MySQL / PHP dating site

Out of context: Reply #25

• Started
• Last post
• 40 Responses

• vaxorcist0

  for security, I highly suggest adding a hash reference field to the user table so that you are not doing the following:

  edit_user.php?id=321

  where user may try to hack and change "321" to anything else, and attempt to edit annother user's info. This can be prevented a number of ways, but seeing a URL like that in any referral logfile is an invitation to somebody to messs with your app....

  whereas a hash like:

  edit_hash?hash=sdf83767d9d376216...

  is much cleaner... I use sha1 for a 40 character char field in the database and add a simple function id=lookup_id_from_hash($hash)

  vaxorcist 0Permalink

  UpvoteDownvote

  Flag

  • oops, I meant code like:
    edit_user.php?hash=s...vaxorcist
  • thanks, I'm going to deal with security issues last (like AES_ENCRYPT for the password).juhls
  • Just so I can get the basic coding out of the way.juhls

  Show [[ numHiddenNotes ]] more notesAdd Note

  SaveCancel

View thread