chiefrokka Posted March 27, 2008 Share Posted March 27, 2008 still new to php. got a side job and need to know how do you hide variables from a link so a user can't hover their mouse over the http link and see the whole link? I need to send an http link to another company's API that requires all the variables in a link that is passed. something like this for example: $DownloadLink = "http://www.domain.com/test.mp3" $link = "www.theirDomain.com/testapi.asmx/Send?Email=yourmail&Password=yourpass&DownloadLink=".$DownloadLink.""; there's more variables to this $link but you get the idea. I don't want anyone to see the actual email, password, etc. that's in the link though if they hover their mouse. they mentioned I have to do URL Encoding or something like that? Can anyone help explain how to do this so people can't steal the password and all that. i'm a newbie to this url encode so if you can provide code that would do it that would be great. thanks Quote Link to comment Share on other sites More sharing options...
discomatt Posted March 27, 2008 Share Posted March 27, 2008 You could obfuscate it, but even that isn't recommended. Security through obscurity is not a smart game plan. Your best bet is to cURL/fopen the information over to the other api and grab and parse the results yourself. This way the end user never sees anything beyond a possible identifying key which references that information. Even then, sending any sensitive information via HTTP over the net is never smart. Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 27, 2008 Share Posted March 27, 2008 mod_rewrite... http://www.workingwith.me.uk/articles/scripting/mod_rewrite or use md5 but md5 is not un criptable.... http://uk.php.net/md5 or even for non hackers base64 http://uk2.php.net/base64_encode Quote Link to comment Share on other sites More sharing options...
chiefrokka Posted March 27, 2008 Author Share Posted March 27, 2008 mod_rewrite... http://www.workingwith.me.uk/articles/scripting/mod_rewrite or use md5 but md5 is not un criptable.... http://uk.php.net/md5 or even for non hackers base64 http://uk2.php.net/base64_encode I tried reading those and still a little confused as to how i could use them. the mod_rewrite seems like it redirects you to a site that is a shortcut of the actual link so you can hide variables which is cool. but I just want to send a link to this company and it spits back a success or failure value. a user inputs their ID and I validate that it exists and they have money in account and can download a specific file... when they click download they aren't actually going to a website with this link. it's just a link that's going to this companie's API that parses the variables and that company is like the middle man and sends an email to that users ID. they check their email and click downloadable link. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.