SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    monitormensch oerdec's Avatar
    Join Date
    Sep 2004
    Location
    Hamburg
    Posts
    706
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    [PHP and MySQL] SQL query in Session?

    Hi,

    are there any security related problems when storing a SQL query in a session?

    Why I want to do this? A user can sort or search for data records. Sometimes a lot of results were passed. So I want to write a prev/next and a pagination script.

    ...or is it better to store the query in the database itself?

    oerdec

  2. #2
    SitePoint Evangelist
    Join Date
    Apr 2005
    Location
    Moscow, Russia
    Posts
    557
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why I want to do this? A user can sort or search for data records. Sometimes a lot of results were passed. So I want to write a prev/next and a pagination script.
    Hi, you want to implement so different queries for every site user? Usually queries used for pagination scripts are the same at least in FROM clause and other SELECT' parts (select list, WHERE, ORDER BY, etc clauses) can be simply composed from user options (stored in cookies or profile), so there's no need to store/remember queries itself. If you talking about result set returned by query (e.g stored in PHP array), then you may want to store it in session variables (e.g to implement data "caching" to improve site performance), but only if data can't be changed because, otherwise users will be viewing incomplete/obsolete data. I don't see any security risks, but you web server may require some additional resources to store result sets in session variables. Hope this helps


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •