Re: Check Boxes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ford, Mike [LSS] wrote:

$chkboxes = $_POST['ch'];
$sql = 'SELECT ';
foreach($chkboxes as $k => $v)
{
	$sql .= $v;
	if($k < (sizeof($chkboxes) - 1))
	{
		$sql .= ', ';
	}
}
$sql .= ' FROM form';


$sql = 'SELECT ' . implode(', ', $chkboxes) . 'FROM form';

Just note that with either solution, someone can post a value of "* FROM table WHERE 1#" and see everything in any table in your database.


--

---John Holmes...

Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/

php|architect: The Magazine for PHP Professionals – www.phparch.com

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux