I'm creating a joomla component and I wish to know what's the best secure method to Publish and obtain data via a form submit.

<form action="index.php?<?php echo JUtility::getToken()?>=1" method="post" name="adminForm">    
    <input type="hidden" name="option" value="<?php echo OPTIOIN_NAME; ?>" />
    <input type="hidden" name="task" value="save" />
    <input type="hidden" name="controller" value="mycontroller" />
    <input type="hidden" name="id" value="<?php echo $this->my_data->id; ?>" />

    <?php echo JHTML::_('form.token');?>

    //my code is here



function getPostData(){

     if (!JRequest::checkToken('REQUEST')) {
         // return 403 error
         JError::raiseError(403, JText::_('ALERTNOAUTH'));
         // belt and braces approach to guarantee the script stops
         jexit('Invalid Token');

     $this->_data->id = JRequest::getVar('id', 0, 'POST', 'INT');


This is one way I'm delivering data and I'm not sure this is an excellent method or otherwise. Help.

I believe this process you utilize is alright. Only one factor: if you are obtaining the data from Publish, I suppose your token is going to be obtainable in Publish too, so that your call to JRequest::checkToken( 'REQUEST' ) might be transformed to JRequest::checkToken( 'post' ). Another essential factor is you must always use $db->Quote() method in case your by hand crafting database queries using vars from request. Finally, as Thilo stated, you need to use HTTPS for "critical" transactions for example obligations.

I really hope it assisted!