Hi,
In my website, Blog is a small portion. I have managed to make and insert the blog. In manage blog area I am giving a user this a authority to manage their written blogs. At this point I am getting a problem. When I am logged as 'A' (A represents as a login name) and write a blog and then signout, and login as 'B'. The blog recently written by 'A' is shown in 'Bs' Manage Profile portion. This means that there is no security what so ever. B can see and Delete A's blog.
I have an idea to play with two different tables and bring login as a foreign key in the blog table and then put it against the session variable in order to see if the blog was written by the same user.
I am new at PHP & MYSQL , I would appreciate any suggestions, any reading material and any help on this.
Regards,
Bilal A. Khan