Hi All, I've had a look around but not sure if Im doing this all wrong. I am grabbing several id's from the database and using a href link to submit them and update them.
I don't want the individual ID's displayed so figured I create a session ID for each and pull the ID's out on the other side. I've used a loop to amend $loop to serviceID for each variable value and try to pull it out on the otherside.
So...out of confusion how does using a "$sessionLoop" number versus a User ID make it any more secure? When obviously, the ability to edit is listed on the page why would I care if Fred's ID is 5? What power do I gain by knowing Fred's ID? Once you answer those questions you can drop the complex mess and go back to something simple.
Logic without the fatal effects.
All code snippets are licensed under WTFPL.