[PHP] Creating a varable with a name held in a string
I have the following code;_ $sql = "select * from text where id= '$id' "; $row = fetch_row_row( $sql, $db ); $img_loc= $row["img_loc"]; $text_type = $row["text_type"]; $seq= $row["seq"]; $rec_type = $row["rec_type"]; $section= $row["section"]; $code = $row["code"]; $repeat = $row["repeat"]; $description= $row["description"] ); $text = $row["text"] ); Was wondering if there was a clever way of doing this with foreach on $row. something like foreach( $row as $index => value ) { create_var( $index, $value ); } So the question is is there a function like create_var which takes a string and a value and creates a variable? Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
[PHP] Magic Quotes Removal code - almost there
The following code is passed $_POST to clean magic quotes code out ;_ function remove_magic_quotes( &$array ) { foreach( $array as $index => $value ) { if ( is_array( $array[$index] ) ) { remove_magic_quotes( $array[$index] ); } else { if ( magic_quotes_runtime() ){ echo "removing slashes $value"; $array[$index] = stripslashes( $value ); } } } } The cleaning works but magic_quotes_runtime is false even if magic codes are on, any ideas? Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
Re: [PHP] Magic Quotes
On Thu, 2005-02-10 at 13:45 +0100, Jochem Maas wrote: > Ben Edwards (lists) wrote: > > PS phpsc.net seems to be down, or is the domain wrong? > > er yes, oops. as Jeffery pointed out it should have been > phpsec.org. had a brainfreeze sorry. OK, trying to do a function to remove magic quotes from the post variable. Something like:- function remove_magic_quotes( &$array ) { foreach( $array as $index => $value ) { if ( is_array( $array[$index] ) ) { remove_magic_quotes( $array[$index] ); } else { if ( magic_quotes_runtime() ){ $array[$index] = stripslashes( $value ); } } } But not quite there. Any ideas? Ben > > Ben > > > > On Thu, 2005-02-10 at 13:28 +0100, Jochem Maas wrote: > > > >>Ben Edwards (lists) wrote: > >> > >>>Am I correct in thinking Magic Quotes automatically adds quotes to all > >>>posted variables, therefore if you are displaying post variables on a > >>>form you have to remove the quotes. They are only needed if you are > >>>actually inserting/updating into the database. Whether magic quotes > >>>are on or not you do not actually have to do anything to data fetched > >>>from the database. If magic quoted are not on you have to add slashes > >>>before you add to the database. > >> > >>you get the gist of it bare in mind _many_ people including actual php > >>developers avoid magic_quotes like the plague cos its a PITA. > >> > >>basically your input to the DB should be properly escaped (there are special > >>functions for this also, depending on your DB, I use alot of firebird and > >>its capable > >>of parameterized queries - making it impossible to do SQL injection if you > >>use > >>the parameterized markup). > >> > >>AND anything you output to the browser should be sanitized properly as > >>well... > >>goto phpsc.net and read everything there - its a good/solid introduction to > >>writing secure php code (e.g. how to combat XSS etc). phpsc.net is headed > >>by Chris > >>Shiflett - a veritable goldmine of php related knowledge do yourself a > >>favor... > >>read his stuff :-) any questions that arise from reading that are welcome > >>here :-) > >> > >> > >>>There is also another function you need pass stuff through if you are > >>>going to use it in an , what is that > >>>function? > >> > >>htmlentities() > >> > >> > >>>Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
Re: [PHP] Magic Quotes
On Thu, 2005-02-10 at 13:28 +0100, Jochem Maas wrote: > Ben Edwards (lists) wrote: > > Am I correct in thinking Magic Quotes automatically adds quotes to all > > posted variables, therefore if you are displaying post variables on a > > form you have to remove the quotes. They are only needed if you are > > actually inserting/updating into the database. Whether magic quotes > > are on or not you do not actually have to do anything to data fetched > > from the database. If magic quoted are not on you have to add slashes > > before you add to the database. > > you get the gist of it bare in mind _many_ people including actual php > developers avoid magic_quotes like the plague cos its a PITA. Yes, it seems like they were invented by the Powers of Darkness ;). I think I am going to put stuff in my common code that is run on at the beginning of every page to remove magic quotes from $_REQUEST, and run all data being put into the database through addslashes first. I can see it is only any to trivial pages where you are taking user input and putting it stright into the database with out validation or re-displaying it. There for it is useless. Regards, Ben > basically your input to the DB should be properly escaped (there are special > functions for this also, depending on your DB, I use alot of firebird and its > capable > of parameterized queries - making it impossible to do SQL injection if you use > the parameterized markup). > > AND anything you output to the browser should be sanitized properly as well... > goto phpsc.net and read everything there - its a good/solid introduction to > writing secure php code (e.g. how to combat XSS etc). phpsc.net is headed by > Chris > Shiflett - a veritable goldmine of php related knowledge do yourself a > favor... > read his stuff :-) any questions that arise from reading that are welcome > here :-) > > > > > There is also another function you need pass stuff through if you are > > going to use it in an , what is that > > function? > > htmlentities() > > > > > Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
[PHP] Magic Quotes
Am I correct in thinking Magic Quotes automatically adds quotes to all posted variables, therefore if you are displaying post variables on a form you have to remove the quotes. They are only needed if you are actually inserting/updating into the database. Whether magic quotes are on or not you do not actually have to do anything to data fetched from the database. If magic quoted are not on you have to add slashes before you add to the database. There is also another function you need pass stuff through if you are going to use it in an , what is that function? Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
RE: [PHP] Problem using return from a class.
