[ic] Re: Attempted database update without permission
interchange-users@icdevgroup.org
interchange-users@icdevgroup.org
Fri Aug 23 05:13:00 2002
Alma Nuker writes:
> Hi list;
>
> I have form which I use to enter data into database as follow:
>
> [update values]
> [set mv_data_enable]1[/set]
> [tag flag write]partnersdb[/tag]
> <FORM ACTION="[process]" METHOD="POST">
> <INPUT TYPE=HIDDEN NAME="mv_data_table" VALUE="partnersdb">
> <INPUT TYPE=HIDDEN NAME="mv_data_key" VALUE="partners_id">
Here you have partners_id.
> <INPUT TYPE=HIDDEN NAME="mv_data_function" VALUE="insert">
> <INPUT TYPE=HIDDEN NAME="mv_nextpage" VALUE=@@MV_PAGE@@>
> <INPUT TYPE=hidden NAME=mv_check VALUE=NewWeb>
> <INPUT TYPE=hidden NAME="mv_form_profile" VALUE="partners_profile">
> <INPUT TYPE="HIDDEN" NAME="mv_data_fields"
> VALUE="partners_id,fname,lname,email,company,address1,city,state,zip,country,partner_type,partners_comments">
>
> [set NewWeb]
> [if type=explicit compare="[error all=1 show_var=1 keep=1]"]
> mv_nextpage=@@MV_PAGE@@
> [else]
> mv_nextpage=ord/send_partners
> [/else]
> [/if]
> [/set]
> <INPUT TYPE="HIDDEN" NAME="mv_data_return_key" VALUE="partners_id">
> <INPUT TYPE=HIDDEN name="partners_id" value="">
>
> ................
>
> ,,,,,,,,,,,,,, All other fileds here ,,,,,,,,,,,,,,,,,,
>
> <INPUT TYPE=hidden NAME="mv_todo" VALUE="set">
> <INPUT TYPE="SUBMIT" VALUE="Register">
> <INPUT TYPE="Reset">
> </FORM>
>
> I am using mysql database and in dbconfig/mysql I have defined partners
> table as follow:
>
> Database partnersdb partnersdb.txt __SQLDSN__
> ifdef SQLUSER
> Database partnersdb USER __SQLUSER__
> endif
> ifdef SQLPASS
> Database partnersdb PASS __SQLPASS__
> endif
> Database partnersdb KEY parteners_id
> Database partnersdb COLUMN_DEF "parteners_id=INT(9) UNSIGNED
> AUTO_INCREMENT PRIMARY KEY"
Here you have parteners_id with an extra "e" !?
Ciao
Racke
--
Prolific Interchange Consulting (Excellent German Quality !).
Take a look at Materialboerse (http://www.materialboerse.de/), WITT
(http://www.witt-weiden.de/), Boxmover (http://shop.boxmover.ch/) or
Passionshop (http://www.passionshop.com/racke). Need a shop ? Contact us.