This content has been marked as final. Show 2 replies
Please explain what you are going to check the kt_login_id against?
Are you going to query the database and check it against some value, or are you just checking to see if it's set?
I have used the kt_login_id for user form to update their details but in this case I can not use it because PK is referenced to the eventID.
in the results page of the user it will only show the events they have created using $_SESSION['kt_login_id'] in the recordset.
the member then selects the event they wish to update via a text link that takes them to a form.
The form needs to ref the eventid and also check that the user who is updating the event is the user who created it.
I have tried to pass a session veri for the eventid but can't get it to work. just keeps saying undefind when it is correct.
at this stage the form is not secure and you can change the eventid in the URL. (This is not live and only on my testing server) but need to sort it out asap.
so my thought was if i passed it via the link with a sesson veri, that the page that displays the users events to update is already secure then once clicking the link to the form. The form will then be secure by the passing of the eventid from the session.??
I am still learning and hope you or someone can help.
if that does not make any sense pls let me know.