| How to Pass Information to server safely? |
[eluser]Devyn[/eluser]
Hi, Following is the prototype of my app and please have a look at it. http://staging-colorfulcloud.aptanacloud...eart_game/ If you check on the link of a cell, you'll see a session id followed by the value of card you choose. For eg, following is the link of Player 4's C10 card. http://staging-colorfulcloud.aptanacloud...d8c2d2/C10 My question if how can I pass that "C10" value to the server without user interruption(I mean I want to hide that value from user to prevent hacking). The URL style is not fixed and it can be changed according to method. I'm now storing that session data into database. Please guide me and I really need your help, guys! Thanks in advance!
[eluser]Damien K.[/eluser]
You do a http post (javascript is required). However, there is no real difference with what you're doing now, which is essentially a http get. Don't show your session id would be a step in the right direction. Encrypt your cookie is another step forward. Validate your session with a database will be a step further. Can't advise further without the use case of your application. Damien K.
[eluser]taewoo[/eluser]
cookie or POST + security: one way encrption + security: SSL
[eluser]Devyn[/eluser]
Thanks for your guides. What do you suggest for session and cookie encryption? Is CI support for that kind of encriptioin?
[eluser]jedd[/eluser]
[quote author="Devyn" date="1253370569"] What do you suggest for session and cookie encryption? Is CI support for that kind of encriptioin?[/quote] If only someone (me) had [url="http://ellislab.com/forums/viewreply/639084/"]already posted[/url] a response to this same question that someone (you) asked two days ago.
[eluser]Devyn[/eluser]
I am really sorry for my question. I'll take care in the future. |
| Welcome Guest, Not a member yet? Register Sign In |
