[nycphp-talk] next challenge

Freeman, Joshua j at
Wed Feb 23 10:50:17 EST 2005


fwiw, this little database is going to be behind our corporate firewall and only accessible to a few people... 

Basically, our retail department (the people who manage the shop) keep a Microsoft Word doc. list of all of the other Botanical Gardens in the US that have shops.. the idea being that we might be able to get those other shops to purchase items from us that we have manufactured for OUR shop.   When I saw this MS word doc. I figured it'd be a good, small project for me to start building LAMP apps.



Joshua S. Freeman
Director, Information Technology, NYBG
v: 718 817 8937 m: 347 392 2560
jfreeman at nybg dot org

-----Original Message-----
From: talk-bounces at on behalf of Rolan Yang
Sent: Wed 2/23/2005 10:50 AM
To: NYPHP Talk
Subject: Re: [nycphp-talk] next challenge
Silly but true story/word of caution:

If you add a "delete record" button, be sure your admin page is 
protected with a password and also add a robots.txt. A few years back, I 
had a unprotected admin page (security through obscurity, heh!). 
Googlebot found the page (linked from an automated daily web stats page) 
and proceeded to spider all the [delete] links ultimately wiping out all 
the records. Luckily I was able to restore from a nightly backup. It was 
quite embarrasing to be owned by a search engine.


Freeman, Joshua wrote:

> So,
> I can now create a page that reaches into the database, grabs all the 
> records and then displays the first 10 records (or however many I want 
> to set it to) and displays buttons for the next 10, etc... 
> I also have a form so that people can add new records to the database.
> going back to the issue of displaying records in the database, I want 
> set up the ability to bring up a record-edit form by clicking on the 
> name of the Botanical garden... any pointers?
> J.
> Joshua S. Freeman
> Director, Information Technology, NYBG
> v: 718 817 8937 m: 347 392 2560
> jfreeman at nybg dot org
New York PHP Talk Mailing List
AMP Technology
Supporting Apache, MySQL and PHP

-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 3596 bytes
Desc: not available
URL: <>

More information about the talk mailing list