Protect other records in IWP

[Razzman]

I published a database which requires users to create a single, new record from their browsers. I have "Hide/Lock" the Status WIndow and provided buttons with scripts to take them to the next layout.

Something funny happens when a user creates a new record and it only happens in Safari. After they create the new record (whether they have entered any data), you can use your Browser Back button which takes you back to Record #1. This means that someone else can modify another's record. Well, only record #1.

What causes this and why is Record #1 safe browsing in IE?

[johanvos]

What version of OS X and Safari ?

It really helps to run Software Update.

[Reed]

You don't want to design your web solution to depend on browser behavior for security. What you really want to do is use accounts and privileges to control access to records.

You might also consider using globals to allow users to fill in information, and then use a script to create the records from the global values. This way the users can't actually see the layout tied to the records, and they can't browse the records unless you specifically let them.