i want to encrpt query parameters in Url... So that end user unable to understand it..!!!

www.test.com/page.php?uid=1234&tid=234

can we encrypt or hide value through .htaccess..???

i want to encrpt query parameters in Url... So that end user unable to understand it..!!!

www.test.com/page.php?uid=1234&tid=234

can we encrypt or hide value through .htaccess..???

If u dont want user to see or understand the data you are sending from a form, may i suggest you using POST method instead of GET..
The official recommendations say that "GET" should be used if and only if the form processing is idempotent, which typically means a pure query form.
Using POST will remove any overhead of encrypting and decrypting the data during form submission..
Hope this helps...

you can encrypt the url with mcrypt or e107

If u dont want user to see or understand the data you are sending from a form, may i suggest you using POST method instead of GET..
The official recommendations say that "GET" should be used if and only if the form processing is idempotent, which typically means a pure query form.
Using POST will remove any overhead of encrypting and decrypting the data during form submission..
Hope this helps...

how can i use post method without submitting the form..??
i m listing the users with update link...!!!
update link = <a href='update.php?username=$username'>

i thnink there is no chance to use post method

how can i use post method without submitting the form..??

well POST and GET are methods to submit a form.. u cannot use any of them without submitting..

i m listing the users with update link...!!!
update link = <a href='update.php?username=$username'>

i thnink there is no chance to use post method

u can still use post method.
use a hidden input like

<input type="hidden" value="<?php echo $username; ?>" name="username" ></input>

Sending username as a query parameter for updation can prove to be a huge risk since a user a can edit it and update the info for other users..
Got my point?
Cheers!!

well POST and GET are methods to submit a form.. u cannot use any of them without submitting..


u can still use post method.
use a hidden input like

<input type="hidden" value="<?php echo $username; ?>" name="username" ></input>

Sending username as a query parameter for updation can prove to be a huge risk since a user a can edit it and update the info for other users..
Got my point?
Cheers!!

mean u want to say create form with every link..?? i dont think its an good idea

I m sorry if i got u wrong... but as far as i understood, u have a form and u want to submit the data from it to a php script wherein u update the db according to the user id passed from that form.. isn't it?
If this is what u r trying to do, my solution should work fine for you.

mean u want to say create form with every link..?? i dont think its an good idea

I didnt really understand what u r trying to tell here...
may be if u can post up your code, we can help you better...

Anyways If u have made up ur mind for encryption/decryption of ur data... u can use mcrypt_encrypt/decrypt.
another useful function that i would prefer for this purpose is:

function encrypt_decrypt($Str_Message) { 
    $Len_Str_Message=STRLEN($Str_Message); 
    $Str_Encrypted_Message=""; 
    FOR ($Position = 0;$Position<$Len_Str_Message;$Position++){ 
         $Key_To_Use = (($Len_Str_Message+$Position)+1);  
        $Key_To_Use = (255+$Key_To_Use) % 255; 
        $Byte_To_Be_Encrypted = SUBSTR($Str_Message, $Position, 1); 
        $Ascii_Num_Byte_To_Encrypt = ORD($Byte_To_Be_Encrypted); 
        $Xored_Byte = $Ascii_Num_Byte_To_Encrypt ^ $Key_To_Use; 
        $Encrypted_Byte = CHR($Xored_Byte); 
        $Str_Encrypted_Message .= $Encrypted_Byte; 
             
    } 
    RETURN $Str_Encrypted_Message; 
}

The same function can be used for encryption as well as decryption and u dont even need to maintain a key..
Though i agree this is not very secure but this should be enough for ur requirement.
Cheers!!

well POST and GET are methods to submit a form.. u cannot use any of them without submitting..


u can still use post method.
use a hidden input like

<input type="hidden" value="<?php echo $username; ?>" name="username" ></input>

Sending username as a query parameter for updation can prove to be a huge risk since a user a can edit it and update the info for other users..
Got my point?
Cheers!!

