Re: Hiding variables passed via URL

From: The Natural Philosopher <a@xxx>
Date: Mon, 14 Jul 2008 11:04:20 +0100

Jerry Stuckle wrote:

The Natural Philosopher wrote:
sheldonlg wrote:
C. (http://symcbean.blogspot.com/) wrote:
On Jul 13, 7:13 am, The Natural Philosopher <a...@xxx> wrote:
Michael Fesser wrote:
.oO(The Natural Philosopher)
Michael Fesser wrote:
You can't redirect a POST request.
Are you sure?
Sending POST data to another location must be triggered or at least
confirmed by the user. Automatically redirecting anything other than
GET or HEAD is explicitly forbidden by the HTTP spec ("MUST NOT").

Ah, it may be forbidden, but does it work? ;-)

Micha

NO

Besides all that, a "hidden" variable is not really "hidden". A "view source" will expose that variable. Session variables are, indeed, the way to go.

well you can view cookies as well.

Frankly, though, I don't see the big problem. Since the OP is passing in the error message, it is obviously to display it to the user. Otherwise, why do it? If it is also in the URL, so what?

What does that have to do with this conversation? No one has mentioned cookies until you did.

What else constitutes a 'session variable' apart from POST or GET data or cookies?

Why do you keep bringing up unrelated topics?

Because they are related.
.

Follow-Ups:
- Re: Hiding variables passed via URL
  - From: Jerry Stuckle

References:
- Hiding variables passed via URL
  - From: chochote
- Re: Hiding variables passed via URL
  - From: The Natural Philosopher
- Re: Hiding variables passed via URL
  - From: Michael Fesser
- Re: Hiding variables passed via URL
  - From: The Natural Philosopher
- Re: Hiding variables passed via URL
  - From: Michael Fesser
- Re: Hiding variables passed via URL
  - From: The Natural Philosopher
- Re: Hiding variables passed via URL
  - From: C. (http://symcbean.blogspot.com/)
- Re: Hiding variables passed via URL
  - From: sheldonlg
- Re: Hiding variables passed via URL
  - From: The Natural Philosopher
- Re: Hiding variables passed via URL
  - From: Jerry Stuckle

Prev by Date: Re: How upload works?
Next by Date: Re: How upload works?
Previous by thread: Re: Hiding variables passed via URL
Next by thread: Re: Hiding variables passed via URL
Index(es):
- Date
- Thread

Relevant Pages

Re: Hiding variables passed via URL
... Sending POST data to another location must be triggered or at least ... Automatically redirecting anything other than ... A "view source" will expose that variable. ... Session variables are, indeed, the way to go. ...
(comp.lang.php)
Re: Hiding variables passed via URL
... sheldonlg wrote: ... Sending POST data to another location must be triggered or at least ... Automatically redirecting anything other than ... Session variables are, indeed, the way to go. ...
(comp.lang.php)
Re: Hiding variables passed via URL
... Sending POST data to another location must be triggered or at least ... Automatically redirecting anything other than ... What else constitutes a 'session variable' apart from POST or GET data or cookies? ... But then you don't understand that session variables aren't POST or GET data or cookies. ...
(comp.lang.php)
Re: Hiding variables passed via URL
... Automatically redirecting anything other than ... well you can view cookies as well. ... But then you don't understand that session variables aren't POST or GET ... You could coordinate PHP with Javascript. ...
(comp.lang.php)