apologies if I make any cardinal errors in question asking, this is my first

Question

0

Asked: May 15, 20262026-05-15T18:37:53+00:00 2026-05-15T18:37:53+00:00

apologies if I make any cardinal errors in question asking, this is my first

0

apologies if I make any cardinal errors in question asking, this is my first post.

Building a simple app in php where the user has permissions to a number of different sets of data which are held in a db with corresponding id’s. Currently I have the user switching the set of data they are viewing by choosing a set from a dropdown. My security knowledge being somewhat weak leads to my question: is it inherently bad to expose actual row id’s from a database to the outside world?

In this case it would appear in the form: http://www.***app.com/app.php?currentDataSetID=44

Thanks for input (and again apologies for any noobesqueness in the question). SO rocks.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-15T18:37:54+00:00

Editorial Team

2026-05-15T18:37:54+00:00Added an answer on May 15, 2026 at 6:37 pm

This is usually perfectly fine. As you can see in the question URL, Stack Overflow does the same thing!

You need to concentrate on making sure that nobody without the right permissions can actually access ID 44 even if they enter the correct URL.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

apologies if I make any cardinal errors in question asking, this is my first

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply