encryption?

Anon

How to send in a secure way the following url?
http:\localhost\test\email=$email&passw\$passw

I don't want the user to see the content of $passw. I have tryed the crypt function, but it doesn't change the value of the variable to its original value.
I looked in a php book and it brings another two functions: encrypt and decrypt with the following example:

<?PHP
$message = "this is a plain text message";
$password = "secret";
$data = encrypt($message, 0, $password);
print(decrypt($data, 0 ,$password));

?>
It didn't work, why? Look the message?

Fatal error: Call to unsupported or undefined function encrypt() in C:/xitami/webpages/agenda/test.php3 on line 4

Anon

I use hidden fields in my forms or cookies.
<INPUT TYPE="hidden" NAME=passwd" VALUE="<? echo $passwd ?>">

or cookie
setcookie ("passwd", $passwd);

Then reference them by just calling $passwd.

Hope this helps.

Anon

But this will work only with submiton method. Not like when the user clicks a hyperlink. I need a solution when the variable is on the hyperlink.

Thanks

Rodrigo

Anon

Hash the variables with md5() and send that on the hyperlink. Then on the processing side, hash the variables you want to match and compare it to the passed string. (md5 is next to impossible to reverse with current technology.)

href="my.htm?token=<?php echo md5($userid.$password); ?>"

on the receiving end:

if ($token==md5($uidfromdb.$pwfromdb) { ...