sprateek Posted February 1, 2011 Share Posted February 1, 2011 Hello All, I have created a web application. Unfortunately at development time I forgot to encrypt my query parameter. So generally my apply URL shown like : http://mysite.com/myprofile.php?userId=2 So here any user can guess some other Ids because User Ids are not encrypted in URL. Is there any simple way to do it. I have more than 100 php pages and implementing ecry/decry logic on each page is time consuming So is there any way around? Regards, Prateek Link to comment https://forums.phpfreaks.com/topic/226385-encrypting-query-parameters/ Share on other sites More sharing options...
AbraCadaver Posted February 1, 2011 Share Posted February 1, 2011 Whay does it matter? What can they do with userId? I'm sure you have some authentication/authorization system in place to limit who can see/do what. Link to comment https://forums.phpfreaks.com/topic/226385-encrypting-query-parameters/#findComment-1168471 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.