Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming How to delete only own records???
How to delete only own records???
  • El Forum
    Guest
  •  
#1
02-16-2010, 09:05 AM

[eluser]123wesweat[/eluser]
Hi,

I notice i only check if an user is logged in and then he can delete records from table education. Like /education/delete/userid/educationid

but it's also possible to delete someone else his records if you have the right userid + educationid.

What would be good practice to prevent this??
store an unique number in table education??

or check if the user_id equals uri segment x if true
Code:
if($user_id == $this->uri->segment(3) )
{
can delete
} else [
echo 'but why?';
}

Any tips suggestions??


Messages In This Thread
How to delete only own records??? - by El Forum - 02-16-2010, 09:05 AM
How to delete only own records??? - by El Forum - 02-16-2010, 09:09 AM
How to delete only own records??? - by El Forum - 02-16-2010, 09:29 AM
How to delete only own records??? - by El Forum - 02-16-2010, 09:34 AM



Theme © iAndrew 2016 - Forum software by © MyBB