Is there any way to pass a php variable which will be 'hidden' even if user check source code of my page?









up vote
0
down vote

favorite












when i use a code like,



<input type="hidden" name="foo" value="<?php echo $var;?>" />


the $var is displayed in source code of my web page. is there any way i can hide that variable from my users seeing in my source code by using PHP/Codeigniter? am using codeigniter for my project.



in short, what i want to do is send data to a controller when a form is submitted. but not through url or hidden html input fields










share|improve this question





















  • I guess you'll have to pass through the value by using sessions.
    – dn Fer
    Nov 11 at 15:30










  • You can encrypt a hidden value.
    – Progrock
    Nov 11 at 18:20











  • It looks as if CI has an encryption library. codeigniter.com/user_guide/libraries/encryption.html
    – Progrock
    Nov 11 at 18:31










  • Does it matter if people see the value/variable?
    – Progrock
    Nov 11 at 18:32











  • Thanks for your replys guys. Both sessions and encrypting will do the job. I feel sessions work better for my project. Anyway thanks guys
    – Rishad
    Nov 11 at 22:32














up vote
0
down vote

favorite












when i use a code like,



<input type="hidden" name="foo" value="<?php echo $var;?>" />


the $var is displayed in source code of my web page. is there any way i can hide that variable from my users seeing in my source code by using PHP/Codeigniter? am using codeigniter for my project.



in short, what i want to do is send data to a controller when a form is submitted. but not through url or hidden html input fields










share|improve this question





















  • I guess you'll have to pass through the value by using sessions.
    – dn Fer
    Nov 11 at 15:30










  • You can encrypt a hidden value.
    – Progrock
    Nov 11 at 18:20











  • It looks as if CI has an encryption library. codeigniter.com/user_guide/libraries/encryption.html
    – Progrock
    Nov 11 at 18:31










  • Does it matter if people see the value/variable?
    – Progrock
    Nov 11 at 18:32











  • Thanks for your replys guys. Both sessions and encrypting will do the job. I feel sessions work better for my project. Anyway thanks guys
    – Rishad
    Nov 11 at 22:32












up vote
0
down vote

favorite









up vote
0
down vote

favorite











when i use a code like,



<input type="hidden" name="foo" value="<?php echo $var;?>" />


the $var is displayed in source code of my web page. is there any way i can hide that variable from my users seeing in my source code by using PHP/Codeigniter? am using codeigniter for my project.



in short, what i want to do is send data to a controller when a form is submitted. but not through url or hidden html input fields










share|improve this question













when i use a code like,



<input type="hidden" name="foo" value="<?php echo $var;?>" />


the $var is displayed in source code of my web page. is there any way i can hide that variable from my users seeing in my source code by using PHP/Codeigniter? am using codeigniter for my project.



in short, what i want to do is send data to a controller when a form is submitted. but not through url or hidden html input fields







php html forms codeigniter codeigniter-3






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 11 at 15:18









Rishad

179110




179110











  • I guess you'll have to pass through the value by using sessions.
    – dn Fer
    Nov 11 at 15:30










  • You can encrypt a hidden value.
    – Progrock
    Nov 11 at 18:20











  • It looks as if CI has an encryption library. codeigniter.com/user_guide/libraries/encryption.html
    – Progrock
    Nov 11 at 18:31










  • Does it matter if people see the value/variable?
    – Progrock
    Nov 11 at 18:32











  • Thanks for your replys guys. Both sessions and encrypting will do the job. I feel sessions work better for my project. Anyway thanks guys
    – Rishad
    Nov 11 at 22:32
















  • I guess you'll have to pass through the value by using sessions.
    – dn Fer
    Nov 11 at 15:30










  • You can encrypt a hidden value.
    – Progrock
    Nov 11 at 18:20











  • It looks as if CI has an encryption library. codeigniter.com/user_guide/libraries/encryption.html
    – Progrock
    Nov 11 at 18:31










  • Does it matter if people see the value/variable?
    – Progrock
    Nov 11 at 18:32











  • Thanks for your replys guys. Both sessions and encrypting will do the job. I feel sessions work better for my project. Anyway thanks guys
    – Rishad
    Nov 11 at 22:32















I guess you'll have to pass through the value by using sessions.
– dn Fer
Nov 11 at 15:30




