if there is a system of your id's, like 1.. 2... 3... 4.. and such, you should consider obfuscating the id's. Especially if you dont have any form of login system that serve the client the id they want.
What you really should consider is having a login system that after the user is logged in you serve the user the correct content, and all from what is stored in the session. Meaning you dont need client side javascript or hidden forms at all. If the id's are unguessable however I wouldt care that much, on the other hand - is the information in mention sensitive? If so you are back to the login system again. -- Kim Steinhaug ------------------------------------------------------------------------- There are 10 types of people when it comes to binary numbers: those who understand them, and those who don't. ------------------------------------------------------------------------- www.steinhaug.com - www.easywebshop.no - www.easycms.no www.webkitpro.com ------------------------------------------------------------------------- "Klaus" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi all, > > I am to set up a service where users can view news of companies. > To identify the company selected an easy way is to use the company-id. > The id is not displayed but stored in the client browser as JS-variable. > > Question: > Is it ok to use the company-id or do I have to encrypt the id > using mcrypt (takes some time)? > > > Thanks in advance > Klaus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
