Evert | Rooftop Solutions wrote:
Hi Folks,
I'm using PHP 4.3.10, the Zend Optimizer and Apache 1.3.33.
Somehow, if I want to open for example /dikkerapper.php, it is also
possible to access it through /dikkerapper (without the .php extension)
I haven't seen this before, but when I checked it also
Ryan A wrote:
Hey all,
[snip]
I am reading off an array from the users cookie called "user_cookie"
the array is a bunch of numbers like this:
[snip]
the numbers are the cart items the user has saved and they match a
"item_number" field in my mysql db, the arrays name is $cart_arr
what i am doing is
Ryan A wrote:
Hi,
Just a quick question, I have been reading a lot about SQL injection doing a
s**tload of damage to many sites, I myself use a pagentation class which
sends the page number from page to page in a $_GET['page'] request which
gets used in a LIMIT parameter.
From what i have been rea
Ryan A wrote:
Hey all,
Been working on this nearly the whole night so i dont really know if this is
all that hard or am just braindead.
Probably just need a pair of fresh eyes.
[ trimmed ]
sometimes items get deleted or are taken off the "active" list, when this
happens I would like to take out the
Chris Shiflett wrote:
John Hinton wrote:
Seems my old setcookie scripts are busted in php with globals off.
Use $_COOKIES['name'].
Chris
The thing is, on the next action switch
print_r($_COOKIE);
returns empty until I refresh the browser. So, thusly, the second page
load brings in the cookies.
A
Kevin Coyner wrote:
From php.net, I've found plenty of examples of how to create thumbnails
from files and have done a couple successfully. My objective, however,
is to have a page dynamically create multiple thumbnails from full sized
images. I don't want to be creating and saving thumbnails to
John Hinton wrote:
Seems my old setcookie scripts are busted in php with globals off.
Use $_COOKIES['name'].
Chris
--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[EMAIL PROTECTED] wrote:
I don't see anything special about my Netflix queue. Am I missing
something there? And I have no idea what "Flex" is referring to, so I'll
check that out if anyone lets me know where. :o)
Sorry about that, I was referring to Macromedia Flex.
http://www.macromedia.com/pr
Seems my old setcookie scripts are busted in php with globals off.
--begin code--
# LOGIN PAGE
###
function login(){
include ('config.php');
$query = "SELECT * FROM atable";
$result = mysql_db_q
Hey all,
Been working on this nearly the whole night so i dont really know if this is
all that hard or am just braindead.
Heres what i am doing:
I am reading off an array from the users cookie called "user_cookie"
the array is a bunch of numbers like this:
254
7785
5899
540055
etc
the numbers are
[EMAIL PROTECTED] wrote:
So if I could broaden the question and ask, in general, what people
recommend for pre-processing data before it goes into a SQL
statement.
For escaping, I recommend an escaping function specific to your
database. These exist for most popular databases. As a last resort, yo
Thanks a ton, Chris & Chris! Clear, concise and informative answers are always
the best :) I knew the basic theory but never looked into the specifics on
what, exactly, could be harmful in cases like this. In cases of security
'common sense' isn't always helpful because it's the uncommon sen
Hey!
Thanks for replying.
I was just going to write to you (after your last reply to my questions)
that someone recommended your site and after i made a quick visit...if you
could direct me to the exact page/section...guess you read my mind :-D
Thanks,
Ryan
On 3/26/2005 7:47:36 PM, Chris Shifle
Chris Ramsay wrote:
This is excellent:
http://www.shiflett.org/
I'm glad you think so. :-)
There's a free article there on SQL injection:
http://shiflett.org/articles/security-corner-apr2004
I'm always refining the methods in which I explain things like SQL
injection, so my replies on this thread
Hi Ryan,
From what i have been reading, wrapping all my GET and POST requests in a
htmlentities() function should keep me saferight? or what else should
i/can i do?
No, let me start by correcting a misunderstanding. Yes, htmlentities()
is an escaping function, but it is for escaping data for u
Others have reported problems reading COM ports using fopen and fgets or
fread. They open the port and start reading but nothing ever arrives.
I have the same problem and discovered the following. There is an 8K
input buffer. Only after 8K bytes have arrived does fgets or fread see the
first.
How
Others have reported problems reading COM ports using fopen and fgets or
fread. They open the port and start reading but nothing ever arrives.
I have the same problem and discovered the following. There is an 8K
input buffer. Only after 8K bytes have arrived does fgets or fread see the
first.
How
GamblerZG wrote:
Why would you _manually_ edit a serialized array??? One would think
you would UNSERIALIZE (http://us4.php.net/unserialize) the serialized
array *before* working with the data.
Well, I guess my initial posting was a bit misleading. I'm writing a
content management system, and t
Why would you _manually_ edit a serialized array??? One would think you
would UNSERIALIZE (http://us4.php.net/unserialize) the serialized array
*before* working with the data.
Well, I guess my initial posting was a bit misleading. I'm writing a
content management system, and that system needs t
With htmlentities() you are safe also to potential XSS attacks.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
This is excellent:
http://www.shiflett.org/
Chris R
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Actually I was just about to look into this again myself since I'm working on a
project that I'd like to protect from SQL injections.
htmlentities() is a start, but that's not going to protect you from someone
using apostrophes (single quotes) and breaking your SQL in other ways.
While some of
Hi,
Just a quick question, I have been reading a lot about SQL injection doing a
s**tload of damage to many sites, I myself use a pagentation class which
sends the page number from page to page in a $_GET['page'] request which
gets used in a LIMIT parameter.
