On Tuesday 30 March 2004 20:13, [EMAIL PROTECTED] wrote:

> okay I have echoed $sql and before I did enter anything into the form, the
> form is already inserting null values into the database. Maybe that is the
> reason for the duplicate row of null values.

Yes, that would be the reason.

> Do you know how can I prevent this from happening??Hope to hear from you
> soon.

You're not performing any checks on the input you're getting from your form. 
The most simple check for whether the form was submitted is to use:

  if (!empty($_POST)) { // form was submitted }
or
  if (!empty($_GET))  { // form was submitted }

In addition you should always perform sanity checks on values of the 
individual form elements. Search the archives/web for 'sql injection' for 
more info.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
------------------------------------------
/*
Place me on a BUFFER counter while you BELITTLE several BELLHOPS in the
Trianon Room!!  Let me one of your SUBSIDIARIES!
*/

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to