What is safer way to send data - in $_GET or curl headers?

Ask about general coding issues or problems here.

Moderators: macek, egami, gesf

Igor
New php-forum User
New php-forum User
Posts: 1
Joined: Thu Mar 21, 2013 5:25 am

What is safer way to send data - in $_GET or curl headers?

Postby Igor » Thu Mar 21, 2013 5:28 am

I don't know how I want users to send password for my api - I want it to be in safe way.

What would you suggest?

seandisanti
php-forum Fan User
php-forum Fan User
Posts: 838
Joined: Mon Oct 01, 2012 12:32 pm

Re: What is safer way to send data - in $_GET or curl header

Postby seandisanti » Thu Mar 21, 2013 3:38 pm

You can never assume any method is 'safe' but think about it, with GET variables, the variable name and value are both openly displayed in the address bar. at least using POST you make them work for it a little bit. You can also verify the referer, etc to prevent cross site scripting, and make sure that fields can't be changed etc. It's impossible to prevent every possible way that form data can be abused, but $_REQUEST should never be used, and $_GET should only be used when you're sure the data can't be misused.

johnj
php-forum Super User
php-forum Super User
Posts: 1805
Joined: Thu Mar 10, 2011 5:07 pm

Re: What is safer way to send data - in $_GET or curl header

Postby johnj » Thu Mar 21, 2013 9:26 pm

Between $_GET and curl header, curl header is better "in this case".

User avatar
egami
php-forum GURU
php-forum GURU
Posts: 2196
Joined: Wed Oct 06, 2010 11:19 am
Location: Happy Valley, UT

Re: What is safer way to send data - in $_GET or curl header

Postby egami » Fri Mar 22, 2013 12:24 pm

I would use cURL & the HTML POST feature, over HTTPS.


Just my $.02


Return to “PHP coding => General”

Who is online

Users browsing this forum: No registered users and 3 guests