So I have a script (written in PHP) that posts the user input of

Question

0

Asked: May 26, 20262026-05-26T09:11:37+00:00 2026-05-26T09:11:37+00:00

So I have a script (written in PHP) that posts the user input of

0

So I have a script (written in PHP) that posts the user input of a reference number and postcode and then redirects the user to a page with the URL parameters like so:

http://mydomain.com/data.php?reference=REF1234&postcode=LE1FEH

The data.php script will then fetch the data from the database according to the URL parameters, now I want to hide the paramaters from the user’s view – both to prevent SQL injections and to make the URL simpler. I don’t want to directly hide the inputted data in the URL. Apple seem to be the only place I can find who do it like this right now – in their URL you are able to see an order number and postcode but no equals sign or anything, like so:

https://store.apple.com/uk/order/guest/ordernumber/postcode

Is there anyway of going about doing this?

(I’m not sure if you would class this as encryption or what not, so I had a hard time finding any useful articles on this as well as wording it well – so i’m sorry if it is a little confusing)

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T09:11:38+00:00

Editorial Team

2026-05-26T09:11:38+00:00Added an answer on May 26, 2026 at 9:11 am

Please use the .htaccess

Options +FollowSymLinks  
RewriteEngine on    
RewriteRule ^([a-z0-9A-Z]+)/([a-z0-9A-Z]+)$ ./data.php?reference=$1&postcode=$2 [NC]

Your URL http://mydomain.com/REF1234/LE1FEH will treated as http://mydomain.com/data.php?reference=REF1234&postcode=LE1FEH and you can get the values by GET method.

For more info

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

So I have a script (written in PHP) that posts the user input of

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply