Re: [PHP] forms into database and visa versa

2002-05-17 Thread Geoff Hankerson 

depending on your needs you could just create a .csv file (comma seperated
text) that excel can read easily
- Original Message -
From: Dennis Gearon [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, May 17, 2002 11:13 AM
Subject: [PHP] forms into database and visa versa


 ***_PLEASE CC me as I am on digest_***

 Anyone have a link or links to how to definitively make safe inserts to
 databases with form information?

 I'm thinking this has to do with add/remove slashes. BUT, I also think
 that it might be a good idea to write a function that adds slashes to
 all SQL words, (and make its converse function as well)

 Maybe a pointer to all the possible exploits would be a way to learn
 what to do to avoid them? :-)
 --

 If You want to buy computer parts, see the reviews at:
 http://www.cnet.com/
 **OR EVEN BETTER COMPILATIONS**!!
 http://sysopt.earthweb.com/userreviews/products/

 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] forms into database and visa versa

2002-05-17 Thread Analysis Solutions 

 Anyone have a link or links to how to definitively make safe inserts to
 databases with form information?

It's a good idea to validate all data you're sticking in before you do.
For example, if you have a numeric field, you don't want the person to
be able to submit letters in that field.  So, always check that the data
is formatted the way you want it to be before sending it to the
database.

I usually use preg_replace() to remove undesireable characters.

If you want text to go into a field and want people to be able to have 
quotes and other such items in there, then use addslashes().

--Dan

-- 
   PHP classes that make web design easier
SQL Solution  |   Layout Solution   |  Form Solution
sqlsolution.info  | layoutsolution.info |  formsolution.info
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php