Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Best way to get validated form data into a database
Best way to get validated form data into a database
  • El Forum
    Unregistered
  •  
#3
11-07-2008, 08:31 AM

[eluser]McNoggin[/eluser]
Thanks, if that works it would be much easier then what I'm doing currently. My only concern about using that is that is it seems like a security risk. Say for example my users table has fields for id, name, group, email, birth_day, etc.

Now if I make a form that allows them to update their profile (email, bday, etc). If I did it the way you suggested wouldn't it be possible for an attacker to guess the data base columns and send an extra field along to change it. So for example the form may of only had a field for email address, but they added one for the group so now it would update their email address and allow them to be come admins, etc.

That was my reason for thinking about only getting fields that had validation rules.


Messages In This Thread
Best way to get validated form data into a database - by El Forum - 11-07-2008, 12:58 AM
Best way to get validated form data into a database - by El Forum - 11-07-2008, 02:59 AM
Best way to get validated form data into a database - by El Forum - 11-07-2008, 08:31 AM
Best way to get validated form data into a database - by El Forum - 11-07-2008, 08:50 AM
Best way to get validated form data into a database - by El Forum - 11-07-2008, 09:16 AM



Theme © iAndrew 2016 - Forum software by © MyBB