• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
security after enabling query strings

#1
[eluser]learnq[/eluser]
Hi,
I have to enable query_strings for paypal &other;payment getway as they return
through GET.
Now , as I enable query strings CI do not filter the datas by default.
If I take all data like

Code:
$name = $this->input->post('name',TRUE) ;
$name = $this->input->get('name',TRUE) ;
am I safe ? If not, how can I filter the data in better way ?

Thanks.

#2
[eluser]johnwbaxter[/eluser]
Paypal can return through post, you just need to specify post as the return method in the data you send to them each time, and I bet other payment gateways all allow post, I've never used one that doesn't.

#3
[eluser]learnq[/eluser]
are you sure about paypal ? both IPN & PDT ?
Another Payment gatway that I am using does not support POST.
Anyway , what is the best way to secure data when query string is enable >
Thanks.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.