Micah,
As a tyro, I'm curious AND cautious: belt AND suspenders is best.
When you say:
assign the values needed into another array before submitting to
the database
I presume you mean something like this, yes?
/*Create arrays for each of the tables*/
$coretable = array_slice($_POST, 0, 33);
$creatable = array_slice($_POST, 33, 5);
$subjectable = array_slice($_POST, 38, 2);
$stypertable = array_slice($_POST, 40, 2);
$cultable = array_slice($_POST, 42, 2);
$matertable = array_slice($_POST, 44, 6);
But while my own sanity is _certainly_ in question (I rue the day I
agreed to do this project, however educational it has been), You seem
to be using "sanity check" in a technical sense. What exactly would
that be, when it's at home, and what would it look like?
Thanks all for the good advice!
Jon
On Aug 22, 2005, at 4:22 PM, mike burnard wrote:
I certainly agree with that Micah. array_pop only removes that
last item. If you are in a an open environment you definitely want
to include security checks and form validation.
-mike
On Aug 22, 2005, at 4:07 PM, Micah Stevens wrote:
This is tenuous and insecure, you have no control over the $_POST
array, only
the submitting page does, I'd do a sanity check, and assign the
values needed
into another array before submitting to the database.
This is also primed for a SQL injection attack.
Bad idea.. IMHO..
-Micah
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
