[英]How to prevent a logged in user from deleting his or her username from php script in a CMS?
I am working on creating a CMS, and I would like to know the best approach to prevent logged in user to delete his or her username when deleting users from a php script. 我正在创建CMS,我想知道防止从php脚本删除用户时登录用户删除其用户名的最佳方法。
The way I handled this before was to compare the userID in the session and the user to delete, if they don't match then delete the user. 我之前的处理方式是比较会话中的userID和要删除的用户,如果它们不匹配,则删除该用户。 Is this approach is okay?
这种方法可以吗? is there a better way to do that?
有更好的方法吗?
I am not looking for code... just some tips. 我不是在寻找代码...只是一些技巧。
从交互设计的角度来看,当您显示当前用户时,完全禁用/隐藏“删除”按钮可能是有意义的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.