Reply to Re: mySQL query type — PHP Language

Posted by Hilarion on 10/20/05 17:29

>> I'd like to give user possibility to add his custom queries to my page, but
>> I want him to be able to add only SELECT queries. I looked everywhere for a
>> function testing if query is only SELECT nothing else but couldn't find it
>> :-( Maybe you can give me sime directions?
>>
>> best regards
>> Mateusz [PEYN] Adamus
>
> Set up the form to collect column names (C), table names (T), the where
> clause (W) and, optionally, an order by or limit (O). Then create the
> 'SELECT (C) FROM (T) WHERE (W) (O)' and save that.

And what if the user types something like that as ORDER BY clause:

col1, col2; DELETE FROM some_important_table

Hilarion

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация