[eluser]JaRoLLz[/eluser]
[quote author="Michael Wales" date="1233395203"]
Quote:Indeed my delete method is very dangerous. However, the controller that contains the delete method has an authentication mechanism written in the constructor. So a simple call like that will not do anything.
I don't know how that would prevent anything... if you go login to your site, and you are an admin there (full rights), and your session lasts 2 hours. Now, you go visit my blog, within those 2 hours - your user table is wiped out.
You need to switch this to a POST request, as well as include a nonce within that request that is validated within the form processor. Otherwise you are opening a
huge security hole...[/quote]
After thinking for a while, this hole is exploitable if a full-rights user accidentally execute that code. I don't read your post carefully the first time. Changing to post method using hidden form now.
Code:
<form method='post' action='<?php echo site_url('users/delete_user') ?>'>
<input type='hidden' name='notmalicious' value='imnot'>
<input type='hidden' name='userdbid' value='<?php echo $udata['id'] ?>'>
</form>