Welcome Guest, Not a member yet? Register   Sign In
using id in url / security issue
#1

[eluser]Jan_1[/eluser]
Hi!
I have userprofiles, classifieds and articels
and I do use '$this->uri->segment' in controller to get the single content in the template.
So you can read the user_id in the url (..index.php/profil/23.html).

Well, I do check user-rights in the model, but shouldn't I pass an user_id more confidental? I want to protect my users data. For example using an encrypt date for 'id' instead of using autoincreatment for 'id' in mysql?

How are you doing?
Greetings, Jan


Messages In This Thread
using id in url / security issue - by El Forum - 02-08-2010, 12:01 AM
using id in url / security issue - by El Forum - 02-08-2010, 09:04 AM



Theme © iAndrew 2016 - Forum software by © MyBB