[Proto-Scripty] Re: help with autocompleter

Fri, 30 Jan 2009 10:12:56 -0800 

thanks a lot, disccomp and lars, i didnt' know this

$safe_id = mysql_real_escape_string($_REQUEST['id']);

lars you said that

when you want to use fulltext search keep in mind there's a
ft_min_word_len config
variable which defaults to 4 characters (so won't get any results
when
searching with
2 characters)

this variable i think that is defined on prototype.js or
scriptaculous.js?

sorry, but this is my second program using prototype, i'm very new

thanks in advance



De: disccomp <discc...@gmail.com>
Fecha: Fri, 30 Jan 2009 07:21:41 -0800 (PST)
Local: Vie 30 ene 2009 09:21
Asunto: Re: help with autocompleter
Responder | Responder al autor | Reenviar | Imprimir | Mensaje
individual | Mostrar mensaje original | Informar de este mensaje |
Buscar mensajes de este autor

> and i need

On 30 ene, 09:42, Lars Schwarz <lars.schw...@gmail.com> wrote:
> if you specified paramName: "value" on the autocompleter call then on
> php side your
> variable will be $_POST['value'].
>
> simple pattern search would then work like:
>
> $searchTerm = mysql_real_escape_string($_POST['value']) . "%"; // add a 
> wildcard
>
> and your query for example might look like "select * from foobar where
> last_name like '$searchTerm'
>
> when you want to use fulltext search keep in mind there's a
> ft_min_word_len config
> variable which defaults to 4 characters (so won't get any results when
> searching with
> 2 characters)
>
> On Fri, Jan 30, 2009 at 4:21 PM, disccomp <discc...@gmail.com> wrote:
>
> >> and i need to get this value, like this $searchterm=$_REQUEST['id'];??
>
> > You should make it injections safe, for example if using PHP:
>
> > $safe_id = mysql_real_escape_string($_REQUEST['id']);
> > $query = "SELECT last_name, first_name FROM people WHERE
> > last_name='$safe_id' ";
>
> > Checkouthttp://us.php.net/mysql_real_escape_string
>
> --
> Lars Schwarz
> Heiligengeiststr. 26
> 26121 Oldenburg
> T 0441 36110338
> M 0151 1727 8127
> Wwww.bitrocker.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Prototype & script.aculo.us" group.
To post to this group, send email to prototype-scriptaculous@googlegroups.com
To unsubscribe from this group, send email to 
prototype-scriptaculous+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/prototype-scriptaculous?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to