<table align="center" name='MyTable' id='MyTable' class="sortable" border="1" cellpadding="5" cellspacing="5" width="95%">  
        <? if(isset($_POST['submit'])) 
        {
            if($count > 0)
                 { ?>
                 <tr>
                    <th  nowrap="nowrap">Serial No.</th>
                    <th  nowrap="nowrap">Username</th>
                    <th  nowrap="nowrap">Password</th>
                    <th  nowrap="nowrap">Edit</th>
                </tr> 
                  <?               
                    $counter = 1;
                    $className = "trOdd";
                while($row1 = mysqli_fetch_array($result1)) { ?>
                    <tr>
        <td align="right"><?= $serial; ?></td>
        <td align="right"><?= $row1['name']; ?></td>
        <td align="right"><?= $row1['password']; ?></td>
        <td align="right"><a href="edit.php?uname=<?=$row['name'];?>"Edit</a></td>
        </tr>
        
        <? $counter = $counter + 1; 
         }}} ?>
           
         
              
</td></tr></table>

in above code i m passing username in url... now guide me how can i do with post instead of get method..!!! because according to i can use post method only when i create a form and submit the value..!!
but here i m not using any form or using submit button..!!!

anyways your function is pretty cool.!! thanks for that. :)

<table align="center" name='MyTable' id='MyTable' class="sortable" border="1" cellpadding="5" cellspacing="5" width="95%">  
        <? if(isset($_POST['submit'])) 
        {
            if($count > 0)
                 { ?>
                 <tr>
                    <th  nowrap="nowrap">Serial No.</th>
                    <th  nowrap="nowrap">Username</th>
                    <th  nowrap="nowrap">Password</th>
                    <th  nowrap="nowrap">Edit</th>
                </tr> 
                  <?               
                    $counter = 1;
                    $className = "trOdd";
                while($row1 = mysqli_fetch_array($result1)) { ?>
                    <tr>
        <td align="right"><?= $serial; ?></td>
        <td align="right"><?= $row1['name']; ?></td>
        <td align="right"><?= $row1['password']; ?></td>
        <td align="right"><a href="edit.php<?$uname=$row['name'];?>"Edit</a></td>
        </tr>
        
        <? $counter = $counter + 1; 
         }}} ?>
           
         
              
</td></tr></table>

in above code i m passing username in url... now guide me how can i do with post instead of get method..!!! because according to i can use post method only when i create a form and submit the value..!!
but here i m not using any form or using submit button..!!!

anyways your function is pretty cool.!! thanks for that. :)

Ohh i c.. so u are linking to take user to the form and i thought u r already in the form... :P
anyways, if this is the case, u cannot use POST method... but i cant see the need of encryption of url in ur case coz u r trying to encrypt username which is already displayed there in page as it is...
or am i missing somthin again... ;)

Ohh i c.. so u are linking to take user to the form and i thought u r already in the form... :P
anyways, if this is the case, u cannot use POST method... but i cant see the need of encryption of url in ur case coz u r trying to encrypt username which is already displayed there in page as it is...
or am i missing somthin again... ;)

See.. its url edit.php?uname=xyz;

from url i get the username value and pass it in a query

select data from user where username = $username;

in this way user can edit url and can see the data of other person..!!

thts y i need to encrypt the username..!! i hope now u got my point..!! :)

See.. its url edit.php?uname=xyz;

from url i get the username value and pass it in a query

select data from user where username = $username;

in this way user can edit url and can see the data of other person..!!

thts y i need to encrypt the username..!! i hope now u got my point..!! :)

well, as i can see from your code, u r displaying a list of users in this page itself and providing an "edit" link to edit info of a specific user... then why will someone take the pain of editing it in url.. :P
and if u r displaying only the current user's info with that edit option, he doesn't know the user id of other users to edit the url with same..
makes sense doesn't it?? :)

well, as i can see from your code, u r displaying a list of users in this page itself and providing an "edit" link to edit info of a specific user... then why will someone take the pain of editing it in url.. :P
and if u r displaying only the current user's info with that edit option, he doesn't know the user id of other users to edit the url with same..
makes sense doesn't it?? :)

Well one user should not see the info of other user..!!! as it is clear than uid=12; one can easily modify it 11 or other digits to see other user info..!!

Well one user should not see the info of other user..!!! as it is clear than uid=12; one can easily modify it 11 or other digits to see other user info..!!

there u go.... dats xactly wt i was asking about...
if u have a user logged in and wants him to see only his info.. why would u pass his id with url... instead what u can do is set the user id in session when the user logs in, and use it whenever u need to display any info on his profile...
got it now?
Cheers!!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.