms and posting them to
your site, is there?

Jul 17 '05 #5
Angelos wrote:
Is there any way of sending a few variables through $_POST instead of $_GET without FORMS ?
OR any way that sensitive details will not appear in the URL ?
Because I suppose if I want to delete a record from the database and I pass the records _id through _GET i might have some problems with people
deleting records....


Either way (GET or POST), that's a sure-fire way of getting your site
and database getting fucked over by hackers. If someone wants to break
your site, it's just as easy to do with POST as with GET.

In your script, you must check whether the user is authorised to
perform delete operations. That way, it doesn't matter whether you use
GET or POST.

*ALWAYS* validate user input!!

--
Oli

Jul 17 '05 #6

"Oli Filth" <ca***@olifilth.co.uk> wrote in message
news:11**********************@z14g2000cwz.googlegr oups.com...
Angelos wrote:
Is there any way of sending a few variables through $_POST instead of $_GET
without FORMS ?
OR any way that sensitive details will not appear in the URL ?
Because I suppose if I want to delete a record from the database and

I pass
the records _id through _GET i might have some problems with people
deleting records....


Either way (GET or POST), that's a sure-fire way of getting your site
and database getting fucked over by hackers. If someone wants to break
your site, it's just as easy to do with POST as with GET.

In your script, you must check whether the user is authorised to
perform delete operations. That way, it doesn't matter whether you use
GET or POST.


This is not possible because user will always be able to delete records...
or at list an administrator of the site.
Anyway .... I still didn't understand if I can only send them throu session
or I can with POST as well.. but thats ok...
Thanks *ALWAYS* validate user input!! I will !!!
--
Oli

Jul 17 '05 #7
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

15
Session variables and POST method
by: Thomas Scheiderich | last post by:
I am trying to understand Session variables and ran into a question on how they work with data that is passed. I have an HTM file that calls an ASP file and sends the name either by GET or POST....
ASP / Active Server Pages
1
asp.net C# payflowlink post and capturing silent post
by: khawar | last post by:
my application is in asp.net using C# hi guys having a complicated problem i am using payflowlink to process CC payments I have to send a httppost to their servers. The problem is how do i do a...
ASP.NET
2
How to post the data to a new window and control the new window's property?
by: Matt | last post by:
When we submit the form data to another page, we usually do the following: <form action="display.aspx" method="post"> will submit the form data and open display.asp in the current browser ...
ASP.NET
1
Strange type of POST
by: Manuel | last post by:
I have to log into a website and retrieve some information. The problem is that the post isn't "normal". I'm used to passing post values in the form of: Variable1=Value1&Variable2=Value2 etc. I...
ASP.NET
10
asp question about post vars
by: glenn | last post by:
I am use to programming in php and the way session and post vars are past from fields on one page through to the post page automatically where I can get to their values easily to write to a...
ASP.NET
24
problems with POST
by: moriman | last post by:
Hi, The script below *used* to work. I have only just set up a server, PHP etc again on my Win98 system and now it doesn't? On first loading this page, you would have $p = and the button...
PHP
9
how to rate a post?
by: c676228 | last post by:
Hi, I am new to this discussion forum. I started to post questions on this forum since this Jan. and got many good responses and I am very appreciated to those who are willing to help with their...
ASP.NET
3
HTTP Post and HttpWebRequest object
by: JansenH | last post by:
We have implemented a 'HTTP Post' client in C# that posts Xml documents to a webserver. This is working fine if the post rate is one post for every 20 seconds. But if the post rate is increased to...
ASP.NET
10
why encodeURIComponent() for data in body of POST XHR request?
by: Peter Michaux | last post by:
Hi, All Ajax libraries I've read use encodeURIComponent() on the name- value pairs extracted from forms before POST ing the result to the server with and xmlhttprequest. I can understand why...
Javascript
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
isladogs
Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!