You are here: Re: [newbie] Keeping it all in one page? « PHP Programming Language « IT news, forums, messages
Re: [newbie] Keeping it all in one page?

Posted by Gilles Ganault on 01/30/08 03:28

On Tue, 29 Jan 2008 20:53:29 -0500, Jerry Stuckle
<jstucklex@attglobal.net> wrote:
>And adding a checkbox isn't hard at all. But don't just use
> the primary key id in the checkbox unless you have some other way
> to protect your page from hackers.

The definitive wrong way to do things:
============
<?php

switch ($status) {
case "delete":
foreach ($item as $bit) {
$query = "DELETE FROM " . $table . " WHERE id=" . $bit;
$result = mysql_query($query) or die("Query failed: " .
mysql_error());
}
break;

default:
echo "<form method=post>";
echo "<input type=checkbox name=item[] value=1>"
echo "<input type=checkbox name=item[] value=2>"
echo "<input type=hidden name=status value=delete>";
echo "<input type=submit value=Delete>";
echo "</form>";

}
?>
============

BTW, is there some book like "The 50 pitfalls of writing web apps in
PHP" that would take real-life newbie errors like the above, explain
why they're wrong, and the safe way to rewrite them?

Thanks.

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация