hiding database value in hyperlinks
Posted: Mon Nov 10, 2008 8:26 pm
im doing the deleting using hyperlinks like this
but i just realized that ppl can easily manipulate and update my database using deleteRow.php?id=VALUE
is it possible for me to hide the value or the deleteRow.php?id= so ppl cannot see the value or the link?
Code: Select all
echo '<a href="deleteRow.php?id=' . $record['contact_ID'] . '">Delete</a>';
Code: Select all
deleteRow.php
if(isset($_REQUEST['id']) && !empty($_REQUEST['id'])){
mysql_query("DELETE FROM contact WHERE contact_ID=" . mysql_real_escape_string($_REQUEST['id']));
header('Location: delContact.php?row_deleted=yes');
exit();
}
is it possible for me to hide the value or the deleteRow.php?id= so ppl cannot see the value or the link?