| Re: Help required with UPDATE columns [message #179555 is a reply to message #179553] |
Wed, 07 November 2012 12:07  |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 11/7/2012 6:05 AM, Dynamo wrote:
> On Tue, 06 Nov 2012 08:15:32 -0500, Jerry Stuckle
> <jstucklex(at)attglobal(dot)net> wrote:
>
>
>>
>> Echo your query to the browser and you'll see what your problem is.
>>
>> And BTW - just taking a POST value without any validation is an
>> invitation to problems. Also, you should always use
>> mysql_real_escape_string() to escape strings before they are used in SQL
>> statements.
>>
>> And finally - never use die() in production code! It's OK for
>> debugging, but terminates processing of the page right there - causing
>> invalid HTML to be sent to the browser and sends a non-user-friendly
>> message (which can give out hints on how to hack your system).
>
> Thank you Jerry. Shakes solution worked but I will bear your comments
> in mind. However, the code is being used in a password protected area
> that theoretically only I should have access to.
>
> Regards
> Dynamo
>
Dynamo, it really doesn't matter if only you "should" have access to it.
Hackers gain "protected" access to sites every day. You really need
to protect yourself against them.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]