Welcome to WebmasterWorld Guest from 54.147.232.40

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Deleting database entries

     
10:53 pm on Aug 7, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 21, 2002
posts: 1542
votes: 0


I just heard that if you have a facility to delete fields from a database that this should not be done with a hyperlink, you should use a form to submit this.
The reasons being the search engines may crawl them.

Can anyone else share any light on this? What is the proper way to do this?
1:50 pm on Aug 8, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member swa66 is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 7, 2003
posts:4783
votes: 0


If a crawler can it follow the link it means anybody else could too.

Don't you need authentication ?
9:55 pm on Aug 8, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 21, 2002
posts: 1542
votes: 0


oh ok, is that the other option? Use authentication? How do I do that?
3:41 pm on Aug 9, 2012 (gmt 0)

Junior Member

10+ Year Member

joined:Nov 10, 2006
posts: 140
votes: 0


Only authorised users should be given the privelege to delete database data (either entries or entire tables) and as such, they should have appropriate authentication for doing this task, this is my opinion - other experienced members here may have other more compelling methods to achieve this.
8:12 pm on Aug 9, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 21, 2002
posts: 1542
votes: 0


Ok, but what method should you use for deleting pages, are hyperlinks ok or should it be form submission?
8:45 pm on Aug 9, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member topr8 is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 19, 2002
posts:3268
votes: 20


i don't think it makes any difference, i use both in my admin area.

the important thing is ensuring only the right people have access - generally speaking you should also log which login made significant changes like deletions.
9:01 pm on Aug 9, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member swa66 is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 7, 2003
posts:4783
votes: 0


The principle is usually known as AAA:
Authentication, Authorization and Accounting

- Authentication comes first: you essentially identify and make sure the identification is correct (e.g. by using a login and password) or stronger methods as needed.
You can implement this in a web server (e.g. digest auth in apache) or using php and tracking it all via sessions and the like.

- Authorization: you list who can do what, and verify against that list. It's not cause you know the visitor is me that you want me to allow to do anything.

- Accounting: You track who did what, when. Bonus: Why?
5:54 am on Aug 10, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 15, 2004
posts:941
votes: 0


Another approach - do not delete anything. Just use a flag to show/hide content. OR move deleted content to backup tables/databse
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members