Variables stored changed to using a MySQL database

Hi there,

I am redesigning a basket. I notice in the code that variables are taken from the previous page in the manor below:


$ThisDescription="Online order from ActiveGPS.co.uk";
$ThisCustomerEmail= $_REQUEST['CustomerEmail'];
$ThisCustomerName= $_REQUEST['CustomerTitle']." ".$_REQUEST['CustomerName'];
$ThisDeliveryAddress= $_REQUEST['DeliveryAddress'];
$ThisDeliveryPostCode= $_REQUEST['DeliveryPostCode'];
$ThisBillingAddress= $_REQUEST['DeliveryAddress'];
$ThisBillingPostCode= $_REQUEST['DeliveryPostCode'];
// new 2.22 fields
$ThisContactNumber = $_REQUEST[ 'ContactNumber' ];
$ThisAllowGiftAid = $_REQUEST[ 'AllowGiftAid' ];
$ThisApplyAVSCV2 = $_REQUEST[ 'ApplyAVSCV2' ];
$ThisApply3DSecure = $_REQUEST[ 'Apply3DSecure' ];


The new basket uses a MySQL Database. So this means the variables are sent to the MySQL table. Whereas with the old method it was stored in a varaible (as you see in the code above).

Will it work if I just use a MySQL query to get the variables, replacing the code above?

I think it will work but I would like confirmation from a professional before I crack on.

Thanks,

Matt.

Makes sense to me.

Should do, plus it would slightly close the gaping security hole of using $_REQUEST unqualified.

i have just posted about how to do the request. May be you can answer it here? I need to request rather than echo…I need to store the info not echo it. How is this done!??

Matt.