I have a big security problem with my program, and I need to make

Question

0

Asked: June 3, 20262026-06-03T09:28:40+00:00 2026-06-03T09:28:40+00:00

I have a big security problem with my program, and I need to make

0

I have a big security problem with my program, and I need to make parts of my URL’s hidden. I have searched on the net for a solution, with no luck. In my program I have admin and user accounts – the program is simply a database for workers dosie. Admins can see all dosies but the other users can only see dosies that are in their work group. So my problem is, when a user comes to see the dosie, the URL to access the information looks like this: “viewdosje.php?album=108. The problem being that the user can simply change album id and he can see other dosies, which is not good. For example:

"viewdosje.php?album=109"

By changing the number in the URL he can see other dosies. It would be great to hide that part of URL, or am I wrong? Please help me with an idea of some kind. I don’t know where to start.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-03T09:28:41+00:00

Editorial Team

2026-06-03T09:28:41+00:00Added an answer on June 3, 2026 at 9:28 am

You should not hide the url, but validate the access to the resource in the application instead. When you receive the ID, before displaying content, perform a DB query to see if the current logged in user has access to that resource or not.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a big security problem with my program, and I need to make

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply