What is the best practice
Posted: Sun Jun 29, 2008 4:29 pm
Hi. I have a general question, which should be easy to answer.
I have been updating a group of PHP websites that were build by someone else. In all of them, there are many pages that have forms, that when submitted, open a php page with some query to a mysql database. In each case, the query is in a separate php file.
My question is this. Is it best to have every form action point to a different php file, or is it acceptable to have a single "Database Functions" file which contains different actions.
For example, is this acceptable?
The above seems okay to me, but just thought i should check in case there is some security risk.
Thanks
I have been updating a group of PHP websites that were build by someone else. In all of them, there are many pages that have forms, that when submitted, open a php page with some query to a mysql database. In each case, the query is in a separate php file.
My question is this. Is it best to have every form action point to a different php file, or is it acceptable to have a single "Database Functions" file which contains different actions.
For example, is this acceptable?
Code: Select all
if(isset($_POST["action"])) {
$action = $_POST["action"];
if($action == "writeSomething") {
// mysql query that writes to the database table
} else if($action == "readSomething") {
// mysql query that reads something from a database
} else if($action == "updateSomething") {
// mysql query that updates something in a database
}
} else {
print "Sorry, no action was supplied";
}Thanks