Re: Please help..
- From: "Rik" <luiheidsgoeroe@xxxxxxxxxxx>
- Date: Mon, 17 Jul 2006 03:08:01 +0200
Frank van Meurs wrote:
Rik wrote:
fjm67 wrote:[SNIP...]
if(isset($_POST['submit'])){[SNIP...]
foreach($_POST['text'] as $id => $text){
mysql_query("UPDATE tbl_name SET `text` = '{$text}' WHERE
`id` = $id");
}
}
I'm probably missing out on somthing here, but why would one want to
do this? Surely you don't want to update rows depending on user input,
especially when the possible input was based on the data you provided
yourself in the first place?
Euhm, firstly, how do you propose changing a value in a database that needs
to be changed by a user and a webinterface? I'd say by providing them with a
form with a possible input and update the field after a post....
Second, let's quote myself:
"Simpified code, without error checking and hence a major security risk
<snip>
If you have purchased some books I assums they will tell you what to do
about safety..."
I could keep posting fully operational forms with vigurous user- and
datavalidation, but that's normally not the answer to the question. And
allthough I'm posting a lot these days, I DO have something better to do
then providing fully operational code for free :-) (No really, I have a
live, please believe me..).
Grtz,
--
Rik Wasmus
.
- References:
- Please help..
- From: fjm67
- Re: Please help..
- From: Rik
- Re: Please help..
- From: Frank van Meurs
- Please help..
- Prev by Date: Re: Duplicate records added from post forms, easy solutions?
- Next by Date: Re: POP3 class
- Previous by thread: Re: Please help..
- Next by thread: POP3 class
- Index(es):
Relevant Pages
|
