In an old mvc 1 project I’m adding an option for the users to

Question

0

Asked: May 31, 20262026-05-31T06:25:05+00:00 2026-05-31T06:25:05+00:00

In an old mvc 1 project I’m adding an option for the users to

0

In an old mvc 1 project I’m adding an option for the users to edit their details. I’m not using Forms Authentication (mainly because I shouldn’t change the previous code massively) so I’m trying to think of the best way to only allow the user currently logged to edit his details.

For the moment, given the URL is http://localhost:61681/users/edit?userId=29 other user just have to change the userId to edit others’ details.

The way I can just think of is checking inside the method if the userId matches the parameter, but I don’t know if there are better ways to do it.

Let me apologize cause I understand the question shows my very basic knowledge.

Thanks

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-31T06:25:07+00:00

Editorial Team

2026-05-31T06:25:07+00:00Added an answer on May 31, 2026 at 6:25 am

Why not let the user id you’re checking userId against, be the parameter? If the edit page isn’t meant to let anyone edit anyone else’s info, then there’s no reason for a userId parameter at all — just let it edit the user that made the request.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

In an old mvc 1 project I’m adding an option for the users to

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply