On my advertising system, once advertisers have signed up, they can login at a form on a login page.
The login page script checks the password and login name are ok, and if so, it redirects them to a page which displays all their adverts with stats etc.
So, when it redirects them to the advert listing page, the php is:
So as you can see, it is unsafe, because the password is in the url.
$location = "advertiserhome.php?login=$login&password=adpassword";
header ("Location: $location");
What I would like to do is encrypt it, and then decrypt it on the page it redirects to.
It might sound like this is needless, but honestly, it isn't.
Does anyone know how I could encrypt and decrypt it?