Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Nov 04, 2011 04:22 PM|LINK
i dont want to get iformation of my table field and value of them
Don't provide table information in the querystring. You don't have to. ID values will always appear in your app somehwere as html code ot whatever. If you do not want this information to be made public, don't put it in a web site.
my main qusetion is what secuirity issues shoud l attention for using querystring?
Make sure you use parameters when you use querystring values as part of your SQL so that you prevent SQL injection. Also, ensure that you validate the type and range of any querystring values, as the user might manipulate them.