I have just started to develop a PHP/mySQL site and was wondering if there are any Open Source Security Frameworks they can recommended.
Not only do I want to deal with data hacking issues, but also want to know what the best practices to insure that users are not bookmarking or manipulating strings that can be passed through the URL. For example, I have list of users where they can EDIT their info via a GET navigation link. I would prefer them not having the ability it bookmark the link or even better be able to access the user record via their HISTORY.
In a nutshell, I am seeking a way to make user use the system as developed. For example, I want make a user does not have the ability to reach an update form unless they accessed it from the proper page.
Any feedback on this would be greatly appreciated. Thanks.