On Tue, 2005-02-08 at 16:47 +, Chris Ramsay wrote: > [snip] > I am having a really odd problem. I have a class and if I do a return > nothing is returned. If I do an echo of the variable that is being > returned I can see it so there is something to return. Is there some > strange bug in PHP? > [/snip] > What is it you are doing - are you echoing the call i.e. > echo $myclass->function(); > Or something else? > > Maybe you should post a bit of code to illustrate your problem ;) I'me just doing:- return $radio_html; as the last line of the method. If I do echo $radio_html; The condense of the variable gets outputted. I could post the method here but its a bit long. Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
[PHP] Problem using return from a class.
I am having a really odd problem. I have a class and if I do a return nothing is returned. If I do an echo of the variable that is being returned I can see it so there is something to return. Is there some strange bug in PHP? Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
[PHP] Is there a function to c if a php function exists
I have been implementing a system on a different ISP than I normally use and have got:- Fatal error: Call to undefined function: cal_days_in_month() in /home/hosted/www.menublackboard.com/public_html/dev/classes/validator.class.php on line 134 I found a reference to this an the web and it seems PHP is not compiled with calender support. "recompile php with the "--enable-calendar" option." Cant see being able to get the to re-compile PHP so I guess I am going to have to disable the feature. I seem to remember a while ago seeing a function to test weather a function exists in PHP. That way I can have the relevant validation skipped if the function is missing (I will tell the client if they get decent hosting it will start working). So something like function_exists( cal_days_in_month() ) Anyone know what the function is called. Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
[PHP] Loading all clases always
I have all my classes in a single directory. I was thinking of automatically loading them all at the beginning of every page. The logic being that the class definitions will get cached (I guess PHP uses filesize/date/time) so the overhead would not be that great. Also at any given time they will all probably be needed by one of the visitors. Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
[PHP] Problem with hidden form input values
I know this is not strictly speaking a PHP question but it is to do with a PHP app. I have a form with a number of hidden values in it. After the post print_r( $_POST ) shows all the values except these (this is copied from 'Show Source' in the browser. Any idea why they wont post? Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
[PHP] Problem with foreatch()
I have the following Code: foreatch( $_POST["mtype"] as $akey => $avalue ) { echo "$akey, $avalue"; } When I run it I get: Parse error: parse error, unexpected T_AS in /var/www/mb/mb_estab_update.php on line 58 58 is the line with the foreatch on it. However if I replace it with: print_r( $_POST["mtype"] ); I get: Array ( [1] => RESTAURANT [2] => BEVERAGEWINE [3] => MAIN ) so the array is populated, what am I doing Wrong? Regards, Ben -- Ben Edwards - Poole, UK, England If you have a problem sending me email use this link http://www.gurtlush.org.uk/profiles.php?uid=4 (email address this email is sent from may be defunct) signature.asc Description: This is a digitally signed message part
[PHP] Finding position of New line in string
I am trying to find the position of the first occurrence on new line in a string that comes from a database. I tried $pos = strpos( $list_text, "/n" ); But it never returns anything. Any help would be much appreciated. Ben -- Ben EdwardsTel +44 (0)1179 553 551 ICQ 42000477 Homepage - nothing of interest here http://gurtlush.org.uk Webhosting for the masses http://www.serverone.co.uk criticalSite Builder CMS http://www.criticaldistribution.com Get alt news/views films online http://www.cultureshop.org i-Contact Progressive Video http://www.videonetwork.org Fun with corporate graphicshttp://www.subvertise.org -- * Ben Edwards Tel +44 (0)1179 553 551 ICQ 42000477 * * Homepage - nothing of interest here http://gurtlush.org.uk * * Webhosting for the masses http://www.serverone.co.uk * * Critical Site Builderhttp://www.criticaldistribution.com * * online collaborative web authoring content management system * * Get alt news/views films online http://www.cultureshop.org * * i-Contact Progressive Video http://www.videonetwork.org * * Fun corporate graphics http://www.subvertise.org * * Bristol Indymedia http://bristol.indymedia.org * * Bristol's radical news http://www.bristle.org.uk * -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php