DNN URL is showing the user ID when editing the user profile, is there any way to hide it to prevent SQL injection?
Which version of DNN? There was an issue long time ago, when you could change the querystring parameter for the userid and display the data from another user Including email address). This was fixed quite fast, and I think it was DNN 6 or an early 7 version. But this has nothing to do with SQL injection. So if you have this problem (and anyway!): Upgrade to the latest version. Happy DNNing! Michael
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.