Page 1 of 1

Simple Question

Posted: Tue Jun 26, 2007 2:59 pm
by oo7ml
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


I have a combo box on my form for Gender

[syntax="html"]<select style="width: 180px" name="gender" tabindex="8">
                  <option selected="" value="null">--- Select Gender ---</option>
                  <option value="F">Female</option>
                  <option value="M">Male</option>
                </select>
What sort of php validation do i need for this combo box.

I already have - if nothing is selected, it alerts the user.

Can you see if you can answer these three questions please:
1. Can someone alter my code and put in something other than what is in the combo box and submit it to my database.
2. Do i need to add mysql_real_escape_string to a combo box (i obviously do if someone can alter my code)
3. Do i need to add a max length validation to the combo box

Thanks for your help


feyd | Please use[/syntax]

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Tue Jun 26, 2007 3:23 pm
by superdezign
Just check if it's one of the values that you've specified. Users can spoof any input values you give to them. always check the data against what you allow.