Re: Witango-Talk: Two Inserts from a Drop Down

Thu, 29 Aug 2002 13:46:20 -0700 

The browser does not send the price. The DB does. All the browser 
does is display the price and ask for size and color.  I guess I 
don't know what you mean. If this is the case, go to :
http://honeywellpromo.com and try to order some activewear at 
different prices other then what is displayed. I would be interested 
if you could do this so I could plug up the hole...



>Dude,
>
>If you do it the way you want to do it, (which is totally possible with the
>other posters suggestions) you're opening yourself up to abuse by malicious
>users.
>
>I assume you're talking about inserting new rows into a shopping cart table
>or something like that.  If you rely on getting the price from the browser,
>then it would be very easy for someone to buy a T shirt for 5 bucks instead
>of 13.
>
>You should make a habit of never relying on the browser to send you
>something as important as a price.
>
>My 2 cents.
>
>/John
>
>
>----- Original Message -----
>From: "Web Dude" <[EMAIL PROTECTED]>
>To: "Multiple recipients of list witango-talk" <[EMAIL PROTECTED]>
>Sent: Thursday, August 29, 2002 12:37 PM
>Subject: Witango-Talk: Two Inserts from a Drop Down
>
>
>>  I've seen this posted before, but can't seem to find it.
>>
>>  I have a table that has size and price info. Example:
>>
>>  ID Size Price
>>  1 S 10.00
>>  2 L 11.00
>>  3 XL 12.00
>>  4 XXL 13.00
>>
>>  I do a db call to load a dropdown. I would like to display the size
>>  in the dropdown and  insert BOTH the size and the price from the
>>  dropdown.
>>
>>  I realize I could do a search on the ID before the insert and then
>>  insert from the results, but is there a slicker way of doing this
>>  with just an insert?
>>
>>  Thanks!
>>  --
>>  ________________________________________________________________________
>>  TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
>>                  with unsubscribe witango-talk in the message body
>
>________________________________________________________________________
>TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
>                 with unsubscribe witango-talk in the message body


-- 
________________________________________________________________________
TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
                with unsubscribe witango-talk in the message body

Reply via email to