kvarnerexpress
Jun 21 2005, 08:04 PM
| | just wondering if there is a easy safe way to secure some webpages.
i have a payment facility on my site which is linked through paypal. when the member has paid they are taken back to my site "thanks your payment has been successful page", once its went to this page the item is no longer listed on my site.
now i have found away people can mess with this using the url. this means people can change just a few digits in the url and and mess the listings up on my site.
after payment has been made the member is redirected to:-
mydomain.com/class/thanks_paypal.php?myprod_id=78&MemberID=11
this means i could over ride the id (78) with another id (80) (90) etc etc, this would then mean these items would show as sold and come off my site.
is there away to either hide my url: so it only shows the following mydomain.com/class/
or is there another way to make it more secure,thanks
kvarnerexpress |
Reply
rvalkass
Jun 22 2005, 05:42 AM
Change the action of the form from GET to POST and then use $_POST['variable'] rather than $_GET. This will hide the information being sent and it can't be changed by the user.
Reply
beeseven
Jun 24 2005, 11:40 PM
Post forms would be better, as previously stated. You could also use hidden inputs if you have to take it through several pages: CODE <input type="hidden" name="prod_id" value="###" /> If you also want secure as in payment and such, then you have to buy a certificate.
Reply
Similar Topics
Keywords : securing, pages
- Pagination
? (3)
Protect Pages
HOW? (20) I create certain pages for my web-site, and I would like to protect them that no one can hack or see
their source codes. So, if everybody knows how to do it, please post a reply over here. List of
the best ways, I can do it. Thanks.....
2 Pages Into One
how? (10) Hello, now this may be a stupid question but i'm very new to php so i need some help. what
i'm wanting to do is combine 2 pages in to one. like for example the install.php for
invisionpower board it starts with one page and you click continue and it gives you a whole new page
but if you look at the url you are still using the install.php file but it has somethinglike "?a=2"
at the end. how can i do this. Thanks....
Php Pages Problem [resolved]
Please help me im stuck ;-( (5) Hi, i have been working with a wap forum script, translating from russian and fixing errors etc..
but now im stuck, the problem is with the pages while viewing a forum.. Let me explain.. the pages
are set to show ten topics per page which all works fine as you can see in these screenshots: page
1: page 2: The problem occurs when there are PINNED topics (with the redish folder), it will
show ten topics but also the pinned ones on page one, and the "Next" link will appear before it
should leading to a blank page where there should be topics but they are still on th....
Php An Js Window.open Pages Trouble.
I need a way to set hidden input values to the new window. (3) I have 2 main pages Page A(events_locked.php) and Page B(add_attendance.php). Both are php files.
Page A takes a post var from another page(not Page B ) and then used to query for displaying records
in a mysql datase. This variable has set as a session variable because there is 1 <script
LANGUAGE="JavaScript"> window.name="main_index"; function openFormWindow() {
OpenWindow=window.open("add_attendance.php", "newwin", "height=250,
width=400,toolbar=no,scrollbars=no,menubar=no,location=no,resizable=no"); var x =
getElementByName("form1"); x.target="newwin"; x.s....
Php Pages Permission On Apache Server
PHP pages permission on Apache Server (1) Hello, I want to know what permissions for PHP pages should be given on Apache web server so that
PHP pages can be executed. If PHP pages are in a folder, what permissions should be given for that
folder? ....
Putting Data Of 2 Pages In Mysql At Once
(1) suppose i have a page, page.php?part=1 there i have some text fields. user will give input, but
after taking input, it will not put the data in mysql .. but it will take to the next step..
page.php?part=2 (if any field is left blank, it will not go to next page.. ) . and there also some
fields.. after the user has filled that form also, then it will insert all data (from part1 and
part 2) in mysql. i want to ask, how i can collect data from 2 pages and put in mysql at once.....
Dynamic Php Pages
Nice tutorial (5) This is a really good tutorial on making php pages that normally appear as
www.domainname.com/links.php appear as www.domainname.com/index.php?page=links
http://nuwen.com/tutorials/php-dynamic-pages ....
Securing A Php Script Proccessing Input
I need help and advice (7) Hi everyone I like to experiment with php, been doing so for about a year but im not clued up on
security yet, i can use str_replace() to take out parts of strings i dont want like html and JS code
inserted by users, and i know how to use stripslashes to take out slashes from input strings but
this doesnt seem to be lock-tight security to me. There has to be something more to protect my
scripts against malicious users. I belive its possible to use the "or_die()" function for
connecting to an sql table to prevent the error messages being shown to users, as error message....
Question: Securing A Website For Beginners
(1) I don't really understand 'bout it. What kind of security we have to make to hold our web
secure. Only log in features? how bout 'deface' method? how does it work? thx in advance
Please use detailed topic title. ....
Search Site Pages Using Keywords?
(6) We're doing a "Mock" e-commerce site for our project in Web Development and I was wondering how
to make a Search form like the ones in many sites. There will be a Search textbox and a button in
the form which will accept a string (keywords) which will then be processed by a script. If there
is a match, a page containg the keywords will be displayed. Is there a way to do this using PHP or
is there an existing free script out there already? Thanks very much.....
Changing Include Tag On All Pages
(11) I want to change an include tag (include menu.htm) to include menu.php on all my pages on my
website. Is there any fast way to do this, or do I have to edit all of my pages manually?
/unsure.gif' border='0' style='vertical-align:middle' alt='unsure.gif' /> ....
Parsing .html Pages
(9) This isn't really that urgent but I was wondering, I read somewhere that you can configure you
server to pars all html pages for php code, and I was wondering if that was true, and if trap17 has
that feature enabled?....
Blocking Pages & Making Ranks
(4) I would like to know how and where to put the code that would block certain pages so people could
only get to them if they logged in. And I would like to have ranks on the site and when you get to a
certain rank you get more options like being able to add members and stuff. And also. I would like
some code for a news sytem for the homepage. Like where you have to be logged in to post something
and only people with certain ranks will have access to it and only certain people can delete it. I
would like to be able to make it so on the members page it displays members and y....
Securing Images
(2) Just wondering if anyone's worked with securing images to avoid direct linking than just by
obscuring the URL or using a .htaccess file. I briefly looked through the documentation and source
for gallery and it looks like the images are stored under the web root, so anyone with a direct link
can browse the images regardless of user privileges. I was thinking one way of doing this would be
too store the images above the webroot directory so that visitor's can't navigate to them
and having a php script that can read the image dir output the images by sending th....
Php Classes
Access the same class instance over multiple pages (1) Hey everyone. I am having some trouble accessing the same php class instance in more that one page.
This is for my login script and what i need to do is be able to call the classes logout function
from a separate page. What i have tried to do is create a new .php page and include the class file
and then make a new class and call logout. This does not work because it does not log out the
current user which is my problem. Can anyone help me fix this or know of another way to do it?
Below is my class file CODE <?php // member class // handlers member logo....
Pages In 1 File
?? (9) I know its possible to put many pages inside 1 file. But how? Lets say you have a guestbook with
different pages for signing and viewing. How to make so those pages are in 1 file? /huh.gif"
style="vertical-align:middle" emoid=":huh:" border="0" alt="huh.gif" />....
Embeding Pages
(3) Is there a way to have php act as an iframe? I dont want to have to change every single page when i
want to move something around. If anyone can give me a tutorial or somethign telling me how that
would be great, or ven another way of doing this without frames.....
Looking for securing, pages
|
*RANDOM STUFF*
*SIMILAR VIDEOS*
Searching Video's for securing, pages
*MORE FROM TRAP17.COM*
|
advertisement
|
|
