Well the checking in the database to make sure that the user is allowed to delete that record is a good step to leave in. As for the rest, I'd probably recommend passing an encrypted value of the record to delete along with the record id itself, so you can verify that they haven't just changed the id, and it won't matter if they can get access to the hidden encrypted value because they won't be able to submit the proper encrypted version to pass the validation.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kory Bakken Sent: Tuesday, August 12, 2003 9:54 AM To: [EMAIL PROTECTED] Subject: RE: [KCFusion] security question Adaryl: Yes, if a person has IEBoster (http:// www.paessler.com/IEB <http://www.paessler.com/IEB> ) running on their machine, hidden form fields are just a right-click away. You'd be better off putting a "ACTIVE" field in any table that you are going to allow users to delete from. That could inactivate the record, then you could manually review the deletes before committing any of them. That's my 2 cents. Kory -----Original Message----- From: Adaryl Wakefield [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 12, 2003 10:48 AM To: [EMAIL PROTECTED] Subject: Re: [KCFusion] security question Im sorry I was in a hurry and should have explained this better. For the first time I am faced with allowing users to delete info from a database. I am trying to come up with a save method for doing that. In other words I don't want people to just type random numbers in a query string and start erasing stuff. Most of the measures I have come up with so far are easily defeated. I had considered putting the primary key of the tuple to be deleted in a hidden form field but if you can alter the info sent in a post request (and I think I read somewhere that you could) then that measure is kinda lame too. the best I've got so far is that the user can only delete those tuples that are related to their login. A. ----- Original Message ----- From: Bruce Dunwiddie <mailto:[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> Sent: Tuesday, August 12, 2003 11:33 AM Subject: RE: [KCFusion] security question I don't know of a way to say make IE send different request headers, but if you're trying to test something, wouldn't cfpost work? -----Original Message----- From: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> [ mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ]On Behalf Of Adaryl Wakefield Sent: Monday, August 11, 2003 1:44 PM To: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> Subject: [KCFusion] security question Is is possible to alter the information that is sent in the headers of a POST request? A.
<<attachment: winmail.dat>>
