...

View Full Version : I am really confused



Byronwells
01-31-2010, 06:41 PM
Alright guys

I am a little bit confused with this one.. And I do apologise if I dont explain it too well :)

At the moment I am looking at adding a date feature to my php membership script. I have come across this javascript date picker http://www.styledisplay.com/mootoolsdatepicker/ You choose the date and then it is recorded in the text box..

I am then thinking that text box can be recorded in a date field on the mysql database.

This is now where it gets confusing..

The date picker will be on two pages..

1) The add products Page. The reason for that is so that I can choose the date to display the product on the frontend of my site.. Just like you can do on a wordpress blog.. And then it is displayed correctly, for example. I am add one product for today, and then decided to another product which should have been yesterday.. They would show in the right order... etc.

Am I presuming right that I do not need to touch the javascript code.. However this is now a php issue? If so can someone help me please.......

Fumigator
02-01-2010, 12:47 AM
If the date picker does its job, you'll be able to grab the date from the input element on the form, just as if a user had typed in the date by hand. You'll use PHP to validate the date (don't trust the date picker to give you a good date) and insert it into your database.

Byronwells
02-01-2010, 12:56 AM
If the date picker does its job, you'll be able to grab the date from the input element on the form, just as if a user had typed in the date by hand. You'll use PHP to validate the date (don't trust the date picker to give you a good date) and insert it into your database.

Why wouldnt I trust the date picker to give me a good date?? Then what is the point of the date picker.. To give you the right numbers of days for that particular month

PappaJohn
02-01-2010, 01:16 AM
Because a user could tamper with any data sent via your form regardless of whether it came from a datepicker, hidden field, etc.

You should treat ALL input from users as suspect.

Byronwells
02-01-2010, 01:20 AM
Because a user could tamper with any data sent via your form regardless of whether it came from a datepicker, hidden field, etc.

You should treat ALL input from users as suspect.

John

One little problem with that... A user will not get to see the datepicker at all.. They will only get to the date being displayed..

I will be adding the datepicker to two pages which are protected via the admin area.. So I will be the only one getting to see them.. All the user get to see is the product downloads pages, not the add/edit products pages at all..

MattF
02-01-2010, 01:30 AM
One little problem with that... A user will not get to see the datepicker at all.. They will only get to the date being displayed..

And via what method will the date be supplied to your script?

Byronwells
02-01-2010, 01:36 AM
And via what method will the date be supplied to your script?

From my understanding I use the datepicker to select what date I wish to have the product displayed, see the the datepicker here http://www.styledisplay.com/mootoolsdatepicker/,

From that text box then it is stored on the database.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum