SW Portal Development -- My Abuse Reports Feature Added & Use SESSION To Remove Security Flaws -- 23-Feb-2023
Hello everyone!
Hello my friends. how are you, I hope my friends will be happy and well. by the grace of God, I am also well. Abuse spammers reports are uploading on portal. Step by step all detectives will shift on sw portal. Very soon whole steem watcher community abuse reports activities will handle through sw portal. It is in trial phase. Some development changes and security flaws has been done in the last week. I will discuss these changes and security flaws in detail level.
On add detectives page, the security was not applied anyone can get this page by changing the url. Security is increased now. No anyone can access this page except administrators. Only one check is need to add to stop the accessing of general users. Now when the user change the url and try to access the add detective page after login then it will move automatically move on dashboard page.
We have set the Post link and Source link format. When the detectives enter any abuse report without providing any source link. Then “Null” word will display on dashboard. Before this changes empty Source Link is displayed on screen with anchor function. The purpose of this change is to avoid the confusion because when the admin verify the report he can not assure that detectives have provide any source link or not.
Before Updation
After Updation
My Abuse Reports Page is added in the side nav, where detectives can see just their own reports and they can perform the Edit and Delete report action on it. It will also help the detectives to get their links for publishing abuse reports in community because specific format on source link and post link has not been applied on it.
On admin panel, the total reports will displayed on screen. Admin have full access to change the reports, update the wrong source links and also delete the reports. Here is screenshot of admin panel.
These updation and security flaws are handled by using server side PHP language. I fixed the above security flaws by using $_SESSION function. Session variable will store the username and then restrict it when user try to access admin side pages.
Here is the few lines of server side code that helps to increase the security level using SESSIONS.
If anyone have any suggestion, then must share with us in the comment section. we will focus on it and try to apply it if it will suitable.
Thanks for giving your precious time to my post.
Follow | Upvote | Share | Comments
Special Thanks to
Cc: @rme
Cc: @hungry-griffin
Cc: @blacks
Cc: @steemcurator01
Follow me on Instagram.
Instagram
🆃🅷🅰️🅽🅺 🆈🅾️🆄