If you use a URL like this:
page.sn?uid=46
than it's very easy for an hacker to test for other UID.
A solution to this is to generate a uuid or a random code with uuid() or genpsw()
The generation of the uuid could be done in a trigger on the table when there is an INSERT.
Replied on: 2022-01-14 06:25:00