• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to delete only own records???

#1
[eluser]123wesweat[/eluser]
Hi,

I notice i only check if an user is logged in and then he can delete records from table education. Like /education/delete/userid/educationid

but it's also possible to delete someone else his records if you have the right userid + educationid.

What would be good practice to prevent this??
store an unique number in table education??

or check if the user_id equals uri segment x if true
Code:
if($user_id == $this->uri->segment(3) )
{
can delete
} else [
echo 'but why?';
}

Any tips suggestions??


Messages In This Thread
How to delete only own records??? - by El Forum - 02-16-2010, 09:05 AM
How to delete only own records??? - by El Forum - 02-16-2010, 09:09 AM
How to delete only own records??? - by El Forum - 02-16-2010, 09:29 AM
How to delete only own records??? - by El Forum - 02-16-2010, 09:34 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.