Security question?

M

MilanB

Application has a webform where user can edit/modify some information that
are stored in database.

When I show data to user, I must somewhere memorize ID of database record
that is currently edited.

Where to do that? So malicious users can not chage that ID (of current
edited record), and in that manner modify some other record, and not current
one?
 
Y

Yunus Emre ALPÖZEN [MCSD.NET]

store it in viewstate and use viewstatemac


--
HTH

Thanks,
Yunus Emre ALPÖZEN
BSc, MCSD.NET
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Why is updating in DELETE trigger delayed when fetching user? 1
Search Results with Pagination 1
Can't execute php to delete multiple rows in database 3
Hey can anyone tell me why input data wont save in my database? 2
Password validation security issue 19
Question about my projects 3
Final chapter of "Learn PHP, MySQL and JavaScript" 3
[ANN] Samizdat 0.6.2: Security, Plugins, Flowplayer 3

Members online

Total: 45 (members: 1, guests: 44)
Robots: 113

Forum statistics

Threads
474,266
Messages
2,571,089
Members
48,773
Latest member
Kaybee

Latest Threads

Top