Micah,
As a tyro, I'm curious AND cautious: belt AND suspenders is best.
When you say:
assign the values needed into another array before submitting to
the database
I presume you mean something like this, yes?
/*Create arrays for each of the tables*/
$coretable = array_slice($_POST, 0, 33)
I certainly agree with that Micah. array_pop only removes that last
item. If you are in a an open environment you definitely want to
include security checks and form validation.
-mike
On Aug 22, 2005, at 4:07 PM, Micah Stevens wrote:
This is tenuous and insecure, you have no control over t
This is tenuous and insecure, you have no control over the $_POST array, only
the submitting page does, I'd do a sanity check, and assign the values needed
into another array before submitting to the database.
This is also primed for a SQL injection attack.
Bad idea.. IMHO..
-Micah
On Mond
Thanks mike! that did the trick. This works:
array_pop($_POST);
/* this gets rid of the last element of $_POST which is 'addentry' from
the form's submit button. $_POST now containes ONLY the values expected by
pg_insert. By the way, the order of the values in $_POST does not seem to
matter, o
Or if you need to store all the values, you could normalize the table field
into another table.
-Micah
On Monday 22 August 2005 3:19 pm, Bastien Koert wrote:
> To further append the previous note,
>
> if you want to insert the array, you need to serialize it
> (www.php.net/serialize) to make t
To further append the previous note,
if you want to insert the array, you need to serialize it
(www.php.net/serialize) to make the array db safe
if you want to insert the individual specific values, you will need to
implode the array with separators (and check the data in the correct order
f