got it:
// converts a UK date (DD-MM-YYY) to a US date (MM-DD-YYYY) and vice versa
function convertDate ($sDate) {
$aDate = split ("/", $sDate);
$return = $aDate[1]."/".$aDate[0]."/".$aDate[2];
return $return; }
Cheers,
Jon
jon bennett | [EMAIL PROTECTED] new media creative _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
J b e n . n e t
91 Gloucester Rd, Trowbridge, Wilts, BA14 0AD t: +44 (0) 1225 341039 w: http://www.jben.net/
On 14 Jan 2004, at 13:50, Jon Bennett wrote:
Hi,
I'm trying to re-work this code from the php site <http://uk.php.net/strtotime> so that my users can input dates in UK format (dd-mm-yyyy) and still use strtotime.
// from http://uk.php.net/strtotime
$date=explode("/",trim($records[2])); $posted=strtotime ($date[1]."/".$date[0]."/".$date[2]);
so far I've got:
// converts a UK date (DD-MM-YYY) to a US date (MM-DD-YYYY) so strtotime doesn't fail
function convertDate ($sDate) {
$aDate = explode("/",trim($sDate[2]));
$return = strtotime ($aDate[1]."/".$aDate[0]."/".$aDate[2]);
return $return; }
But this always fails, any idea why ??
What I really need is to re-order the string that a user inputs, say, 21/04/2004, so that it becomes 04/21/2004 so I can use strtotime.
Cheers,
Jon
jon bennett | [EMAIL PROTECTED] new media creative _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
J b e n . n e t
91 Gloucester Rd, Trowbridge, Wilts, BA14 0AD t: +44 (0) 1225 341039 w: http://www.jben.net/
On 14 Jan 2004, at 13:32, Chris W wrote:
I wanted to run by everyone what I am doing in my application to help
prevent someone from inadvertently or intensionally breaking the system
and compromising security. First some quick background. This is an
Apache/php/mysql project. It is a wish list database where people can
create an account, then a wish list and share it with all their friends
and family so they will know what to get them for their birthday or
Christmas or whatever event. There are many other features that I won't go into here, if you want to know more, you can take a look at the work in progress at http://thewishzone.com:8086
The first thing I do when getting data from a post or a get is run it
through a function that first checks to make sure it isn't any longer
than I am expecting (I will also eventually have java script that does
client side checking too, but a post or get can easily be faked so I
am checking on the server side as well) I then verify that every character in the string is with in the ascii range of a space to the ~ which is basically all the characters on the key board. If either test fails I print an error and stop the script. If the value is supposed to be an integer or float I also check to make sure there aren't any non-numeric characters in the value. Then finally before I put it in the database I use the mysql_real_escape_string function and put single quotes around my values in the sql statements.
Are there many php or mysql configuration considerations for making the site secure? I have already done the obvious with my sql and set up the grant tables with passwords for all users and removed the [EMAIL PROTECTED] user.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
