[eluser]web_wanderer[/eluser]
Greetings,
I was thinking of using the URI class and its segment_array() method to determine access privileges and filter data but am not sure how safe is that.
It'd basically go along the following lines:
Global constructor class gets the URI segments -> analyzes them -> assigns privilages -> filters data -> Loader loads the relevant page.
My question is - is it safe to filter data this way or can the URI be spoofed in some way so that it avoids the validation process altogether?