How to encrypt (verify) PHP link parameters if I delete a record displayed, the general approach is to "delete" as a link, the link address such as: http: // 121.121.121.121/del. php? Id = $ id, which receives the value from the parameter id in del. php. In this way, I can directly enter in the url, for example, how to encrypt the http:/PHP link parameter (verification)
If I delete a display record, the general method is to use "delete" as a link. the link address is http: // 121.121.121.121/del. php? Id = $ id, which receives the value from the parameter id in del. php.
In this case, I can directly enter http: // 121.121.121.121/del. php in the url? Id = 43. it is not safe to delete the record whose id is 43.
I see similar links from other websites. the parameter contains a large string of dozens of letters. I think this may be used for verification.
So how to write the verification part? Or what is the idea?
Thank you.
------ Solution --------------------
This deletion must have the permission to be deleted. it can be deleted by no one else...
------ Solution --------------------
Set an access permission for the del. php page, such as session or cookie judgment.
------ Solution --------------------
You can also click delete and use js to pass parameters as post, so that they will not be exposed in the url.
------ Solution --------------------
... You have to determine at least one session ["user"] when deleting the page to see if this request is logged on to the user?
In addition, for URL encryption, you can find a ready-made encryption program written by someone else in PEAR and change it a little bit to become your own encryption and decryption program.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.