Is it considered an unsafe practice to include user profiles on one page/document?

When the user logs in, he or she is directed to user.php. Their user id is passed through a get parameter (Example: user.php?user=1). When they log in, a session value is set ($_SESSION[‘session_user_id’]). If the user id matches the session, then information is pulled from the database according to that user.

Now, is this an unsafe practice? Should there be a page or each user (Example: user/janedoe.php)? Or is this ok?

Read the entire article at the source link…

We're happy to share this resource that we found. The content displayed on this page is property of it's original author and/or their organization.

Leave a Reply