Michael Gale wrote:
The question I have it .. on three of the select boxes .. if the data is
changed I require a extra function to get run.
So for example if the "owner" value is changed I want to send a e-mail to the new owner.
For performance should I just pass a hidden value with the original owner and compare that with the owner value of the select box OR should I do another db select to see if the field changed ???
I was thinking that passing a string would have less of a performance impact ? then db activity. ?
It would, but the solution depends upon your users. Remember that a hidden field's value can be modified. So, if a user wanted to be malicious, they could set the hidden field to the new value matching what they select and your program would think that no change took effect.
Now, you could outsmart them and not actually update that column if the two values match. Then it wouldn't really do them any good to change the values because the database won't be updated anyhow.
The "safest" way is to just select the data before you make any changes and then compare it to what was submitted. The best way to do this, though, is to store the original values in the session when you first populate the form and then compare the submitted values to the session values. This way you're not actually adding a query (so long as you're using sessions already or aren't against adding them). The user can't modify the session values, so this method is safe.
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
