Re: [Semi-OT] encrypted variable in URL

This WebDNA talk-list message is from

2005


It keeps the original formatting.
numero = 62700
interpreted = N
texte = Mark Try doing something like hiding the variable in the variable. You could have it sent to you in a format that when you broke it down you could extract the required data. EG: You require the variable 2468 to be sent to you. Have them send it to you as xxxxxx2468xxxxxx where x=random digit, then use [GetChars start=7&end=10] xxxxxx2468xxxxxx[/GetChars] If the value is as low a 2 digits, you will have to have it sent to you with leading zeros eg You require 34, have them send xxxxxx0034xxxxxx then strip the zeros off [Math][GetChars start=7&end=10] xxxxxx0034xxxxxx[/GetChars]+0[/Math] = 34 Now if you are using letters or a mix I will leave it to you :) Stuart Tremain idfk web developments, sydney, australia On 29 Jul 2005, at 7:40 AM, Mark Derrick wrote: > Simple problem - got a third-party that wants to click-through to > us whilst also sending a variable on the incoming link. > Now the easy bit is to use SSL and get them to use POST, and to > check the [referrer] - BUT as an extra level of protection (to stop > the value of the variable being adjusted), we'd also like to > somehow either encrypt the value or include some kind of checksum. > The problem is that the value may be as low as 2 digits. > I'm also that not happy about trusting security on [referrer], so > encrypting the value would solve a lot of problems > > Anyone doing anything similar, feedback about what works and what > doesn't would be useful. > > Thanks. > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com> > Web Archive of this list is at: http://webdna.smithmicro.com/ > ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [Semi-OT] encrypted variable in URL ( Mark Derrick 2005)
  2. Re: [Semi-OT] encrypted variable in URL ( Stuart Tremain 2005)
  3. [Semi-OT] encrypted variable in URL ( Mark Derrick 2005)
Mark Try doing something like hiding the variable in the variable. You could have it sent to you in a format that when you broke it down you could extract the required data. EG: You require the variable 2468 to be sent to you. Have them send it to you as xxxxxx2468xxxxxx where x=random digit, then use [GetChars start=7&end=10] xxxxxx2468xxxxxx[/GetChars] If the value is as low a 2 digits, you will have to have it sent to you with leading zeros eg You require 34, have them send xxxxxx0034xxxxxx then strip the zeros off [math][GetChars start=7&end=10] xxxxxx0034xxxxxx[/GetChars]+0[/Math] = 34 Now if you are using letters or a mix I will leave it to you :) Stuart Tremain idfk web developments, sydney, australia On 29 Jul 2005, at 7:40 AM, Mark Derrick wrote: > Simple problem - got a third-party that wants to click-through to > us whilst also sending a variable on the incoming link. > Now the easy bit is to use SSL and get them to use POST, and to > check the [referrer] - BUT as an extra level of protection (to stop > the value of the variable being adjusted), we'd also like to > somehow either encrypt the value or include some kind of checksum. > The problem is that the value may be as low as 2 digits. > I'm also that not happy about trusting security on [referrer], so > encrypting the value would solve a lot of problems > > Anyone doing anything similar, feedback about what works and what > doesn't would be useful. > > Thanks. > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com> > Web Archive of this list is at: http://webdna.smithmicro.com/ > ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Stuart Tremain

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Search Debugging (2004) serial number generation (1997) Generating Options for a Form. (1997) Math Problem - Format? (1997) free "Image Viewer" widget (2004) form data submission gets truncated (1997) Can WC remember people? (1998) PageMaker/Quark to db (1999) RE: Credit card processing - UK (1997) Running 2 two WebCatalog.acgi's (1996) [WebDNA] for a rainy day.. if ever/when the hood is up again on the [function]/[return] code (2011) WebCat2.0 acgi vs plugin (1997) Does webcatalog recognise NULL values? (1998) Partner Edition question ... (2003) taxTotal, grandTotal (1997) [WebDNA] SETCOOKIE (2009) RAM variables (1997) Session Number (1998) Showif -what am I missing??? (1999) WebCatalog [FoundItems] Problem - LONG - (1997)