opel Posted September 26, 2006 Share Posted September 26, 2006 I am learning how to use PHP by hand coding everything.my code below works to pull out a list of web links from the database and display them in a table. My question is should I have a DB close tag somewhere to close the DB for security reasons?Here is my code:[code]<?phpinclude ('connections/config.php');include ('connections/dbconn.php');$query = "SELECT link_id, link_title, link_desc, category_id, link_display FROM tbl_links WHERE link_display='Yes'";$result = mysql_query($query) or die("error querying database");$i = 0;while($result_ar = mysql_fetch_assoc($result)){?><tr <?php if($i%2 == 1){ echo "class='tablerow2'"; }else{echo "class='tablerow1'";}?>><td><?php echo $result_ar['link_title']; ?></td><td><?php echo $result_ar['category_id']; ?></td><td class="button"><a href="edit_link_detail.php?ID=<?php echo $result_ar['website']; ?>" title="Edit This Link">Edit</a></td><td class="button"><a href="delete_link.php?ID=<?php echo $result_ar['website']; ?>" title="Delete This Link">Delete</a></td></tr><?php$i+=1; }?></table>[/code] Quote Link to comment Share on other sites More sharing options...
tleisher Posted September 26, 2006 Share Posted September 26, 2006 Nah, the script runs and connects to the database before the user can access it, just make sure anytime you take input you addslashes() and your fine. Quote Link to comment Share on other sites More sharing options...
opel Posted September 26, 2006 Author Share Posted September 26, 2006 sorry can you explain what you mean by adding slashes? Quote Link to comment Share on other sites More sharing options...
Tandem Posted September 26, 2006 Share Posted September 26, 2006 I'm quite sure you don't need to close it or anything, and i'm not sure it's possible either. All your php is server side, so nobody can get your passwords unless they have access to your server.(Someone please correct me if i'm wrong) Quote Link to comment Share on other sites More sharing options...
tleisher Posted September 26, 2006 Share Posted September 26, 2006 php.net/addslashes$form_input = addslashes($_POST["form_name"]); Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.