I'm forwarding my visitors from a checkout page to /store/order/view/?id=735
, but I don't want them to be able to view just anyone's order, so I need to encrypt the 735. What's the best way to do this so Javascript can encrypt it and PHP/MySQL can decrypt it?
What about instead of ?id=735 I do ?key=735-[TIMESTAMP_ORDER_WAS_PLACED]
, do you think that's secure enough?