Professional Web Applications Themes

robust variable passing - PHP Development

Hello. I'm engaged in developing a fairly meaty web application (FreeMIS). Everything is routed through index.php, with $_GET variables controlling which pages are shown and which actions taken. Early on (when I knew very little about PHP) I realised that I had to come up with a way of passing on all the navigation variables in forms, so the application would know where to go. I chose not to use cookies or session variables, for security reasons. I made up 2 functions; one to to pass on all the existing $_GET variables via additions to the "action" url of the ...

  1. #1

    Default robust variable passing

    Hello.

    I'm engaged in developing a fairly meaty web application (FreeMIS).
    Everything is routed through index.php, with $_GET variables controlling
    which pages are shown and which actions taken. Early on (when I knew very
    little about PHP) I realised that I had to come up with a way of passing on
    all the navigation variables in forms, so the application would know where
    to go. I chose not to use cookies or session variables, for security
    reasons. I made up 2 functions; one to to pass on all the existing $_GET
    variables via additions to the "action" url of the form, and one to pass on
    all the existing $_POST variables via hidden input elements. Each function
    takes as parameter an array of variables that should NOT be passed on.

    This approach works, but it's ugly as hell. The complication is that
    sometimes the target form should pass on the variables that it received,
    and sometimes it should forget them.

    For example, suppose a screen contains a form to process an object, and also
    a form to navigate to other objects for processing. The former form should
    pass on the variable identifying itself, whereas the latter one shouldn't,
    as it is going to assign a new value to the variable.

    This seems like a generic application design problem, but I can't find a
    neat solution anywhere. Apologies if I'm missing something obvious!


    Can anyone help?


    --
    Robert Jones
    Robert Guest

  2. #2

    Default Re: robust variable passing

    Robert Jones said the following on 20/06/2005 21:00: 

    Hi.

    Why do you consider session variables *less* secure than $_GET and
    $_POST strings?


    --
    Oli
    Oli Guest

  3. #3

    Default Re: robust variable passing

    Oli Filth wrote: 

    No idea :) ! Something I read when I was starting out with PHP and web
    application development. Doesn't make any sense really does it? So maybe
    I should use session variables. My original question still stands, about
    how people deal with variables being passed around, some of which should
    persist and some of which shouldn't in different contexts.


    --
    Robert Jones
    Robert Guest

Similar Threads

  1. Help on Passing a variable
    By stovalldesign in forum Dreamweaver AppDev
    Replies: 3
    Last Post: July 22nd, 07:18 PM
  2. Passing a variable
    By Angie2099 in forum Coldfusion - Getting Started
    Replies: 2
    Last Post: June 26th, 02:33 PM
  3. passing variable
    By Troy in forum ASP Components
    Replies: 2
    Last Post: June 16th, 07:48 PM
  4. Passing variable
    By Sudipto in forum Macromedia Director Lingo
    Replies: 2
    Last Post: December 30th, 03:26 PM
  5. Replies: 7
    Last Post: July 17th, 04:54 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139