hide Show How to encrypt url ID in php and decrypt URL ID when using GETVideo time control bar 0:00 Audio volume control bar 0:00 / 0:00 Quality:
Sharing buttons:
[Music] [Laughter] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Laughter] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] I know there are a lot of posts had been asking how to hide the ID from URL as the user might try to abuse it by input different ID. After reading few threads from Stackoverflow, Laracast or other sources, I still don't find any solution yet and most of the replied from the forum was "No, it is impossible to hide it". Some of the sources were using encryption method to hide the ID. There is one solution comes into my mind which is using the UUID but I am uncertain if this is a workaround. Example like `http://www.example/item/b14e5c00-e899–11e5–9c37-df062687ba4f" I need some advice. In general, security by obscurity is one of the weakest forms of security. But in some cases, every little bit of extra security is desirable. A few simple techniques can help to hide PHP, possibly slowing down an attacker who is attempting to discover weaknesses in your system. By setting expose_php to Another tactic is to configure web servers such as apache to parse different filetypes through PHP, either with an .htaccess directive, or in the apache configuration file itself. You can then use misleading file extensions: Example #1 Hiding PHP as another language # Make PHP code look like other code types AddType application/x-httpd-php .asp .py .pl Or obscure it completely: Example #2 Using unknown types for PHP extensions # Make PHP code look like unknown types AddType application/x-httpd-php .bop .foo .133t Or hide it as HTML code, which has a slight performance hit because all HTML will be parsed through the PHP engine: Example #3 Using HTML types for PHP extensions # Make all PHP code look like HTML AddType application/x-httpd-php .htm .html For this to work effectively, you must rename your PHP files with the above extensions. While it is a form of security through obscurity, it's a minor preventative measure with few drawbacks. rustamabd at google mail ¶ 15 years ago
anon at example dot com ¶ 8 years ago
yasuo_ohgaki at yahoo dot com ¶ 20 years ago
sandaimespaceman at gmail dot com ¶ 13 years ago
Pyornide ¶ 14 years ago
benjamin at sonntag dot fr ¶ 17 years ago
mmj ¶ 18 years ago
CD001 ¶ 12 years ago
$_GET['query'])) {
marpetr at NOSPAM dot gmail dot com ¶ 16 years ago
info at frinteractives dot com ¶ 7 years ago
Anonymous ¶ 19 years ago
l0rdphi1 at liquefyr dot com ¶ 19 years ago
Anonymous ¶ 18 years ago
m1tk4 at hotmail dot com ¶ 20 years ago
jtw90210 ¶ 17 years ago
php at user dot net ¶ 18 years ago
Bryce Nesbitt at Obviously.COM ¶ 19 years ago
simon at carbontwelevedesign dot co dot uk ¶ 16 years ago
= explode("/",$_SERVER['REQUEST_URI']);$varone = $permalinks[1]; php at vfmedia dot de ¶ 18 years ago
sth at panix dot com ¶ 20 years ago
Ryan ¶ 10 years ago
omolewastephen at gmail dot com ¶ 4 years ago
Raz ¶ 15 years ago
How to hide id from URL?You can encode the ID passed in the URL. Use the base64_encode() function to encode the ID and attach it to the URL.
How to hide id from URL in codeigniter?You can use <form action="function_name" method="POST"> instead of adding ID in URL.
|