Well the checking in the database to make sure that the user is allowed to
delete that record is a good step to leave in. As for the rest, I'd probably
recommend passing an encrypted value of the record to delete along with the
record id itself, so you can verify that they haven't just changed the id,
and it won't matter if they can get access to the hidden encrypted value
because they won't be able to submit the proper encrypted version to pass
the validation.

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Behalf Of Kory Bakken
Sent: Tuesday, August 12, 2003 9:54 AM
To: [EMAIL PROTECTED]
Subject: RE: [KCFusion] security question


Adaryl:
 
Yes, if a person has IEBoster (http:// www.paessler.com/IEB
<http://www.paessler.com/IEB> )  running on their machine, hidden form
fields are just a right-click away.  You'd be better off putting a "ACTIVE"
field in any table that you are going to allow users to delete from.  That
could inactivate the record, then you could manually review the deletes
before committing any of them.  That's my 2 cents.
 
Kory

-----Original Message-----
From: Adaryl Wakefield [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 12, 2003 10:48 AM
To: [EMAIL PROTECTED]
Subject: Re: [KCFusion] security question


Im sorry I was in a hurry and should have explained this better. For the
first time I am faced with allowing users to delete info from a database. I
am trying to come up with a save method for doing that. In other words I
don't want people to just type random numbers in a query string and start
erasing stuff. Most of the measures I have come up with so far are easily
defeated. I had considered putting the primary key of the tuple to be
deleted in a hidden form field but if you can alter the info sent in a post
request (and I think I read somewhere that you could) then that measure is
kinda lame too. the best I've got so far is that the user can only delete
those tuples that are related to their login.
A.

----- Original Message ----- 
From: Bruce Dunwiddie <mailto:[EMAIL PROTECTED]>  
To: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>  
Sent: Tuesday, August 12, 2003 11:33 AM
Subject: RE: [KCFusion] security question

I don't know of a way to say make IE send different request headers, but if
you're trying to test something, wouldn't cfpost work?

-----Original Message-----
From: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>  [
mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ]On
Behalf Of Adaryl Wakefield
Sent: Monday, August 11, 2003 1:44 PM
To: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
Subject: [KCFusion] security question


Is is possible to alter the information that is sent in the headers of a
POST request?
A.

<<attachment: winmail.dat>>

Reply via email to