I have urls similar to this
http://www.somewebsite.com/sub-category/?q=1
http://www.somewebsite.com/products/?q=1
http://www.somewebsite.com/product/?q=61
but i need to change the url to more secure one so that no one can type some other number and get a product with another id or I dont want anyone to see ?q=1. Someone Please help me.
Thanks in advance
You could add a hash like http://www.somewebsite.com/products/?q=1&hash=xxxx
Where the hash is generated using a secret key in the backend. Something like this
$productID = 1;
$url = "http://www.somewebsite.com/products/?q=".$productID;
$hash = md5("my-secret-key".$productID);
$url .= "&hash=".$hash;
And then on your request check that the hash is valid.
if(md5("my-secret-key".$_GET['q']) != $_GET['hash']){
die("Invalid hash");
}
In principle you can always try to type something in the URL and hope you hit something.
You could create a hash out of the product Id for each product and store it in a or the same table where you store your products.
Then you would pass the hash and not the product ID.
It's much harder to guess e.g. 64 chars than to guess one.