Oops, forgot to send my original response to the list last time.
On 4/5/04 1:33 PM, "Jason Giangrande" <[EMAIL PROTECTED]> wrote:What I usually do is create a select box that has only the values of the enum. That way no one should be able to (in theory) put any value other than the ones you set. You could also code up a check that runs before you build your sql query. Simply check that if the value of the input of that enum field is anything other than what you expect, change it to your default then inset it into your database.
I am going to create a select box, but am still trying to write enough tests to catch myself if I try to do something foolish. The "in theory" part is what I'm trying to check for. :-)
I questions is, if someone tries to set the var to an invalid type should I throw a warning, or die or do nothing and just use the default or previous value. I'm inclined to stay away from the last option cause it invites strangeness to people who might be new to the system.
As long as register_globals is set to off what come in from your select box should be used as the value of the enum field. It is always best to do as much data validation as you feel is worth it. IMO, in the case of using a select box to set the values of an enum MYSQL field, (unless this application is for something that is really security conscience, like banking or something), I feel I can usually trust the select field. Remember that if someone tries to set the enum filed to something other than what is specified, an empty string will be stored. Therefore, when you are reading from the database you could always check for that, too.
-- Jason Giangrande <[EMAIL PROTECTED]> http://www.giangrande.org http://www.dogsiview.com
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
