There’s something a little weird that happens at just about this point in your application design and creation. You have four, five, or maybe more core features in place. You have a few tables set up. You have a lot of the guts of your application built, and even though things are simple, you have a sense of where you’re taking things.
And at this point, you add some new feature, like the ability to delete users. It seems like just another feature; just another user requirement to tick off the list. But wait a second…deleting users? Do you want to offer all your users that power? Of course not. That’s an administrative feature.
But what’s an administrator? Obviously, in the non-digital world, it’s just a person or group of people who are managing accounts, probably someone who has a few extra passwords stickied to their monitor. But in your application, there’s no such thing as an administrator. Right now, anyone can hop over to delete_user.php and nuke poor Bill Shatner, or James Roday, or whatever other celebrities have signed up through create_user.html and its friends.
But it’s worse than that! Because of that little red “x” appears when you go to show_users.php, someone you can just be viewing users, and boom, there you have it: a little red “x” that can delete data forever. And with nothing more than a confirmation ...
Get PHP & MySQL: The Missing Manual now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.