Jump to content


kohg

Member Since 03 Apr 2019
Offline Last Active Apr 17 2019 03:51 PM
-----

Topics I've Started

Detail view security for dataset

03 April 2019 - 02:59 PM

Have a database with different users and corresponding associated records.
1. user logs in and gets a Session-ID
2nd user gets his data from the query: "$crud->where('marketing_user_id',$this->session->userdata('id'));" displayed.

Problem is, if user clicks on the detail view he can change the URL by hand... e.g. from "read/21" he makes "read/22", "read/33" and so on.

How can I add security to the detail view? Probably with a CallBack? Unfortunately I can't do it.

Thanks a lot :-)