Skip to main content
A
Anonymous
October 7, 2009
Answered

Pass vars in links with security... ?

  • October 7, 2009
  • 1 reply
  • 696 views

Dear friends :

I have a file "chooserecord.php" where user can choose a record (whch belongs to his/her user account)  and click on "delete register" button.

Then, it takes you to the file  "deleterecord.php" where the record status will be changed in the database.. but, here is the question :

When the user chooses the record to delete(change status)  it passes that record id like this :

<a href="deleterecord.php?code=3">Click here to delete record 3</a>

And it works.... but... it is not safe !! because, any user could enter directly typing in the URL things like "deleterecord.php?code=4" or "...?code=5" or whatever, and delete the record without having permission... !!  so .. what is the best practice for this ?

I'll appreciate your answers,

This topic has been closed for replies.
Correct answer

Lon Winters wrote:

Even the FORM method can be emulated pretty easily.  But if you have the Restrict Access to page applies to each page, then it makes the hack more difficult.  The highest level of securty would be to encrypt that part of the site with SSL.

I kind of assumed that the OP is already restricting access to the script based on their original message. Even with restricted access, it would still be possible for a logged in user to delete someone elses records using an id passed in the query string. That's why I suggested the additional methods.


Give your users their own username and password.

Track them using Sessions

and in the deletion page, check both user AND the record, whether they belong to each other.

1 reply

B
bregent
Participating Frequently
October 7, 2009

You're right, it's not safe. Generally, you never want to use the GET method for activities that alter the data in any way. Always use POST for that. In addition, you might want to perform additional validation to ensure that the data to be deleted is associated with the logged in user.

Lon_Winters
Lon_Winters
Inspiring
October 8, 2009

Even the FORM method can be emulated pretty easily.  But if you have the Restrict Access to page applies to each page, then it makes the hack more difficult.  The highest level of securty would be to encrypt that part of the site with SSL.

B
bregent
Participating Frequently
October 8, 2009

Lon Winters wrote:

Even the FORM method can be emulated pretty easily.  But if you have the Restrict Access to page applies to each page, then it makes the hack more difficult.  The highest level of securty would be to encrypt that part of the site with SSL.

I kind of assumed that the OP is already restricting access to the script based on their original message. Even with restricted access, it would still be possible for a logged in user to delete someone elses records using an id passed in the query string. That's why I suggested the additional methods.

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices