Board index   FAQ   Search  
Register  Login
Board index php forum :: php coding PHP coding => General

Detroying variables

Ask about general coding issues or problems here.

Moderators: macek, egami, gesf

Detroying variables

Postby Hadleigh » Tue Mar 18, 2003 8:37 am

Hi,

I am passing Form data (POST) to a script on a secure server for analysis. If the form data is correct I am then changing the URL to another domain in a non-secure area (via header(Location:...)). However, the browser is reporting that the data I am transferring to the new domain could be read by others. I have no use for the form data at this point, it's served it's purpose and I want to get rid of it and stop this message appearing.

Does anyone know how I do this?

I have tried unset() but that doesn't seem to work.

Thanks,

Hadleigh.
Hadleigh
New php-forum User
New php-forum User
 
Posts: 32
Joined: Tue Feb 04, 2003 10:32 am
Location: UK

Postby Redcircle » Tue Mar 18, 2003 10:04 am

I thought that was a function that the browser is SUPPOSED to do. The user would not be initiating the transfer to a non secure site. so.. it warns the user that they are leaving.

I may be wrong tho.. I've been wrong before.
User avatar
Redcircle
Moderator
Moderator
 
Posts: 830
Joined: Tue Jan 21, 2003 10:42 pm
Location: Michigan USA

Postby Hadleigh » Tue Mar 18, 2003 10:21 am

Cheers for the swift reply.

It's a strange one this as I can stop it from happening!

The way I have stopped it is very crude and involves making the page do a META refresh on the secure server ridding it of all the variable values, then, once it's Mr. Clean I META refresh it again, sending it to the non-secure server. This stops the message appearing and I can even pass variable values by reference to the non-secure server through this method. It goes against my very being though, and I don't want to do it this way.

I guessed that as the META refresh is controlled client side it wouldn't work for the reason you stated but my results seem to suggest that it is the forms data that is the problem??

I am very probably wrong tho.. it's a habit.

Hadleigh
Hadleigh
New php-forum User
New php-forum User
 
Posts: 32
Joined: Tue Feb 04, 2003 10:32 am
Location: UK

Postby Redcircle » Tue Mar 18, 2003 11:14 am

well the reason you are doing this is to pass variables why not just put the info in a database and access the database on the non-secure server.
User avatar
Redcircle
Moderator
Moderator
 
Posts: 830
Joined: Tue Jan 21, 2003 10:42 pm
Location: Michigan USA

Postby Hadleigh » Tue Mar 18, 2003 12:34 pm

My reason for wanting to get rid of the variables that have been passed in the post method is that they have been stored in the db for access within the non-secure area. Is there no way to do a 'destroy' such as with session data? I don't want to use session data as that doesn't work with everyone.

Essentially, as you may have guessed, I want this for a login system.

Thanks for your continuing time on this,

Hadleigh.
Hadleigh
New php-forum User
New php-forum User
 
Posts: 32
Joined: Tue Feb 04, 2003 10:32 am
Location: UK


Return to PHP coding => General

Who is online

Users browsing this forum: Google [Bot] and 2 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.

cron