G
Guest
I use one page as a template and include a header, footer, and allow the main
content area to change, based on a varible I supply via the URL. The
variable holds a reference to another page and pulls it into the main page.
Going from the main page to pageB will look like:
index.asp?p=page
Sometimes I append other URL parameters. These may be values, such as a
user ID, that goes into the database to set conditions on a stored procedure.
This is a security risk. Some one could manipulate this value and access
another user's information. What are some examples of good security for this
situation?
Thanks,
Brett
content area to change, based on a varible I supply via the URL. The
variable holds a reference to another page and pulls it into the main page.
Going from the main page to pageB will look like:
index.asp?p=page
Sometimes I append other URL parameters. These may be values, such as a
user ID, that goes into the database to set conditions on a stored procedure.
This is a security risk. Some one could manipulate this value and access
another user's information. What are some examples of good security for this
situation?
Thanks,
Brett