#Authorization

2 articles tagged with "authorization"

IDOR: How Changing ?user_id=1 to ?user_id=2 Exposes Everyone's Data 🔓

The simplest hack that still works in 2026: just change a number in the URL. Here's why your API is probably leaking user data right now and how to actually fix it.

Feb 12, 2026

laravelphpauthorization

8 min read

Laravel Policies & Gates: Authorization That Doesn't Suck 🔐

Stop putting authorization logic everywhere! Let's use Laravel Policies and Gates to keep your code clean and your users in their lane.

Feb 08, 2026