dcsimg
www.webdeveloper.com
Results 1 to 4 of 4

Thread: Validating Update Check

  1. #1
    Join Date
    Jul 2006
    Posts
    663

    Validating Update Check

    Apologies in advance here, as I am not sure how best to structure this question…

    In php, when you need to control the access of information for a particular section of a site to a user, such as, a member accessing their own profile edit page... you obviously need to perform a database query to check that the specific user logged in has the right to view and edit that specific profile page... (not sure what the terminology is for this)

    HOWEVER

    imagine the query has been processed and the member now has access to the profile edit page... and now the member wants to update their email address... so they enter their new email address and click update... now should ANOTHER query be performed AGAIN to check that the member has access to perform this update...

    I'm sorry if all of that makes very little sense to you... basically what i am asking is, obviously you need to perform a check at the start to make sure a user has the rights to a certain part of a site to perform an update query BUT should you carry out this check again just before you perform the actual update (is there a term on what i am "trying" to describe here)

    Thanks for your patience if you've managed to read this far

  2. #2
    Join Date
    Mar 2012
    Posts
    63
    A general logic:

    Once member logged in, using his primary key we can retrieve his info from db and the member can change his details,

    once he updated the details, we have to check , the email address is already present for others ( what ever important fields you like to make unique)

    then we can proceed for the update


    Thanks
    masterwin

  3. #3
    Join Date
    Jul 2006
    Posts
    663
    Thanks masterwin... so check all queries before the content makes it's way out of the database (as in, does the user have the right to access this info) and then check all queries on the way back into the database to check that the user has the right to perform the update, even if they had the right at the time of accessing the information, check again to make sure no statuses have changed

  4. #4
    Join Date
    Mar 2012
    Posts
    63
    i can;t get it, what you saying now ,except thanks

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles