Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Security question
Security question
  • El Forum
    Guest
  •  
#2
06-25-2008, 08:58 PM

[eluser]Aea[/eluser]
As long as you verify the user is "valid" for deleting said post (moderator, owner) you're "okay." The problem comes in people giving users that address to spoof them to deleting their own stuff, you can get around this problem by having a confirmation page, or sending the postID via POST (that way a simple url won't let a user delete something).


Messages In This Thread
Security question - by El Forum - 06-25-2008, 08:53 PM
Security question - by El Forum - 06-25-2008, 08:58 PM



Theme © iAndrew 2016 - Forum software by © MyBB