Hi, I've a page where the user enters his password and redirects him to another page (querystring) where he can modify his profil. the problem is that everyone can enter this page by changing the url (ex: modification.aspx?userID=something), I added a condition
that the userID is in the DB, but I don't know how to prevent users from modifying other profils
Any ideas please
↧
prevent users from entering page
↧