Join Up! 104882 members and counting!

Login To PHPBuilder User Name: Password: Register A New Site Account * NOTE: This is for logging into the main site only! To login to the forums, click here

Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Hiermenus DatabaseJournal Technology Jobs Covalent Extends Apache 2.0 to Microsoft ASP.NET ShopWorX - Support for Windows PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1 Network Risk Assessment Full-Featured, Java-Based Apache GUI Talking to GitHub with PHP Protecting MySQL Sessions With SSH Tunnel (Port Forwarding) In Case You Missed It...The Week of March 12, 2006 Interfacing with COM objects under Windows Four Sane Solutions for PHP Debugging

php-db | 2001011

From: Luescher Samuel (MMVZSLU) (samuel.luescher <email protected>)
Date: 01/09/01

• Next message: Marco Cunha: "[PHP-DB] PHP with ODBC and Pervasive SQL"
• Previous message: wh: "Re: [PHP-DB] semi-OT Grant Tables in MySQL"
• Next in thread: Doug Semig: "Re: [PHP-DB] database collision?"
• Maybe reply: Doug Semig: "Re: [PHP-DB] database collision?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> hi there. i am developing a database app to manage dynamic sites. in a
> nutshell, i have an item table (to store all the content) and a permission
> table (to register who's allowed to edit/view specific items).
>
> now, when creating a new item, i do the following things:
>
> - determine a new permission id (which is the permission table primary
> key, kinda "SELECT MAX(id) FROM permission_table" and then increase the
> result by one. i don't use AUTO_INCREMENT columns on purpose.)
> - create an entry in the permission table
> - create an entry in the item table, including the permission id as
> relational attribute
>
> now, my question is: since there may be multiple php processes running, if
> two users simultaneously create an item and post it at the same moment -
> couldn't it happen that the process of user#1 has already determined the
> permission id, while user#2 determines the SAME id, creates the entry and
> user#1 will get an error because the item id was already taken in the
> meantime? what can i do to avoid such security/integrity holes?
>
> thanks for listening - sam

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: php-db-unsubscribe <email protected>
For additional commands, e-mail: php-db-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

• Next message: Marco Cunha: "[PHP-DB] PHP with ODBC and Pervasive SQL"
• Previous message: wh: "Re: [PHP-DB] semi-OT Grant Tables in MySQL"
• Next in thread: Doug Semig: "Re: [PHP-DB] database collision?"
• Maybe reply: Doug Semig: "Re: [PHP-DB] database collision?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Columns / Articles | Tips / Quickies | News | News Linking and RSS Feeds | Shared Code Library Mail Archives | Support / Discussion Forums | Get Started! Links | Contribute! | Docs