Variable pass security

[aashcool198]

hi..

 

i have a website in which a user can loon and see his details.

I am passing variables in url such as:

localhost/man_goals.php?name_id=1

But it is highly unsafe as anyone could write the url and open the respective page. can i pass variables in some hidden form. For every page change i have to pass more than 2 variables.

 

Please Help!

 

 

[cunoodle2]

Look into php sessions.

[aashcool198]

but can you pass more than one variable using sessions. kindly show me how?

[cunoodle2]

You can pass as many as you want to.

 

At the top of your page you have to ALWAYS put this on ANY page using sessions...

<?php
session_start();

//the create as many variables as you want..
$_SESSION['user']="aashcool198";
$_SESSION['site']="phpfreaks.com";
$_SESSION['id']="456";
$_SESSION['other']=$variable;
?>

 

Then on another page you can do this...

<?php
session_start();

//echo to the screen..
echo "User name is ".$_SESSION['user']."<br />\n";
echo "Site name is ".$_SESSION['site']."<br />\n";

?>

[aashcool198]

<?php echo "<a href=\"man_tech.php?name_id=$array_id[$i]\">$array_f[$i] $array_l[$i]</a>";?>

 

this code is run in a for loop and creates certain links when you click on a link you are directed to another page with respective variable.

 

<a href="man_tech.php?name_id=$array_id[$i]">

 

that is.. $array_id[$i] is the variable i am passing.

How can i  use sessions in this case?