I would like to securely transfer sensitive variables between multiple in PHP. Normally I would use url parameters or session cookies to transfer non-sensitive values. I'm not sure how secure I can make cookies and url params or if there is a better option out there?
If you need good security, you can serialize() your parameters into a string, and AES encrypt the string on the origin server with mcrypt(), wrapped in base 64 encoding with base64_encode(). Pass the encrypted, encoded data to the other server as a single URL parameter where it can be decrypted using the AES shared key and parsed back to individual variables with unserialize().