Re: Auditing Code (security wise) |
Subject: Re: Auditing Code (security wise) by marcan on 2007/12/10 13:16:50 Quote:
Correct. XOOPS database factory automatically prevent UPDATE and DELETE query to be used in a GET request. So if you absolutely need to use on of these queries in a GET request, then you would need to use queryF(). For example, updating the counter of an article when a user gets to the page would need a queryF as the user is not accessing the article via a POST request... But indeed, queryF needs to be used with extra care. The concept behind is that all queries that changes the database need to be within a POST request. |