I guess you'll have to pass through the value by using sessions.
– dn Fer
Nov 11 at 15:30












You can encrypt a hidden value.
– Progrock
Nov 11 at 18:20





You can encrypt a hidden value.
– Progrock
Nov 11 at 18:20













It looks as if CI has an encryption library. codeigniter.com/user_guide/libraries/encryption.html
– Progrock
Nov 11 at 18:31




It looks as if CI has an encryption library. codeigniter.com/user_guide/libraries/encryption.html
– Progrock
Nov 11 at 18:31












Does it matter if people see the value/variable?
– Progrock
Nov 11 at 18:32





Does it matter if people see the value/variable?
– Progrock
Nov 11 at 18:32













Thanks for your replys guys. Both sessions and encrypting will do the job. I feel sessions work better for my project. Anyway thanks guys
– Rishad
Nov 11 at 22:32




Thanks for your replys guys. Both sessions and encrypting will do the job. I feel sessions work better for my project. Anyway thanks guys
– Rishad
Nov 11 at 22:32












2 Answers
2






active

oldest

votes

















up vote
2
down vote



accepted










You can use codeigniter's session library to store data which won't be visible in source code.



  • Session library need to be loaded ($this->load->library('session'); or autoload in application/config/autoload.php )

  • In your controller set the data what you want to store ($this->session->set_userdata(['your_secret_data_key' => 'your_secret_data_value']);)

  • You can retrieve your data ($this->session->userdata('your_secret_data_key');)

So before you generate the form add the data, and in the controller which will process your form you can retrieve the previously stored data.



More info about the session library: Codeigniter's session library documentation






share|improve this answer




















  • Thanks for the details. I feel This solution will be more practical as i have to deal with sessions already in my code. Also ecrypt and decrypt wont do the work as other can decrypt easily. Anyway thanks a ton for your time
    – Rishad
    Nov 11 at 22:18

















up vote
0
down vote













You can use encryption library to encrypt this value before you send it to the view and upon retrieving it decrypt it again.



Loading the library: $this->load->library('encryption');



you can find more details in the documentation about its configurations.
encryption



$var = 'value';
$var = $this->encryption->encrypt($var);
$this->load->view('view', array('var' => $var));


Now you have an encrypted $var, do whatever you have to do and upon retrieval you can just use this:



$var = $this->encryption->decrypt($var);
echo $var; // value





share|improve this answer




















  • Thanks for the response. But i feel like setting session and destroying after use will be more helpful as anyone can decrypt my encrypted data.
    – Rishad
    Nov 11 at 22:20










  • @Rishad, it would be pretty pointless encryption if anyone could decrypt it. You'll be the only one with the key.
    – Progrock
    Nov 12 at 5:53










  • @Rishad, the question errs towards having some payload in the user submitted form. "i want to do is send data to a controller when a form is submitted". Sessions may be an alternative workaround for you. But sessions can dangle somewhat, you've a tight coupling to server side transient data that way.
    – Progrock
    Nov 12 at 6:00











Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53250141%2fis-there-any-way-to-pass-a-php-variable-which-will-be-hidden-even-if-user-chec%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
2
down vote



accepted










You can use codeigniter's session library to store data which won't be visible in source code.



  • Session library need to be loaded ($this->load->library('session'); or autoload in application/config/autoload.php )

  • In your controller set the data what you want to store ($this->session->set_userdata(['your_secret_data_key' => 'your_secret_data_value']);)

  • You can retrieve your data ($this->session->userdata('your_secret_data_key');)

So before you generate the form add the data, and in the controller which will process your form you can retrieve the previously stored data.



More info about the session library: Codeigniter's session library documentation






share|improve this answer




















  • Thanks for the details. I feel This solution will be more practical as i have to deal with sessions already in my code. Also ecrypt and decrypt wont do the work as other can decrypt easily. Anyway thanks a ton for your time
    – Rishad
    Nov 11 at 22:18














up vote
2
down vote



accepted










You can use codeigniter's session library to store data which won't be visible in source code.



  • Session library need to be loaded ($this->load->library('session'); or autoload in application/config/autoload.php )

  • In your controller set the data what you want to store ($this->session->set_userdata(['your_secret_data_key' => 'your_secret_data_value']);)

  • You can retrieve your data ($this->session->userdata('your_secret_data_key');)

So before you generate the form add the data, and in the controller which will process your form you can retrieve the previously stored data.



