What's the safest way to remove data from mysql? (PHP/Mysql)

Posted by ggfan on Stack Overflow See other posts from Stack Overflow or by ggfan
Published on 2010-05-09T00:09:13Z Indexed on 2010/05/09 0:18 UTC
Read the original article Hit count: 120

Filed under:
|

I want to allow users as well as me(the admin) to delete data in mysql. I used to have remove.php that would get $_GETs from whatever that needed to be deleted such as... remove.php?action=post&posting_id=2. But I learned that anyone can simply abuse it and delete all my data.

So what's the safest way for users and me to delete information without getting all crazy and hard? I am only a beginner :) I'm not sure if I can use POSTs because there is no forms and the data isn't changing. Is sessions good? Or would there be too many with postings, user information, comments, etc.

Ex: James wants to delete one of his postings(it is posting_id=5). So he clicks the remove link and that takes him to remove.php?action=post&posting_id=5.

© Stack Overflow or respective owner

Related posts about php

Related posts about mysql