>From what i have been reading, wrappi
On Sat, 2005-03-26 at 11:43, Johan van Zyl wrote:
> Fatal error: Call to undefined function: ibase_fetch_assoc() in
> /home/e-smith/files/ibays/Primary/html/html/untitled17.php on line 209
>
> How do I slove this?
Perhaps you haven't updated for a while, so you don't have this function
in your PH
> Aaron wrote:
> http://bugs.php.net/bug.php?id=32449
> I dont see how its not a bug.
You might find the advice here helpful as well:-
http://www.catb.org/~esr/faqs/smart-questions.html
Alan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jonis Maurin Ceará schrieb:
> Hi
Hi Jonis,
> I'm trying to use setlocale to setup my language to pt_BR for ue with
> strftime but don't work.
>
> I've tryied:
> pt_BR
> pt_BR.ISO_8859-1
> portuguese.br
> etc...
>
>
> but don't work, i just get in
Aaron wrote:
http://bugs.php.net/bug.php?id=32449
I dont see how its not a bug.
No, it's not. There are undefined variables
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I am trying to get Dashboard graphics working on a Debian woody system. I have
the following php packages installed:
ii php4 4.1.2-7.0.1A server-side, HTML-embedded scripting langu
ii php4-cgi 4.1.2-7.0.1A server-side, HTML-embedded scripting langu
ii php4-gd2 4.1
AndreaD wrote:
I have a range of cookies that need to be deleted on the click of a button.
The cookies are set by using.
setcookie("cookie[$name]", "$age")
Is there a simple command to delete all cookies or I have to do a foreach
statement?
You have to use foreach
How can I execute the code/fun
You can have the functions list in an array and check if any of that is
in the code you are going to pass to eval().
Devta.
GamblerZG escribió:
Ok, let me ask in a different way. Is there any way to make eval to
parse only data structures, without executing any functions it may
encounter?
___
Hi All
This code:
First Name
Last Name
";
echo "";
echo $row["FIRST_NAME"];
echo "";
echo "";
echo $row["LAST_NAME"];
echo "";
echo "";
}
echo "";
ibase_free_result($result);
}
?>
gives me this error:
Connected to: 10.0.0.3:employee.fdb
First Name Last Name
Fatal error: Call to undefined fu
Dan Rossi wrote:
On 20/03/2005, at 5:40 AM, Marek Kilimajer wrote:
If you need only hotlink protection then the current referer checking
is just enough. Most users will not install referer spoofing software.
But if you need to be 100% sure the videos are streamed through
affiliate server, you ca
I have a range of cookies that need to be deleted on the click of a button.
The cookies are set by using.
setcookie("cookie[$name]", "$age")
Is there a simple command to delete all cookies or I have to do a foreach
statement?
How can I execute the code/function on a click of a button?
Than
use javascript
not
the header function.
"Jacques" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> How should I formulate the header function to replace the current frameset
> page with a new one? I have tried a combination of header("Location:
> page.php target=_parent"); but I get
I'm trying to use a PHP script to test the throughput from a few
different web servers on a test network at work. I'm doing an fopen
with the URL, and then a read loop like this:
while (!feof($handle)) {
fread($handle, 8192);
}
I'm ignoring the data returned by fread, since I'm just int
> Any idea how I could fix it?
Yes, use mysql_error() to see what the error is, once you know what MySQL
error you are getting, it will be easy to fix.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I would say the best way to go about doing this would be to look at examples
of the code in sites you find that do this. Observe how they do it, and base
your code off of it.
"Cima" <[EMAIL PROTECTED]> wrote:
hi,
im building a web site and i have seen some sites built using modules to
facilitate
Alright, I made a new index and I am 100% sure that I did it correctly.
http://subzer0.net/php
Notice those two mysql_fetch_row errors. I have successfull connected to the
database needed, the query seems to be correct, and I inserted some boards
into the board db.. But I still get that erro
Chances are you are not connected to the database, or you have a MySQL error
somewhere along the lines. Try using mysql_error() to help find whats going
on.
<[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]
> I get this error: Warning: mysql_fetch_row(): supplied argument is not a
> val
Ok, let me ask in a different way. Is there any way to make eval to
parse only data structures, without executing any functions it may
encounter?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I get this error: Warning: mysql_fetch_row(): supplied argument is not a
valid MySQL result resource in /home/helljump/public_html/php/index.php on line
39
and I am connecting to the database!
Here is line 39:
'.$row[1].'
'.$row[2].''.$row[3].''.$row[4].'';
echo 'User Options<
/td>Use your bo
May be this help you:
$data=$_POST['position'];
$positions=array_keys($data);
foreach($positions as $pos){
$row=$data[$pos];
foreach($row as $value){
$sql="INSERT INTO table_name (field_name)VALUES ('$value')";
$cursor=mysql_query($sql);
}
}
Devta.
[EMAIL PROTECTED] escribió:
H
Jay Blanchard wrote:
[snip]
/* send the errors to the interface and exit*/
if('' !== $errorsReported){
for($i = 0; $i < count($errorsReported); $i++){
echo $errorsReported[$i];
}
unset($errorsReported);
http://bugs.php.net/bug.php?id=32449
I dont see how its not a bug.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hi everyone.
Im having a problem matcing some code using preg_match_all. The regex
statement needs to be very flexiable. The code im using is:
(\n| |.)+
to match the code. This code is being used to read project data is being
read from a socket and i need a way of spliting up the separate proj
On Fri, 25 Mar 2005 21:32:44 -0500, Kevin Coyner <[EMAIL PROTECTED]> wrote:
>
> Is there a way to create multiple jpg thumbnails from a series of larger
> originals and use all of the on-the-fly generated thumbnails in a page
> (without saving any of the thumbnails to the filesystem)?
>
> For exa
46 matches
Mail list logo
