page.php?id=5
Code: Select all
if (checkValidId($_GET['id']) == 1) {
// ----
if (isset POSTbtn) {
// ----
modifyInformation()
}
else {
// ----
displayForm()
}
}
else {
// ----
echo 'Invalid id';
}
My question: Where is the best place to test for validity of a value (or values) retrieved from the query string? Obviously before the value is used to manipulate the database but do you create something like my example or do you do the checking in modifyInformation() or elsewhere?