The workshop is designed to help you anticipate possible questions, review what you've learned, and begin putting your knowledge into practice.



When removing an item from the cart, why do you suppose that the query validates the session ID of the user against the record?


What would be a reason not to store the price in a hidden field when adding to the cart?



Users should be able to remove only their own items.


If you stored the price in a hidden field, a rogue user could change that value before posting the form, therefore, writing whatever price he wanted into the store_shoppertrack table, as opposed to the actual price.

Sams Teach Yourself PHP, MySQL And Apache All in One
Sams Teach Yourself PHP, MySQL and Apache All in One (3rd Edition)
ISBN: 0672328739
EAN: 2147483647
Year: 2004
Pages: 327

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: