[FX.php List] Obscuring the recid on URL links
Joel Shapiro
jsfmp at earthlink.net
Fri Aug 25 13:26:16 MDT 2006
Hey Jonathan
I started a thread on this list on April 24 entitled "Disallowing
access thru modifying url?" There were a number of great, helpful
responses.
HTH,
-Joel
Joel Shapiro - FileMaker Pro Database Design
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
joelshapiro at jsfmp dot com
http://www.jsfmp.com
415-269-5055
On Aug 25, 2006, at 9:40 AM, Jonathan Schwartz wrote:
> I feel that I should know this by now, but still have a question on
> how to create links that do not reveal recid's in URL links.
>
> I understand how to use hidden input fields to hide recids on
> forms. No problem there.
>
> However, on links that use URLs (list.php?recid=12345), what
> methods are used to not review the recid?
>
> I did try a method where I use 20 character randomly generated ID
> instead of the recid, and it works fine. The 20 character ID still
> appears in the URTL, but with 20 characters, it represent a
> security risk...I think.
>
> Am I missing some basic concept or technique in this area?
>
> Thanks
>
> Jonathan
>
> --
>
> Jonathan Schwartz
> FileMaker 8 Certified Developer
> Associate Member, FileMaker Solutions Alliance
> Schwartz & Company
> jonathan at eschwartz.com
> http://www.eschwartz.com
> http://www.exit445.com
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
More information about the FX.php_List
mailing list