On 4/20/2013 11:44 AM, Stuart Dallas wrote:
On 20 Apr 2013, at 16:25, Jim Giner <jim.gi...@albanyhandball.com> wrote:
Why are you allowing anyone to connect to your database from a form?
A little OT, but...
What do you mean by this question? How do you check someone's credentials if
not by connecting to a db to verify the login? Cause I'm doing the same kind
of thing all over the place. With good practices on validation and such before
doing my query of course.
I'm pretty sure that's not what tedd meant. The code is logging in to the
database server using the username and password from the form. There are very
few legitimate reasons to be doing this, so the question is well worth asking.
-Stuart
oops - now I see.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