More info about the session library: Codeigniter's session library documentation






share|improve this answer




















  • Thanks for the details. I feel This solution will be more practical as i have to deal with sessions already in my code. Also ecrypt and decrypt wont do the work as other can decrypt easily. Anyway thanks a ton for your time
    – Rishad
    Nov 11 at 22:18












up vote
2
down vote



accepted







up vote
2
down vote



accepted






You can use codeigniter's session library to store data which won't be visible in source code.



  • Session library need to be loaded ($this->load->library('session'); or autoload in application/config/autoload.php )

  • In your controller set the data what you want to store ($this->session->set_userdata(['your_secret_data_key' => 'your_secret_data_value']);)

  • You can retrieve your data ($this->session->userdata('your_secret_data_key');)

So before you generate the form add the data, and in the controller which will process your form you can retrieve the previously stored data.



More info about the session library: Codeigniter's session library documentation






share|improve this answer












You can use codeigniter's session library to store data which won't be visible in source code.



  • Session library need to be loaded ($this->load->library('session'); or autoload in application/config/autoload.php )

  • In your controller set the data what you want to store ($this->session->set_userdata(['your_secret_data_key' => 'your_secret_data_value']);)

  • You can retrieve your data ($this->session->userdata('your_secret_data_key');)

So before you generate the form add the data, and in the controller which will process your form you can retrieve the previously stored data.



More info about the session library: Codeigniter's session library documentation







share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 11 at 15:38









fff

534




534











  • Thanks for the details. I feel This solution will be more practical as i have to deal with sessions already in my code. Also ecrypt and decrypt wont do the work as other can decrypt easily. Anyway thanks a ton for your time
    – Rishad
    Nov 11 at 22:18
















  • Thanks for the details. I feel This solution will be more practical as i have to deal with sessions already in my code. Also ecrypt and decrypt wont do the work as other can decrypt easily. Anyway thanks a ton for your time
    – Rishad
    Nov 11 at 22:18















Thanks for the details. I feel This solution will be more practical as i have to deal with sessions already in my code. Also ecrypt and decrypt wont do the work as other can decrypt easily. Anyway thanks a ton for your time
– Rishad
Nov 11 at 22:18




Thanks for the details. I feel This solution will be more practical as i have to deal with sessions already in my code. Also ecrypt and decrypt wont do the work as other can decrypt easily. Anyway thanks a ton for your time
– Rishad
Nov 11 at 22:18












up vote
0
down vote













You can use encryption library to encrypt this value before you send it to the view and upon retrieving it decrypt it again.



Loading the library: $this->load->library('encryption');



you can find more details in the documentation about its configurations.
encryption



$var = 'value';
$var = $this->encryption->encrypt($var);
$this->load->view('view', array('var' => $var));


Now you have an encrypted $var, do whatever you have to do and upon retrieval you can just use this:



$var = $this->encryption->decrypt($var);
echo $var; // value





share|improve this answer




















  • Thanks for the response. But i feel like setting session and destroying after use will be more helpful as anyone can decrypt my encrypted data.
    – Rishad
    Nov 11 at 22:20










  • @Rishad, it would be pretty pointless encryption if anyone could decrypt it. You'll be the only one with the key.
    – Progrock
    Nov 12 at 5:53










  • @Rishad, the question errs towards having some payload in the user submitted form. "i want to do is send data to a controller when a form is submitted". Sessions may be an alternative workaround for you. But sessions can dangle somewhat, you've a tight coupling to server side transient data that way.
    – Progrock
    Nov 12 at 6:00















up vote
0
down vote













You can use encryption library to encrypt this value before you send it to the view and upon retrieving it decrypt it again.



Loading the library: $this->load->library('encryption');



you can find more details in the documentation about its configurations.
encryption



$var = 'value';
$var = $this->encryption->encrypt($var);
$this->load->view('view', array('var' => $var));


Now you have an encrypted $var, do whatever you have to do and upon retrieval you can just use this:



$var = $this->encryption->decrypt($var);
echo $var; // value





share|improve this answer




















  • Thanks for the response. But i feel like setting session and destroying after use will be more helpful as anyone can decrypt my encrypted data.
    – Rishad
    Nov 11 at 22:20










  • @Rishad, it would be pretty pointless encryption if anyone could decrypt it. You'll be the only one with the key.
    – Progrock
    Nov 12 at 5:53










  • @Rishad, the question errs towards having some payload in the user submitted form. "i want to do is send data to a controller when a form is submitted". Sessions may be an alternative workaround for you. But sessions can dangle somewhat, you've a tight coupling to server side transient data that way.
    – Progrock
    Nov 12 at 6:00













up vote
0
down vote










up vote
0
down vote









You can use encryption library to encrypt this value before you send it to the view and upon retrieving it decrypt it again.



Loading the library: $this->load->library('encryption');



you can find more details in the documentation about its configurations.
encryption



$var = 'value';
$var = $this->encryption->encrypt($var);
$this->load->view('view', array('var' => $var));


Now you have an encrypted $var, do whatever you have to do and upon retrieval you can just use this:



$var = $this->encryption->decrypt($var);
echo $var; // value





share|improve this answer












You can use encryption library to encrypt this value before you send it to the view and upon retrieving it decrypt it again.



Loading the library: $this->load->library('encryption');



you can find more details in the documentation about its configurations.
encryption



$var = 'value';
$var = $this->encryption->encrypt($var);
$this->load->view('view', array('var' => $var));


Now you have an encrypted $var, do whatever you have to do and upon retrieval you can just use this:



$var = $this->encryption->decrypt($var);
echo $var; // value






share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 11 at 21:51









Sherif Salah

44237




44237











  • Thanks for the response. But i feel like setting session and destroying after use will be more helpful as anyone can decrypt my encrypted data.
    – Rishad
    Nov 11 at 22:20










  • @Rishad, it would be pretty pointless encryption if anyone could decrypt it. You'll be the only one with the key.
    – Progrock
    Nov 12 at 5:53










  • @Rishad, the question errs towards having some payload in the user submitted form. "i want to do is send data to a controller when a form is submitted". Sessions may be an alternative workaround for you. But sessions can dangle somewhat, you've a tight coupling to server side transient data that way.
    – Progrock
    Nov 12 at 6:00

















  • Thanks for the response. But i feel like setting session and destroying after use will be more helpful as anyone can decrypt my encrypted data.
    – Rishad
    Nov 11 at 22:20










  • @Rishad, it would be pretty pointless encryption if anyone could decrypt it. You'll be the only one with the key.
    – Progrock
    Nov 12 at 5:53










  • @Rishad, the question errs towards having some payload in the user submitted form. "i want to do is send data to a controller when a form is submitted". Sessions may be an alternative workaround for you. But sessions can dangle somewhat, you've a tight coupling to server side transient data that way.
    – Progrock
    Nov 12 at 6:00
















Thanks for the response. But i feel like setting session and destroying after use will be more helpful as anyone can decrypt my encrypted data.
– Rishad
Nov 11 at 22:20




Thanks for the response. But i feel like setting session and destroying after use will be more helpful as anyone can decrypt my encrypted data.
– Rishad
Nov 11 at 22:20












@Rishad, it would be pretty pointless encryption if anyone could decrypt it. You'll be the only one with the key.
– Progrock
Nov 12 at 5:53




@Rishad, it would be pretty pointless encryption if anyone could decrypt it. You'll be the only one with the key.
– Progrock
Nov 12 at 5:53












@Rishad, the question errs towards having some payload in the user submitted form. "i want to do is send data to a controller when a form is submitted". Sessions may be an alternative workaround for you. But sessions can dangle somewhat, you've a tight coupling to server side transient data that way.
– Progrock
Nov 12 at 6:00





@Rishad, the question errs towards having some payload in the user submitted form. "i want to do is send data to a controller when a form is submitted". Sessions may be an alternative workaround for you. But sessions can dangle somewhat, you've a tight coupling to server side transient data that way.
– Progrock
Nov 12 at 6:00


















draft saved

draft discarded
















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53250141%2fis-there-any-way-to-pass-a-php-variable-which-will-be-hidden-even-if-user-chec%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







這個網誌中的熱門文章

How to read a connectionString WITH PROVIDER in .NET Core?

Node.js Script on GitHub Pages or Amazon S3

Museum of Modern and Contemporary Art of Trento and Rovereto