[development] Forms API newbie guide?
karoly at negyesi.net
Mon Jun 19 06:02:48 UTC 2006
Some obvious wrongs:
$sql = 'select * from issues_projects where project_id = '. $pid;
$dbresult = db_query($sql);
this is the biggest no-no
$sql = 'select * from issues_projects where project_id = %d';
$dbresult = db_query($sql, $pid);
(yes there is a is_numeric check -- that's at least something, but then
you are reinventing the wheel... and what you will do when you work with
strings? better if you get used to placeholders)
$form['projectid'] = array('#type' => 'hidden', '#value' =>
you are much more secure with
$form['projectid'] = array('#type' => 'value', '#value' =>
I would simply echo (or more nifty, watchdog) that $prj->project_id in
here -- are you sure the problem is with form API?
Anyways, this is much better suited for a forum topic...
More information about the development