>On Thu, 6 Jun 2002, Anzak Wolf wrote: > > $h=20; > > $w=80; > > print "<img src=\"image.php?h=$h&w=$w\">"; > > > > Now this is a much watered down version of what I'm doing, but the idea >is > > the same. I don't want to put the values I'm passing to the image in >the > > html code to be passed with a get. I'd like to be able to maybe pass >then > > in a POST format though I'm not sure how I can do that or if I can. The > > other idea I had was to start a session and register $h and $w then when >I > > start the images script I can connect to the session and get the values >form > > there though I would have to use Arrays so that I could keep data on >many > > diff. images. I could pass the array index to the image script which >would > > index all the array elements needed. The only down side I can see to >that > > is that I would have to serialize the array vars in order to maintain >them > > between sessions (index.php and image.php) and I would have a higher >over > > head on my session code which may impact preformance greatly. Anyone >have > > any ideas about this as in good idea bad idea, or other suggestions on >how > > to pass this data without letting the user see it. > >You don't want them to see it for which reason? > >1) It's highly confidential; or >2) It looks ugly; or >3) You don't want casual users messing with it...? > >If 3, just base64 encode the serialized array of data and most people will >leave it alone (it'll just look like a string of random letters and >numbers) > >Posting isn't that useful unless the image is going to show up on its own >in the web browser window. > >Sessions are okay, but once people start using the back button you are >going to have some weird side effects. > >miguel > > It's not confidental, but I don't want users figuring out my backend image code from it. While I'm not sure what they could do with it other than make images the way they want and display then for themselves I don't see any danger in it. I just don't like messy long URL lines. I'm already going to be giving the users a way to customize the site so they don't need to me messing with varibles passed to the image script. As for your comment about the back button I have come up with a section of code for my site that stops user for doing much with the back or reload button. I keep track of a link counter in a session var and then if they hit back or reload the link counter that gets sent in the post data is not equal to counter++ and so I redirect them to an error page that explains that the site does not allow the use of the back button or reload buttons.
-Jim _________________________________________________________________ Join the world’s largest e-mail service with MSN Hotmail. http://www.hotmail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
