How to encrypt (verify) the PHP link parameters if I delete a record that is displayed, the general practice is to use "delete" as a link. the link address is 121.121.121.121del.php? Id $ id, which receives the value from the parameter id in del. php. In this case, I can directly enter 121.121.121.121del.php in the url? Id4 PHP link parameter encryption (verification)
If I delete a display record, the general method is to use "delete" as a link. the link address is http: // 121.121.121.121/del. php? Id = $ id, which receives the value from the parameter id in del. php.
In this case, I can directly enter http: // 121.121.121.121/del. php in the url? Id = 43. it is not safe to delete the record whose id is 43.
I see similar links from other websites. the parameter contains a large string of dozens of letters. I think this may be used for verification.
So how to write the verification part? Or what is the idea?
Thank you.
------ Solution --------------------
This deletion must have the permission to be deleted. it can be deleted by no one else...
------ Solution --------------------
Set an access permission for the del. php page, such as session or cookie judgment.
------ Solution --------------------
You can also click delete and use js to pass parameters as post, so that they will not be exposed in the url.
------ Solution --------------------
... You have to determine at least one session ["user"] when deleting the page to see if this request is logged on to the user?
In addition, for URL encryption, you can find a ready-made encryption program written by someone else in PEAR and change it a little bit to become your own encryption and decryption program.
