Hello, I would like to know if it is possible to do the following:
$id_user = $_POST['id_user'];
$nivel_auth = $_POST['nivel'];
$hash_nivel = hash($nivel_auth);
$con = "INSERT INTO usuario (nivel) VALUES ($hash_nivel) WHERE id_user=$id_user;
Is it good to use hash
in $var
?
Would any "verification" error happen when I consult the base de datos
to retrieve the id_nivel
stored?
As for security , does it improve or is it still the same as one $var
stored as such?
Correct this line you are missing "[":
Change it for:
Yes, because it provides an extra layer of security to your application.
There would be no reason for it to give you an error in the verification because when you make the comparison it will always be against the same value. That is, hash of the db value against the hash of the value entered by the user, for example.
It greatly improves security, adds one more level because if by some chance a third party managed to capture the value in the path, it would not know what it has exactly because it does not "know" the original value entered, so the data for the third party would be "useless". .