⚠ In case you've missed it, we have migrated to our new website, with a brand new forum. For more details about the migration you can read our blog post for website migration. This is an archived forum. ⚠

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Detail view security for dataset

Started by kohg, 03 April 2019 - 14:59 PM

Single Page

kohg

Member

Posted 03 April 2019 - 14:59 PM

Have a database with different users and corresponding associated records.
1. user logs in and gets a Session-ID
2nd user gets his data from the query: "$crud->where('marketing_user_id',$this->session->userdata('id'));" displayed.

Problem is, if user clicks on the detail view he can change the URL by hand... e.g. from "read/21" he makes "read/22", "read/33" and so on.

How can I add security to the detail view? Probably with a CallBack? Unfortunately I can't do it.

Thanks a lot :-)