Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming security issue? - url
security issue? - url
  • El Forum
    Unregistered
  •  
#1
12-01-2007, 05:11 PM

[eluser]pieter dekker[/eluser]
Hi!

I use freakauth for loggin in on my site.
I have a controller user, user has a function edit. An example url:

http://www.mydomain.com/index.php/user/edit/3

Everyone can see this url, isn't that a security thread?
  • El Forum
    Unregistered
  •  
#2
12-01-2007, 08:38 PM

[eluser]Michael Wales[/eluser]
Only if you make it a threat.

Within the edit controller you should check as to whether the user is attempting to edit themselves or if the user is an admin. If so, let them edit; if not, send them somewhere else.




Theme © iAndrew 2016 - Forum software by © MyBB