0

In my application I have used GET method to send data over URL in many places. I think it is a not secure way to send data over the URL. Just the data are showing in URL.

Ex:

<a href="check_appointments.php?user=<?php echo $_GET['userid'] ?>&p_id=<?php echo $_GET['pid'] ?>">  </a>

I want to transfer data in secure way. Is there any way to hide these information or any encryption method to follow. Please someone help me to improve my codes. Any help may highly appreciated.

Nasik
  • 27
  • 6
  • Does this answer your question? [PHP sending encrypted data via the URL](https://stackoverflow.com/questions/20014118/php-sending-encrypted-data-via-the-url) – D Coder Nov 09 '21 at 05:21

2 Answers2

1

You can encode your data by base64_encode method. It will be encrypted when sending via url. base64_decode to see the decrypted data.

<a href="check_appointments.php?user=<?php echo base64_encode($_GET['userid']) ?>&p_id=<?php echo base64_encode($_GET['pid']) ?>">  </a>
Deepak Kotian
  • 89
  • 9
1

use base64 encode is not the best way to send sensible data, this encoded data can be decoded with online decoders such as https://www.base64decode.org/, you must to use https protocol on your server to transfer sensible data and use a method like base64 encode just to "hide it".

Luis Roman
  • 46
  • 3
  • Anything can be decoded for developers/hackers, i think its only for the user not to show the user IDs. – Deepak Kotian Nov 09 '21 at 04:50
  • Luis has a point though. The question was for _secure_ data transfer. There is nothing secure about base64 encoding. Like the name says, it's encoding, not encryption. – buddemat Nov 09 '21 at 07:40