Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
G
G
Grisha Nikolsky2015-12-22 22:48:15
WordPress
Grisha Nikolsky, 2015-12-22 22:48:15

How secure is the following system?

Hello. Created LC. There are two inserts - this is information, where the text (user properties) is simply displayed, and there is editing, where inputs are displayed and when they are filled in, the data in the database is updated.
To view other people's personal accounts, I simply pass and compare the id of the current user with the variable $_GET['id']. That is, I pass the ID of the account owner through url. If I follow the same scheme, I just won’t “edit” the insert while watching other people’s personal accounts, will it be safe? Or do you need to do it in a different way altogether?
Thanks in advance!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Anton, 2015-12-22
@VoxelGod

The main thing is to do checks when saving information. So that only the owner can save information (or also a group of "white IDs" - admins; it's even better to organize roles for this).
Display the "Edit" button also for the same user group.

Similar questions
R
retyui2017-08-25 20:26:32
Where to download logos for all car brands? 3Reply
S
Sergey Marchenko2017-09-16 18:57:12
Is it possible to "zoom" the contents of an iframe? 2Reply
G
grigoryi3252020-02-19 14:48:47
Asp.net mvc How to remove master page? 1Reply
B
Balfri542020-02-27 13:05:06
How to use react in this code? 3Reply
M
Mirum72020-03-25 15:25:44
How to protect TeamSpeak server from DDOS? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question