Encrypt the Query String

Talk about programming tricks and examples

Moderator: alexandrleonenko

brendandale
Newbie
Newbie
Posts: 2
Joined: Aug 24th, '10, 06:25

Encrypt the Query String

Postby brendandale » Aug 24th, '10, 06:32

Hi there,

I am a new user of the DataGrid, and so far it seems great! Just one concern I have is that the querystring is "plain english", as in this example:
http://localhost/test/test.php?abc_mode ... 10&abc_p=1

I could just manually enter a different id and then edit that record.

Is there any option / setting that would allow me to encrypt this query string? Or, how do other people overcome this?

I am developing membership admin system and security needs to be tight...

Many thanks,
Brendan

administrator
Site Admin
Site Admin
Posts: 6011
Joined: Jan 7th, '09, 23:18
Contact:

Re: Encrypt the Query String

Postby administrator » Aug 24th, '10, 12:07

Try to turn public $safeMode = true;
It encodes some important parameters in url

brendandale
Newbie
Newbie
Posts: 2
Joined: Aug 24th, '10, 06:25

Re: Encrypt the Query String

Postby brendandale » Aug 24th, '10, 12:34

Thanks. I have done this but it does not make a big difference. The record id is still visible to all and can easily be changed by malicious users.

Although not critical to me yet, it will soon become. I shall attempt to encrypt the record and let you know once done...

er_ce
Junior
Junior
Posts: 11
Joined: Apr 19th, '10, 21:50

Re: Encrypt the Query String

Postby er_ce » Oct 31st, '10, 16:54

Hi,

When I set the safeMode=true most of the features dows not work. Firebug says, there are errors in do_PostBack function.
When I have links in the rows, I need to encode those paramaters also. I think the encoding/decoding property should be improved for this grid.

administrator
Site Admin
Site Admin
Posts: 6011
Joined: Jan 7th, '09, 23:18
Contact:

Re: Encrypt the Query String

Postby administrator » Nov 1st, '10, 08:56

Ok, will check this issue in the next version. Currently you may use POST method for

$dgrid->SetPostBackMethod("post");


Return to “Programming Tricks”