Topic: Yet Another PHP Question

[Canuck]

I had asked a question a while back regarding editing a current entry in the database.

http://www.entropysink.com/forums/index.php?topic=4774.0

I originally passed all the values back and populated the for via $_GET[]. I was populating my hidden fields via $_GET[] too, so now the user is able to change the data, by changing the values in the URL and therefore changing my id (which I used to update the entry)

As ober pointed out, I should just send back the id, and I would also send back a value if they user is editing an entry. (I can then extract the other data I need to populate the form)

I dont want to send the values (via the URL) in plain text. I was thinking of using a function to manipulate the URL so the user can't just change values in it, but I will be able to convert it and extract what I need.

Would this be a good approach? Suggestions? Clarifications?

Thanks

Edit: would base64_encode, base64_decode be enough?

[ober]

The other option is to store the information in a database and only pass the key back and forth, saving and retrieving the data as necessary.  Then you just set a flag on the row whenever they complete the process so you throw out any crap data that someone didn't complete.