Thank you for all your help.
I tried to understand what some of you have suggested, and tried changinging a few things as suggested but still don't have it working the way it should.
Please let me explain my situation a little bit more in detail.
When someone logs into their account everything is working correctly and as it should. They can see, edit and delete whatever information they like of theirs. The issue is when a user has the option of changing one of multiple similar items in a database.
Lets say that the user has 5 different widgets that has various information about it and he would like to edit the description for one of them.
He navigate to a page that lists all of his five widgets that he has on file. He proceeds to choose the widget that he would like to edit (lets say the id number is 3).
When he clicks on a link besides the widget that he wants to edit, the address bar would show http://www.mywebsite.com/edit_record.php?id=3
Everything is as it should be. He makes his corrections and submits the form. The database is updated correctly as it should.
But here is the problem. If this person has intension of malice, when the address bar shows http://www.mywebsite.com/edit_record.php?id=3 and he changes the "3" to "67" and presses enter button, he in effect now has complete control of item #"67" which does not belong to him but another user. And he can successfully change whatever information he wants on item "67".
Please excuse my ignorance if this seems simple to you to resolve but not for me.
I am just trying to understand and learn why this is happening and how to prevent it.