PHP Secure Ways to Pass GET Parameters In URL

Author: Waseem Ahmed
Updated: July 18, 2019
11 Comments

Almost every PHP Programmer use the GET method to pass parameters from one page to other page, but we have to secure GET parameters to prevent XSS attacks, if not, it’s dangerous. Because hackers can easily run harmful codes through GET parameters.

Here i will share how we can secure URL GET parameter’s values, so here it is.

Securely GET Integer Values via URL
If you’re dealing only with integer values in URL parameters you can easily secure them by using is_numeric PHP inbuilt function which is used to check whether a variable is numeric or not.


if(isset($_GET['catid']) && !empty($_GET['catid']) && is_numeric($_GET['catid'])) {
	$category_id=$_GET['catid'];
} else {
	// value is not integer or parameter 'catid' is not in url or is empty
}

Securely GET String via URL
If you are passing string values through URL parameters, you can use strip_tags() inbuilt PHP function which strips a string from HTML, PHP tags and returns a string with all NULL bytes.


if(isset($_GET['catname']) && !empty($_GET['catname'])) {
	$category_name=strip_tags($_GET['catname']);
} else {
	// parameter 'catname' is not in URL or is empty
}

Note: Use GET parameters in URL for sending non-sensitive values only, Do not pass sensitive information in URL like passwords, bank details etc..!

Waseem Ahmed

Hi, I'm Waseem Ahmed, Founder of CLEVERWASEEM.COM, Where i share everything that i learned from my past 10 years of experience in web designing, development and it's marketing. If you want to say something about my post or have any questions, don't hesitate to write in comment. I will do my best in reply.

11 comments

Braeden says:

October 11, 2019 at 1:51 pm

Very nice website, cheers!

Reply
Greggtes says:

October 17, 2019 at 2:51 am

Interesting!

Reply
AffiliateLabz says:

February 15, 2020 at 10:34 pm

Great content! Super high-quality! Keep it up! 🙂

Reply
BrianRew says:

March 30, 2020 at 2:37 pm

Keep up the outstanding work !! Lovin’ it!

Reply
JamesBup says:

April 28, 2020 at 4:58 am

The amazing web site you’ve gotten there.

Reply
VM says:

July 4, 2020 at 11:05 am

Like!! Thank you for publishing this awesome article.

Reply
Albertha says:

August 17, 2020 at 7:09 pm

My relatives every time say that I am wasting my time here at web, but I know I am getting knowledge daily by reading this type of good articles or reviews.

Reply
Earn Online says:

October 17, 2020 at 6:42 pm

I’m extremely inspired with your writing talents and also with the format for your weblog. Is this a paid subject matter or did you customize it yourself? Either way stay up the excellent high quality writing, it is uncommon to peer a great weblog like this one these days.

Reply
Franklin says:

November 10, 2020 at 4:57 am

You made some decent points there. I looked on the web to
learn more about the issue and found most people will go along with
your views on this website.

Reply
erotik izle says:

December 7, 2020 at 4:27 pm

You made some decent points there. I did a search on the subject matter and found most guys will consent with your website. Emalee Micheil Wilbert

Reply
sikis izle says:

December 9, 2020 at 3:03 pm

Only wanna remark that you have a very decent site, I enjoy the pattern it actually stands out. Raynell Bobbie Armillas

Reply

PHP Secure Ways to Pass GET Parameters In URL

Share

Waseem Ahmed

11 comments

Leave a Reply Cancel reply