$_GET - Hide the URL details

Question

May I know if there is a way to hidden the URL or the full details on the URL. For example, I have a link that will show a details for a file report. For that link, I am using GET. Example as below,

$(document).ready(function(){
    $("#pr_id").change(function(){
        var pr_no = $('#pr_id').val();
        $.post('orderform.php',
        {
            pr_no : pr_no
        })
        .done(function(data){
            $('#result').html('<a href="../view-detail-purchase-pdf.php?pr_no='+ pr_no +'" class="popupwindow"');
            $(".popupwindow").popupwindow(profiles);    
        });
    }); 
});

Can I hide the pr_no on the link if using the GET method or if there is another option to do this. Can also provide me with a link or resource. Just for an info, I'm using a popupwindow plugin that will open the link in new window.

Update Code with POST

I'm not sure whether I am doing it correctly. It does POST the value to the selected page as seen on the Network Header but it does not open the new page as requested. Below are the update of my codes;

<script>
$(document).ready(function(){
    $("#pr_id").change(function(){
        var pr_no = $('#pr_id').val();
        $.post('orderform.php',
        {
            pr_no : pr_no
        })
        .done(function(data){
            $('#result').html('<a href="../view-detail-purchase-pdf.php?" class="popupwindow" id="newLink">' + pr_no + '</a>');
            $('#newLink').click(function(event){
                event.preventDefault();
                var page = $(this).attr('href');
                $.post(page,
                {
                    pr_no : pr_no
                })
                .done(function(data){
                    var myWindow = window.open(page, "MsgWindow", "width=800,height=800");
                });
            });
        });
    }); 
});
</script>

No. The whole point of a GET request is that data is passed in the URL. If you want to 'hide' values, pass them through POST instead - but note they are still visible in the request body. If you're worried about data security you would need to employ some form of data encryption. — Rory McCrossan, Jul 18 '16 at 16:36
You can't have a client send a request without letting the client see the request. You need to figure out what your security model is. You may be looking for session state. — SLaks, Jul 18 '16 at 16:36
Why use a GET request? Sounds like you need to post a form to a new window. — epascarello, Jul 18 '16 at 16:36
You could "hide" it with `POST` or `COOKIE` the information will still be present (viewable by someone that knows what they are doing) and could be manipulated though. — chris85, Jul 18 '16 at 16:37
I tried using POST before this but it does not send the values. Probably there is a mistake that I made — Amran, Jul 18 '16 at 16:47
If you for some reason need to use GET instead of POST and assuming you're just trying to hide from prying eyes and not someone with any degree of sophistication, base64_encode and base64_decode (on the server side) combined with btoa and atob (on the client side) should work. You can learn about them at: http://stackoverflow.com/questions/12102670/php-form-example-which-will-encrypt-query-string-get-data-hiding-rather-tha and http://stackoverflow.com/questions/246801/how-can-you-encode-a-string-to-base64-in-javascript — Ben Shoval, Jul 18 '16 at 16:55
Make sure your PHP code is using the `$_POST` or `$_REQUEST` variables to get the passed values from the AJAX request. If you use `$_GET` when your AJAX is POSTing those variables will not exist in PHP. — Jim, Jul 18 '16 at 19:32

$_GET - Hide the URL details

0 Answers0