Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter General Help security problem with GET
security problem with GET
  • Offline kilishan
    CI Project Lead
  • *******
  • Posts: 1,461
    Threads: 90
    Joined: Oct 2014
    Reputation: 120
#2
11-20-2015, 01:33 PM

You can change it to a POST request (which will still have security issues).

You need to do verification inside of the delete method to verify that

a) they have permission to delete images, and
b) they "own" that image, or belong to a role that has permission to do it.

That way people can't randomly delete stranger's photos.
Support Development •  CodeIgniter 4 Foundations • Practical CodeIgniter 3  • CodeIgniter Tutorials
Reply


Messages In This Thread
security problem with GET - by ronaldv - 11-20-2015, 01:23 PM
RE: security problem with GET - by kilishan - 11-20-2015, 01:33 PM
RE: security problem with GET - by arma7x - 11-20-2015, 01:37 PM
RE: security problem with GET - by ronaldv - 11-21-2015, 06:15 AM



Theme © iAndrew 2016 - Forum software by © MyBB