Search the Community
Showing results for tags 'action'.
The search index is currently processing. Current results may not be complete.
BACKGROUND: Good ideas are sometimes like luck, they come in streaks. Thanks to the experiential wisdom of this forum and those around me in the Galvanize collective workspace, I have decided to tarry a little longer with the reconstruction of my data base. Indeed, I have learned a new term -- normalization. What before I intended to achieve with row duplication I hope now to achieve with simple updates. In order to achieve this important structural change and still retain the benefits of the old structure, I must disengage one of my form's <fieldset>s and create from it a new form that is submitted manually and only occasionally. It would appear that the small changes to the separate table that this fieldset previously replenished with each new form submission can now be achieved with MySQL TRIGGER and UPDATE statements. This strategy has led to the following two questions: QUESTION ONE: Under the assumption that one can have only one $_POST variable per page how does one typically go about using the same $_POST variable for multiple forms on the same page? If I were to implement this task on my own, without the advice of others, I would create a bivariate if-. else if-, else- statement that tests for the present of one of two variables and then handles only that data associated with the form submitted. Is there another, perhaps more thorough, separation that does not include the creation of a separate form page? QUESTION TWO: When executing a MySQL TRIGGER that updates a single row value of a single column of a table different from the one that executes the trigger, will the DEFAULT setting for the UPDATE statement trigger a timestamp with the ON UPDATE CURRENT_TIMESTAMP? As always your wisdom would be well-appreciated. Roddy
Is there a way to prevent that a malicious person crafts a piece of code that changes the value of an action attribute? Like when you have this line of html: <form method="post" name="register" action="<?php echo $_SERVER['PHP_SELF']; ?>"> but the attacker places the entire script on his own server. Is this XSS? What are the consequences of gaining/finding protected data? If this kind of attack is possible, can someone show with an example how this is done?
Can someone give an example of a php script that lets a form with checkbox input choose between 2 different pages when it is checked or not. Actually the dilemma is that the action attribute is sending form data to another pages (2 pages) - but dont know what code to use - . So if the checkbox isnt checked a third page should load in the browser.