Im building a simple yet robust small e commerce site
what i wanna know is:
is it more safe and secure to add the mysql commands such as select add update delete in the same html form
or create another php file for that as a process?
i have an add customer page
the file is add.php
and for me to add that into the database
i pass variables and do the insert in another file called:
is it a big deal?
can the be a possible security issue incase?