SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Member
    Join Date
    Jul 2004
    Location
    calgary, alberta, canada
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Executing An SQL Query In A Link

    I've been trying to figure out how to delete a record from one of my tables just by clicking a normal anchor tag like in the phpMyAdmin. So I took a look at the source code of one of the pages and I saw this.

    <a href="sql.php3?lang=en-iso-8859-1&amp;server=1&amp;db=logs&amp;table=calls&amp;goto=tbl_properties_structure.php3&amp;back=tbl_properties_structure.php3&amp;sql_query=DELETE+FROM+%60calls%60&amp;zero_rows=Table+calls+has+been+emptied" style="display:block" class="drop"
    onclick="return confirmLink(this, 'DELETE FROM `calls`')">

    Now can anybody help me understand it.
    I know the onclick part brings up the confirm box.
    Some of the stuff in the link actually makes sense to me.
    But what is sql.php3?? Is it a file that I would have to modify to make it work on my page.
    What does "goto=tbl_properties_structure.php3&amp;back=tbl_properties_structure.php3&amp;" do??
    What does the "&amp" stand for is it a space??
    Is "%60" stand for a single quote??
    Do I need the style and class property to work??
    If anybody can help me, any response would be greatly appreciated.

  2. #2
    Your Lord and Master, Foamy gold trophy Hierophant's Avatar
    Join Date
    Aug 1999
    Location
    Lancaster, Ca. USA
    Posts
    12,305
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Not a good idea... In fact it is a very bad idea and a security risk.

    Why not simply link the anchor tag to a file that executes the query in your favorite server side language?
    Wayne Luke
    ------------



Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •