|
Web design and Programming Discuss website creation and other programming topics. |
|
Thread Tools | Search this Thread | Display Modes |
#1
|
||
|
SQL Query causing blank page
I've just got a basic query to delete the fields for a certain user, determined by a dropdown form on a previous page. I've tested the $_POST['Username'] with an echo and that is working fine, but as soon as I add the query it all goes blank, no error message or anything. Here the source:
PHP Code:
PS: If you spot any bad coding I can rectify please let me know, just starting to learn this stuff ;P |
#2
|
||
|
Never mind xD Just realised there is a semi colon after the curly bracket in the final error statement.
Epic Fail on me.. |
#3
|
||
|
You haven't really sanitized your $deleteuser before you run it against the database.. This could allow for an SQL injection attack. You should always sanitize data before you run it in a query.. In your scenario, an attacker could inject % into $_POST['Username']; and delete every user in that database. You should also consider using "LIMIT 1" at the end of your delete statement if you are not deleting using a primary key (like UserID).
An example would be: PHP Code:
Also, checkout my mysql class: http://phphq.net/codebits.php
__________________
04' Dodge SRT-4, Mopar Stage 3, 406whp/436wtq |
#4
|
||
|
Yeah I saw something about sanitising the code, so i'll look into that. Thanks for the limit, i'll take a look at your page when I get some time later
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Book recommendation for ASP.NET 2.0 and SQL Server | DevilDog#1 | Web design and Programming | 0 | 01-05-2007 07:12 PM |
Query strings... | BeBop | Web design and Programming | 0 | 02-01-2006 08:59 PM |
Query | Stoint | Sigs and Graphics | 7 | 06-13-2005 07:52 PM |
Sql | atholon | Web design and Programming | 50 | 06-04-2005 11:03 PM |
<Previous page 1 2 3 4 5 6 next page> script | big n00b at php | phphq.Net Forums | 4 | 03-11-2005 12:35 PM |