StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POServer Side Validation Preventing Database Errors
primarykey
Id
11506972
data
AcceptedAnswerId
11507517
AnswerCount
1
ClosedDate
CommentCount
5
CommunityOwnedDate
CreationDate
2012-07-16T14:59:28.863
FavoriteCount
0
LastActivityDate
2012-07-16T16:29:39.750
LastEditDate
2012-07-16T16:29:39.750
LastEditorUserId
1464055
OwnerUserId
1464055
ParentId
0
PostTypeId
1
Score
2
ViewCount
179
LastEditorDisplayName
text
Body
I'm fairly new to server side coding and am currently setting up a site which involves pulling objects from a database, allowing a user to edit them, and then re-inserting these elements in to the database. However, I'm not sure how to prevent the user from ruining the database through the use of development tools. Essentially elements are displayed in a list and each element is a script. It has it's own unique ID and a name (not necessarily unique). So, when it is pulled from the database, the name is the list's text and the id is contained within an attribute field. When they're edit, I pull the id from the html attribute and use that to save any changes to the database. Of course, I make checks server side to determine if all of edits the user made are allowed. But, the problem I'm running into is that the user could easily open up any form of developer tools, change scripts Id's (switch them or vary them in any way they please) and this would definitely hurt the database. Could someone provide me a few techniques to prevent this issue? I'd really appreciate it. Thanks! I don't know how it'll help, but the majority of my code is in Javascript (using jquery and jquery ui) and php (using CodeIgniter as the framework). EDIT: Imagine two elements Id -> Title -> Description 5 -> Hello -> World 6 -> Bye -> Sleep On server side, these are displayed as lists and there's an alternate way to edit the values. <pre><code><li data-id=5>Hello</li> <li data-id=6>Bye</li> </code></pre> Someone can load up fire bug and change the data-id's that I use for queries, say make the first one 7. Or swap both. In this case, that doesn't really matter, but it's actually more for my curiosity, is there any way to prevent this?
Tags
<php><jquery><database><validation>
Title
Server Side Validation Preventing Database Errors
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USuser1464055
UserOwnerUserId
1. USuser1464055
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POServer Side Validation Preventing Database Errors
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.