Simple Question

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
oo7ml
Forum Newbie
Posts: 15
Joined: Sun Jun 17, 2007 4:30 pm

Simple Question

Post by oo7ml »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


I have a combo box on my form for Gender

[syntax="html"]<select style="width: 180px" name="gender" tabindex="8">
                  <option selected="" value="null">--- Select Gender ---</option>
                  <option value="F">Female</option>
                  <option value="M">Male</option>
                </select>
What sort of php validation do i need for this combo box.

I already have - if nothing is selected, it alerts the user.

Can you see if you can answer these three questions please:
1. Can someone alter my code and put in something other than what is in the combo box and submit it to my database.
2. Do i need to add mysql_real_escape_string to a combo box (i obviously do if someone can alter my code)
3. Do i need to add a max length validation to the combo box

Thanks for your help


feyd | Please use[/syntax]

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

Just check if it's one of the values that you've specified. Users can spoof any input values you give to them. always check the data against what you allow.
Post Reply