Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Security question
Security question
  • El Forum
    Guest
  •  
#1
06-25-2008, 08:53 PM

[eluser]ericbae[/eluser]
Hello,

Just want to get some ideas on what would be the best way to implement this type of feature.

I have a website where users can post something, and I am trying to enable "delete post" using something like this

myapp.com/post/delete/postID/2

which would call the "Post" controller and its "delete" function to delete the post with its ID number "2".

But wouldn't anyone be able to type in the above URL to delete any posts?

Obviously, I'll have to put some user validation + authorization, but does CodeIgniter offer something I can use? or how should I hide such information? what is the best way?


Messages In This Thread
Security question - by El Forum - 06-25-2008, 08:53 PM
Security question - by El Forum - 06-25-2008, 08:58 PM



Theme © iAndrew 2016 - Forum software by © MyBB