2

I use the userid for validation like this:"index.php?ui=XX".

How can I hide the number or change it to another number?

I don't want to users see id number.

Thanks.

Improve this question
2
  • Use a POST request. Commented Mar 6, 2018 at 11:14
  • POST request can still be read by users Commented Mar 6, 2018 at 11:15

2 Answers 2

Reset to default
0

Depends on why you don't want to show it.

If it's because you don't want the users to guess their sequential numbers then don't use userId in that case and instead generate UUID for each of the users (for example by using uniqid).

If you don't want the user to know their userId at all then, as long as you authenticate the user, you can utilise their login session and fetch the user info for them that way.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

when i want - move users to another users page - use it.
I don't understand what you mean by that? If you are trying to show user specific information on another page then you should not be basing it on userId passed in $_GET parameter or any other parameter for that matter. You should implement authentication and validate the user from their SESSION.
You might find this useful stackoverflow.com/questions/685855/…
i dont want authentication. just $_GET like facebook whene i click on a users profile i move to users page and url changes. i want hide that
you will have to use some sort of user ID anyway as a way to work out which user to load. For this you are better off using username or unique id which is not sequential. I would suggest you look at the first solution I suggested then.
-1

Pass the userid by using POST method, not GET. On other way you could learn some stuff about session handling. So you could store the userid in cookies and it will not appear in the url.

If you use Cookies, you can use the parameter on any location until you close the session.

Improve this answer

5 Comments

POST doesn't hide userId, user can still access it using developer tools.
Then I suggest to use cookies.
Cookies can also be accessed by user without any problem.
Which way are you using to passed sensitive datas?
see my answer above

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.