[thelist] PHP tip

Rob Whitener rwhitener at DesignOptions.com
Tue Feb 4 12:14:06 CST 2003


Could you expand on that a little.  What kind of vulnerabilites? Security
risks or design flaws?

Thanks,

Rob

-----Original Message-----
From: Dan Horning [mailto:dan at dwc.to]
Sent: Tuesday, February 04, 2003 1:04 PM
To: thelist at lists.evolt.org
Subject: RE: [thelist] PHP tip


|||-----Original Message-----
|||Subject: [thelist] PHP tip
|||
|||
|||I wanted to post a tip, something I use for iserting records
|||into a database
|||with PHP.  Pretty basic stuff, but it may help the beginners.
|||
|||When inserting records into a database from PHP and an HTML
|||form, ensure the
|||names of the form fields correspond to the names of columns
|||in your table,
|||then you can use this code to quicly build an INSERT string:
|||
|||	$insert = "INSERT INTO ".$tablename."(";
|||	$insert .= implode(",",$columns).") VALUES
|||(\"".implode("\",\"",$values)."\")";
|||where $tablename is the name of your table, $columns is an
|||array of column

I'd be cautious of this tip b/c you open some vulnerabilities into your
database structure..
Just a thought

--
* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester
and archives of thelist go to: http://lists.evolt.org
Workers of the Web, evolt !



More information about the thelist mailing list