....best way to encrypt a form posted URL string?

Re: ....best way to encrypt a form posted URL string?

Julia Briggs wrote:[color=blue]
> Could someone post some examples with explanations of how to
> encode/encrypt a form posted URL and then decrypt it, so that it is
> very hard or currently impossible to break?
>
> so, something like
>
> http://localhost/page.php?product=12&price=4.50
>
> would appear obfuscated in my browser display area like:
>
> http://localhost/page.php?Ur7@78 92yRyw&wq84y@$y 8@$ (or whatever)[/color]

You use sessions and the "Ur7@7892yRyw&w q84y@$y8@$" would be the session id
and nothing is encoded/decrypted, you have a file or entry in a database which
tells info about the session (stored locally on the server). You could even
send the session id as an cookie, that way you wouldn't even get anything
after the page.php.




//Aho

Re: ....best way to encrypt a form posted URL string?

Julia Briggs wrote:[color=blue]
> Could someone post some examples with explanations of how to
> encode/encrypt a form posted URL and then decrypt it, so that it is
> very hard or currently impossible to break?
>
> so, something like
>
> http://localhost/page.php?product=12&price=4.50
>
> would appear obfuscated in my browser display area like:
>
> http://localhost/page.php?Ur7@78 92yRyw&wq84y@$y 8@$ (or whatever)
>
> Thanks for anyone's help!
>
> Julia
>[/color]
use https, thats the level to work at

Re: ....best way to encrypt a form posted URL string?

NSpam wrote:[color=blue]
> Julia Briggs wrote:
>[color=green]
>> Could someone post some examples with explanations of how to
>> encode/encrypt a form posted URL and then decrypt it, so that it is
>> very hard or currently impossible to break?
>>
>> so, something like
>>
>> http://localhost/page.php?product=12&price=4.50
>>
>> would appear obfuscated in my browser display area like:
>>
>> http://localhost/page.php?Ur7@78 92yRyw&wq84y@$y 8@$ (or whatever)
>>
>> Thanks for anyone's help!
>>
>> Julia
>>[/color]
> use https, thats the level to work at[/color]

I agree with Julia Briggs: use a session or database.

Even with https a cart should never allow the user to set the price he
will pay in an url or form. So the url should be
http://localhost/page.php?product=12, then the code on the server will
retrieve the data of product 12 and show the price from that data.

Greetings,

Henk Verhoeven,

Re: ....best way to encrypt a form posted URL string?


"Julia Briggs" <julia4_me@yaho o.com> wrote in
message
news:1111270347 .289481.274610@ f14g2000cwb.goo glegroups.com.. .
: Could someone post some examples with
explanations of how to
: encode/encrypt a form posted URL and then
decrypt it, so that it is
: very hard or currently impossible to break?
:
: so, something like
:
: http://localhost/page.php?product=12&price=4.50
:
: would appear obfuscated in my browser display
area like:
:
:
http://localhost/page.php?Ur7@78 92yRyw&wq84y@$y 8@$
(or whatever)
:
: Thanks for anyone's help!
:
: Julia



Secure Sockets Layer

Chris
: