Re: Parameters in PHP — PHP Programming Language

You are here: Re: Parameters in PHP « PHP Programming Language « IT news, forums, messages

Posted by Michael Fesser on 10/23/07 20:52

..oO(Jeff Gaines)

>I think Good Man has probably hit it on the head, this is old code I am
>looking at which probably will have worked with earlier versions of php. I
>will continue using $_GET['id'] and $_POST['id'] as this seems to be how
>to do it now.

An addition: If a user-submitted value is used directly in a query
without any validation as it seems to be in this case, then it's very
easy for an attacker to empty the entire table. Read about SQL injection
and how to prevent it.

Micha

Navigation:

Next in forum: array inverting itself
Prev in forum: Re: Integration of differential equations in PHP
Thread view: Re: Parameters in PHP

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация