+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: URL redirection (/showthread.php?tid=63998)
URL redirection - Azamat - 01-01-2016
I want ask question about codeigniter secure redirection. Let's we have user and this user have multiple recipients. And also table with them(Codeignitier framework). If i want to edit some of user's recipient i click to edit button. Then this action redirect user to edit recipient page.
In my codeigniter i'm using:
public fuction editRecipient($recipien_id) { ... }
If i organize my function in this way, users can access to editing another recipients(by Url: htttp://example.com/editRecipient/123/)
So, what would be the solution?
Help me please.
RE: URL redirection - skunkbad - 01-01-2016
(01-01-2016, 01:49 PM)Azamat Wrote: I want ask question about codeigniter secure redirection. Let's we have user and this user have multiple recipients. And also table with them(Codeignitier framework). If i want to edit some of user's recipient i click to edit button. Then this action redirect user to edit recipient page.
In my codeigniter i'm using:
public fuction editRecipient($recipien_id) { ... }
If i organize my function in this way, users can access to editing another recipients(by Url: htttp://example.com/editRecipient/123/)
So, what would be the solution?
Help me please.
The solution is to use an authentication system to verify the user and what type of user they are. In your case the recipients should not be able to edit other recipients, so if a recipient ends up at your editRecipient method, you would want to show them a 404, or perhaps give them the chance to log in as a different user type.