[thelist] PHP and storing Javascript code in MySQL

Pamela Riesmeyer pjries at comcast.net
Tue Aug 1 17:46:17 CDT 2006


Hi List,
I'm looking for resources to demonstrate why it's a bad idea to store 
JavaScript code in a MySQL database  - at least I'm assuming that 
this is a security risk. It's a pretty simple setup.. a form 
containing a select element is the only user input. That input is 
used to query the database and the data is displayed on the page 
using PHP. The suggestion was made to include JavaScript in the 
database entry to allow for a link with an onclick toggle tthat would 
show and hide portions of the page.

I'm on the "let's not do this, there must be a better way" side, but 
I could use some stronger arguments, other than "I think it's a bad 
idea" to back up my recommendation.

Any suggestions, greatly appreciated.

Many thanks,
Pamela Riesmeyer



Pamela Riesmeyer
Wings of Mercury Web Designs
http://www.wingsofmercury.com






More information about the thelist mailing list