dongwu9063 2015-01-31 04:49
浏览 76
已采纳

在页面加载时更改URL数据

Hello I have a small website where data is passed between pages over URL. My question is can someone break into it and make it pass the same data always?

For example let say, when you click button one, page below is loaded.

example.com?clicked=5

Then at that page I take value 5 and get some more data from user through a form. Then pass all the data to a third page. In this page data is entered to a database. While I observe collected data I saw some unusual combinations of records. How can I verify this?

  • 写回答

2条回答 默认 最新

  • dongxi1879 2015-01-31 05:14
    关注

    yes. as javascript is open on the website, everyone can hack it. you will need to write some code on you backend to validade it.

    always think that you user/costumer will try to hack you sytem. so take precautions like, check if user is the user of the session, if he is logged, if he can do what he is trying to do. check if the record that he is trying get exists.

    if u are using a stand alone site, that u made the entire code from the ashes, you will need to implement this things by yourself. like using the standard php session, making the data validation etc. or you can find some classes that other people have made, you can find a lot o this on google. as it is a common problem of web programing.

    if u are using a backed framework that isnt from another world, probably already has one. sp, go check its documentation.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 ELGamal和paillier计算效率谁快?
  • ¥15 file converter 转换格式失败 报错 Error marking filters as finished,如何解决?
  • ¥15 ubuntu系统下挂载磁盘上执行./提示权限不够
  • ¥15 Arcgis相交分析无法绘制一个或多个图形
  • ¥15 关于#r语言#的问题:差异分析前数据准备,报错Error in data[, sampleName1] : subscript out of bounds请问怎么解决呀以下是全部代码:
  • ¥15 seatunnel-web使用SQL组件时候后台报错,无法找到表格
  • ¥15 fpga自动售货机数码管(相关搜索:数字时钟)
  • ¥15 用前端向数据库插入数据,通过debug发现数据能走到后端,但是放行之后就会提示错误
  • ¥30 3天&7天&&15天&销量如何统计同一行
  • ¥30 帮我写一段可以读取LD2450数据并计算距离的Arduino代码