ql_query($sql);
}
might want to add in a is_array() somewhere in there...
---John Holmes...
> -Original Message-
> From: Ing. Raúl González Rodríguez [mailto:[EMAIL PROTECTED]]
> Sent: Monday, October 07, 2002 4:48 PM
> To: Php Mailinglist; Php-Windows Mailing
> Subject:
You can use the following code to delete multiple items:
if(isset($dele) && (count($dele) > 0)) {
$sql = "delete from gastenboek where (entryID='$dele[0]')";
for($i=1; $i
To: "Php Mailinglist" <[EMAIL PROTECTED]>; "Php-Windows Mailing"
<[EMAIL PROTECTED]>
Sent: Monday, October 07, 200
Try WHERE EntryID IN (" . implode ($dele, ',') . ")"
However:
1) Anybody could fake a form post or query url to delete any data in
your database
2) It would also be possible to create a more dangerous post that could
give the attacker control over your entire database
Thus, I assume that you wi
3 matches
Mail list logo
