#1
  1. No Profile Picture
    RyanP
    Guest
    Devshed Newbie (0 - 499 posts)
    I would like to be able to enter at least part of a SELECT SQL statement in an HTML form and have it return the results. But for obvious reasons I would like to limit this query to SELECTs

    I am thinking that I will prepend a "SELECT " to the form data and strip out all semi-colons

    are commands that are available in a mysql client available in mysql_query()? (i.e. c -- clear, q -- quit, etc.)

    Is there anything else that I should be aware of that would allow a user to execute anything but a SELECT query?

    [This message has been edited by RyanP (edited September 28, 2000).]
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2000
    Posts
    114
    Rep Power
    15
    I don't know how relevant this would be, but in the MySQL client commands can end with a semi-colon or g, so you might want to catch that too.
  4. #3
  5. No Profile Picture
    RyanP
    Guest
    Devshed Newbie (0 - 499 posts)
    i have a feeling that mysql client commands are not available in mysql_query() , but i just wanted to make sure
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2000
    Location
    Salem, OR, USA
    Posts
    41
    Rep Power
    15

    Hello Ryan,

    I am thinking about doing the same thing. I think your plan to prepend the "SELECT" to the form data is a good idea, but what happen if the user make a mistake in their select statement? How do you deal with that? What I meant is, how do you prevent the browser from display the stupid "Internal Server Error" message and display a nicer message that let the user know that their is something wrong with their statement.

    --DVN

Similar Threads

  1. permissions after uploading
    By Paul Niessen in forum Perl Programming
    Replies: 3
    Last Post: February 15th, 2004, 06:51 PM
  2. Outlook XP is breaking IMG tags in HTML template
    By LuxFX in forum HTML Programming
    Replies: 0
    Last Post: February 15th, 2004, 11:11 AM
  3. HELP Editing database through HTML form
    By kashaf in forum PHP Development
    Replies: 2
    Last Post: February 12th, 2004, 12:17 PM
  4. Replies: 9
    Last Post: January 29th, 2004, 08:33 AM
  5. Question about creating a nice HTML online form.
    By frankyvalley in forum HTML Programming
    Replies: 7
    Last Post: January 22nd, 2004, 11:30 AM

IMN logo majestic logo threadwatch logo seochat tools logo