Re: [PHP] Question before I end up writing alot of extra code...

mike Mon, 07 Jul 2008 13:24:20 -0700

please oh please also run that through filter_input() before throwing
a $_POST directly into the db query ;p



On 7/7/08, Shawn McKenzie <[EMAIL PROTECTED]> wrote:
> Jason Pruim wrote:
> >
> > MAIN PAGE:
> > <?PHP
> >
>
> echo $row['Tab'];  //what do you get?
>
> > if($row['Tab'] == "done"){
> >    $Tchecked1 = "CHECKED";
> >    $Tchecked2 = NULL;
> > }else{
> >    $Tchecked1 = NULL;
> >    $Tchecked2 = "CHECKED";
> > }
> >
> > echo"
> > <fieldset>Tab<BR>
> > <input type="radio" name="rdoTab" value="done" $Tchecked1>Done <BR>
> > <input type="radio" name="rdoTab" value="on" $Tchecked2>Not Done<BR>
> > </fieldset>";
> > ?>
> > PROCESSING:
> > <?PHP
> >
>
> print_r($_POST);  //what do you get?
>
> >                $tab = $_POST['rdoTab'];
> >                $record = $_POST['txtRecord'];
> >                $updateQuery = "UPDATE `current` SET Tab='$tab'  WHERE
> Record='$record'";
> >               mysqli_real_query($link, $updateQuery);
> > ?>
> >
>
> You're saying now that that record now has field Tab=''?
>
> -Shawn
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Question before I end up writing alot of extra code...

Reply via email to