When they login, set session.UserID Whenever a record is accessed do a check to make sure that record.UserID = session.UserID, and if not then give them some "unauthorized" message or whatever.
>>> David Douglas <[EMAIL PROTECTED]> 01/18/02 01:25PM >>> Hello, I setup a view query where it only displays records on the user's ID. I notice that if I change the ID name in the URL it will show the other records for that ID, I am sure there is a simple way to prevent this. Any help is greatly appreciated. Thanks Dave ______________________________________________________________________ Get Your Own Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation � $99/Month � Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
