Which of these methods is preferred: an ID transported via URL to go to the next form page, or setup a SESSION variable to use through out the site?
For instance, the page starts with inserting the data for a user via form inputs. Then you choose that user from the list so that you can to add more details to the his profile, i.e., family info, job info, etc. All this is accomplished by transporting the identity of that user to the next page so that it can be used to connect all of his other details in other tables.
My question is which method of these two, URL or SESSION, is the most secure method of moving through this process? What would be the pros and cons between these two methods? Are there other means of doing this? Or does it even matter?
Thanks for you input and help.
Last updated: