Re: [PHP] syntax question

On Mon, March 26, 2007 9:59 am, Ross wrote:
Can I put post values directly into insert statements?

$query = "INSERT INTO categories (category_name) VALUES
('$_POST['cat_name'])";

Sure!

If you want your webserver to get hacked by the Bad Guys, just go
right ahead and do that.

[that was tounge-in-cheek]

Start reading here:
http://phpsec.org

--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
.

Relevant Pages

  • Re: [PHP] a function for retuned vatiable
    ... On Mon, October 2, 2006 7:08 am, Ross wrote: ... $result = mysql_query($query) or die ... Yeah, I get a buck. ...
    (php.general)
  • Re: [PHP] should I be looking to eliminate all notices?
    ... On Sat, April 21, 2007 4:01 am, Ross wrote: ... When coding should I be trying to code so there are no notices or is ... Yeah, I get a buck. ...
    (php.general)
  • Re: [PHP] Re: directories - again
    ... On Thu, June 7, 2007 7:23 am, Ross wrote: ... Some people have a "gift" link here. ... Yeah, I get a buck. ...
    (php.general)
  • Re: Fire apes
    ... > It's a troll, Ross. ... Yeah, yeah, I know. ... Algie, Marcus & the Jimster, what else is left? ...
    (sci.anthropology.paleo)
  • Re: [OE Quotefix] Not with newer OE
    ... Peter J Ross wrote: ... Yeah, to something that only reflects half of its capability. ... Filtering rules specific to various real news clients ...
    (news.software.readers)