1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 10:36 am May 22, 2026

Forum Moderators: phranque

Message Too Old, No Replies

website security

best way to allow customer uploads to databases

         

lifeafter76

6:14 am on Apr 9, 2006 (gmt 0)

10+ Year Member



Hello,

i have a quick question and looking for your opinion. Im running php, mysql4, php4.

got a quick security question. Im building a website similar to autotrader. My question is when the customer submit the car and customer info to the website.. which of the following would be standard security?

1) have the info go to a "staging" database and dump the car and customer info into the actual site's database later by an admin
OR
2) upload the info straight to the database with a trigger that allows me to activate/deactivate the carinfo after i have read over the submitted info.

Thanks for the insight

topr8

7:31 am on Apr 9, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



i would insert it to the actual database with an 'admin column' which you can switch on/off when you've checked the ad.

however THE MOST IMPORTANT thing is to check the data for integrity before inserting to the database ... this is VITAL for protecting yourself against sqlinjection attacks and other such things.

lifeafter76

7:43 pm on Apr 9, 2006 (gmt 0)

10+ Year Member



ok thanks.... i was leaning that way but i just wanted to be entirely sure....

i apprecite it

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 10:36 am May 22, 2026