On Sun, Nov 30, 2008 at 11:48 AM, Fred Silsbee fredsils...@yahoo.com wrote:
problem solved...used a session:
[...]
any harm in this?
Session hijacking is possible, though you can take steps to minimize the risk.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit:
-- Forwarded message --
From: Fergus Gibson [EMAIL PROTECTED]
Date: Fri, Nov 28, 2008 at 12:47 AM
Subject: Re: Fwd: Fwd: [PHP-DB] MySQLi connections
To: J. Hill [EMAIL PROTECTED]
On Wed, Nov 26, 2008 at 9:38 PM, J. Hill [EMAIL PROTECTED] wrote:
I understand there are many cases
On Thu, Nov 27, 2008 at 11:19 AM, Bastien Koert [EMAIL PROTECTED] wrote:
2. It is possible to use the application to handle the keys instead of the
database, it involves more work around key checking / validation before
creating or updating records, but it can be done if the INNODB table type
-- Forwarded message --
From: Fergus Gibson [EMAIL PROTECTED]
Date: Wed, Nov 26, 2008 at 11:34 AM
Subject: Re: Fwd: [PHP-DB] MySQLi not closing connections
To: Chris [EMAIL PROTECTED]
On Tue, Nov 25, 2008 at 1:39 PM, Chris [EMAIL PROTECTED] wrote:
Not really true.
pconnect
-- Forwarded message --
From: Fergus Gibson [EMAIL PROTECTED]
Date: Wed, Nov 26, 2008 at 11:50 AM
Subject: Re: [PHP-DB] MySQLi not closing connections
To: Jonathan Langevin [EMAIL PROTECTED]
On Wed, Nov 26, 2008 at 10:36 AM, Jonathan Langevin
[EMAIL PROTECTED] wrote:
I would
-- Forwarded message --
From: Fergus Gibson [EMAIL PROTECTED]
Date: Wed, Nov 26, 2008 at 11:55 AM
Subject: Re: Fwd: [PHP-DB] MySQLi connections
To: J. Hill [EMAIL PROTECTED]
On Tue, Nov 25, 2008 at 3:12 PM, J. Hill [EMAIL PROTECTED] wrote:
I am used to creating a class
On Wed, Nov 26, 2008 at 1:45 PM, Chris [EMAIL PROTECTED] wrote:
It's bad if you ever want to use something other than mysqli! Imagine
your company switching to another database server. You'd have to
rewrite code in hundreds of functions!
[...]
You're going to have a lot more problems with
Darn it. Didn't change the e-mail recipient to be the list.
-- Forwarded message --
From: Fergus Gibson [EMAIL PROTECTED]
Date: Tue, Nov 25, 2008 at 12:02 PM
Subject: Re: [PHP-DB] MySQLi not closing connections
To: Jonathan Langevin [EMAIL PROTECTED]
On Tue, Nov 25, 2008 at 6
On Tue, Nov 25, 2008 at 10:27 AM, Jack Mays [EMAIL PROTECTED] wrote:
I'm not sure why the connections are staying open, but I would suggest using
mysqli_real_connect with the flag to timout connections.
[...]
If this is way off base, let me know.
Jack, I think Jon shouldn't implement this
On Wed, Nov 19, 2008 at 5:55 AM, Alice Wei [EMAIL PROTECTED] wrote:
I am inquiring on this list to see if it is possible to create a script that
takes multiple update statements without my having to write one SQL
statement for each of the updates.
I'm not sure I understand your question.
On Mon, Nov 17, 2008 at 9:15 AM, Abah Joseph [EMAIL PROTECTED] wrote:
The question came to my mind is, How did large website like Yahoo handle
such data? Sure. Yahoo users may be more than 20 millions users or so.
Very large data sets are often partitioned in some way so that a given
lookup
On Mon, Nov 10, 2008 at 8:49 AM, mignon hunter [EMAIL PROTECTED] wrote:
One other question. Our current site is written in jsp with Oracle. I'd like
to use PHP. Do you have any thoughts on this?
Your post, mignon, was pretty clearly directed to Christopher, but I
hope neither of you will be
On Wed, Nov 5, 2008 at 2:17 PM, Chris [EMAIL PROTECTED] wrote:
Too many customers on the same server imo. 600 hits a day is nothing and if
it takes 7 secs to update one column, that's just plain ridiculous.
I agree with this consensus, and I agree that it's not clear how you
would prove this.
On Sun, Nov 9, 2008 at 11:58 AM, TG [EMAIL PROTECTED] wrote:
Shared hosting is fine.. I don't mind a little slow every now and then.
For what this customer needs, a full dedicated server is total overkill.
But the big problem here is that if you exceed a certain amount of CPU and/or
slow
On Fri, Nov 7, 2008 at 3:39 PM, Christopher Jones
[EMAIL PROTECTED] wrote:
mignon hunter wrote:
I'm am trying to find some definitive best practises on database
connections with php on both mysql and oracle.
Most security issues come back to a simple concept. Assume anything
in your scripts
On Sun, Oct 19, 2008 at 5:38 PM, [EMAIL PROTECTED] wrote:
[...]
First method is slower but more secure. Second is speediest but it can
have more failures because are session vars or cookies. It depends of
your control errors and also the visits profile.
I'm not sure what you're trying to say
2008/10/10 Post-No-Reply TUDBC [EMAIL PROTECTED]:
By using TUDBC (http://www.tudbc.org), you can call stored procedures
easily.
Your post was an excellent answer to the question, How do I call
stored procedures easily with TUDBC? Unfortunately, that is not what
the original poster asked. In
Hi, Jason. Do you realize this code is wide open for an SQL injection
attack? The problem could easily be addressed by using a prepared query
instead. For more details, check the mysqli documentation.
Jason Pruim wrote:
The problem is when I am attempting to update some of the info, it
YVES SUCAET wrote:
One suggestion: you may want put mysql_real_escape_string() wrappers
around
all those $_POST[] fields to prevent SQL hijacking of your site.
[...]
mysqli_query($link, $sql) or die(Could not update... .
Yves, he's using mysqli, not mysql. You should not mix those
Jason Pruim wrote:
I plan to wrap the $_POST's into something to protect against some
issues like that. But this was a proof of concept for the boss so it
just needed to be up quickly to see if it was something we wanted to go
ahead with :)
Well, no worries about that then. We're just
Every time I post I get this e-mail:
Halo [EMAIL PROTECTED],
Kami mengirim email ini untuk menyampaikan bahwa grup yang Anda coba
hubungi (donkomo) tidak ada atau Anda tidak memiliki izin untuk mengirim
pesan ke grup itu. Ada beberapa kemungkinan mengapa hal ini terjadi:
[etc.]
I have no
Mad Unix wrote:
Any help concerning installing PDFLib on PHP5.x APACHE2.x. with RHEL4
http://www.php.net/manual/en/pdf.setup.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
22 matches
Mail list logo
