mod_rewrite
If you run into any issues, please let me know and I will assist as best I can.
Hi Eric,
Sorry I can understand it.
Can you please give me a specific example for the following case (this hopefully will enable me to understand it).
Here is what I have:
On the User_profile page I have created a link so the user will be directed on a page that he/she will be able to upload a picture. (<a href="add_image.php?UserID=<?php echo $row_WAATKusers['UserID'];?>" target="_blank">)
The problem is that they will be able to see their ID e.g.
UpdateBanner.php?UserID=94
Which means that if you type 95 it will go to the UserID=95 and they will be able to change someone else’s picture.
if i could add the right command on the .htaccess page to remove this (?UserID=94), they will not be able to do this.
Can you please help me write the .htaccess page?
This is what I have tried but it gives me error 500
RewriteEngine on
RewriteCond %{QUERY_STRING} ^
RewriteRule ^(.*)$ $1 [L,R=301]
RewriteCond %{THE_REQUEST} ^\?UserID=(.*)$ HTTP [NC]
RewriteRule ^$UpdateBanner.php%{REQUEST_URI} [R=301,L]
HELP!!!