A user gets directed to a specific page after completing some process. On this page, there is sensitive information that should be hidden every time after the first view.
How should I go about approaching this problem? Any resources and direction would be greatly appreciated.
Mayby before they are redirected you set a session var like.
Before redirection:
session_start();
$_SESSION['showDetails']="someSecureString";
header("location: secure.php");
Then on the secure page.
session_start();
if(isset($_SESSION['showDetails']) && $_SESSION['showDetails']=="someSecureString"){
//Show details
unset ($_SESSION['showDetails']);
}
session_destroy();
That should also clear the session var.
use session and unset the session after displaying it (at the end of the page)