Posted by Mark on 02/25/06 01:23

Peter Fox wrote:
> You /have/ taken precautions to avoid SQL injection?

Not yet, but thanks. I forgot what the term for that kind of attack
was, I'll do some research on it.

Erwin Moller wrote:
> One simple way to 'fix' this (because nothing is wrong) is:
> page1.php contains form
> set the action to page1_process.php
>
> page1_process.php
> receives the form, does its stuff like databaseinserts.
> Do not create ANY output.

ah... excellent. this gets rid of that annoying "resend information"
message on refresh too.

noone wrote:
> alter table comments add constraint pk_comments (name,email,comment,id);

so this will make it so that ALL those values together can't be
identical with any other comment?

i was wondering how I might do this. I figured out how do put "unique"
on a single column, but that doesn't help me much.



thanks a lot for your help guys! this is great.

[Back to original message]