Code igniter authentication code in controller security question
Posted
by Prime Studios
on Stack Overflow
See other posts from Stack Overflow
or by Prime Studios
Published on 2010-06-17T01:15:47Z
Indexed on
2010/06/17
1:22 UTC
Read the original article
Hit count: 273
I have a main controller to handle the very front-end of my authentication system, it handles login, logout, update user info, etc. functions that I anticipate calling by POST'ing from views/forms. What about something like a "delete_user" function though? My thoughts are a button in someones admin panel would say "Delete Account" and it would post to "/auth/delete", and the function would delete the user based on their session username or id. This seems a bit open ended, you could send out a link to someone and when they opened it while in that application it would delete their account.. Whats the best way to handle this?
© Stack Overflow or respective owner