[SOLVED] PHP GET Issue

[behzad]

Hi There.

 

I have Get Issue in URL

 

E.g

 

If I have a url lets say  "www.mydomain.com/page_x.php?passvariable=10"

 

If someone changes the "passvariable=10" To "passvariable=15" as example they go to that record that might not be relevent to them even if they are loged in.

 

Is there a way of validating or avoiding this to happen?

 

I am new to php realy so good explanation could help me better.

 

Thanks

[vijayfreaks]

Hi..

        so for any action like this b4 that you have to check whether specific user is logged in or not?

        for that you have to write code.. and if its there then user have access otherwise it will have err. msg/

-vijay

[behzad]

Hi there

 

Maybe I am not clear in my explanation.

 

The passvariable lets say being a product of some what. Is there a way if the number "value for the passvaiable"  if changed manually from the url string to be avoided?

 

I do not want some to get access to the products lets say from changing the passvariable in address bar of the browser.

 

 

[chronister]

Well, unless you have these numbers tied to a particular user, then I don't see a way to block someone from doing that. One other way around this would be to pass this variable using a session. This way the person cannot just change the number and gain access to other stuff.

 

 

Nate

[behzad]

O.K

 

So you mean assign it to a session variable use it on the next page and distroy the session variale after finished with it?

 

O.K

 

I work on that noe

 

Thanks Mate

[sstangle73]

you could use posts instead of gets

[chronister]

you could use posts instead of gets

 

That would require forms and such. In my opinion those sites that use forms and post vars for EVERYTHING get on my last freaking nerve. You can't refresh a page, and when you try to go back, you get the "post data already sent' message.

 

but that is just my opinion.

 

 

Nate