Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Strange form value submitted

  • 24-05-2006 9:04am
    #1
    Registered Users, Registered Users 2 Posts: 1,086 ✭✭✭


    I have a website which on entering it you must make a choice from a drop down menu and submit it via a form. Your choice along with a random generated ID gets stored in a database via PHP.

    I only have 2 choices for this form at present, but had in the past 3 choices. The form values are either 1, 2 or 3. I have not had 3 choices in my form for 1 month+. Now when I look in my database I see someone has chosen choice 3, yesterday even though it is not on the form.

    Could this have stored in the persons cache? How would I make sure the actual form values get displayed and not old data?


Comments

  • Registered Users, Registered Users 2 Posts: 683 ✭✭✭Gosh


    include these in your HTML to prevent cacheing
    <meta http-equiv="Expires" content="Fri, Jun 12 1981 08:20:00 GMT">
    <meta http-equiv="Pragma" content="no-cache">
    <meta http-equiv="Cache-Control" content="no-cache">
    


  • Registered Users, Registered Users 2 Posts: 15,065 ✭✭✭✭Malice


    Are you validating the returned data from the form before you put it into the database? You could validate it so that a record only gets added to the database if the drop down value was 1 or 2.

    If you are using "get" rather than "post" as your form method then someone could enter the query string manually as it gets appended to the url e.g. http://www.yourserver.com/index.php?formValue=3.


Advertisement