Best Fix Found for Random Deletions in "Classes" Database?
Hi,
Random and completely unasked for delections have been occurring in my "Classes" database.
I would like to know if I have correctly analysed and handled the situation.
I first filter on SecurityAssist_ID to create a "View" page of all classes per each Presenter.
I then drill down to details per each specified class on an "Edit" Page using:
edit_class.php?ClassID=<?php echo($rsGetClassInfo->getColumnVal("ClassID")); ?>
This (of course) gives me a:
$_GET['ClassID'],
to go with that
'ClassID=xxxx'.
But if a Presenter merely looks at the page then backs out (doing nothing), the record was deleted.
I decided that this was probably because nothing or null was somehow being used as an unauthorized value for an update.
I then noticed MySQL's coding for the Update begins with:
if (true) {
blah blah blah;
}
I therefore amended this to:
<?php
if (isset($_POST["ClassLength"])) {
blah blah blah
}
(with there being a different such page for every class attribute, that Post being linked to the ClassID from the GET).
It may be a coincidence, but there has not been a repeat since. So unless I am mistaken, amending that "if" clause cured the problem.
Does this mean I must in the future amend all such "if (true)" MySQLi update queries that involve a ?ClassID = xxxx appended to the URL?
This is surely such a common scenario that it seems strange it should be so?
But if it is so, then I am sure my above code fragment is primitive in the extreme.
Could you please suggest what more auspicious expression I should be using?
Thank you,
KAB
