Hello
I'm new to this list. I diden't found anything in the archive and by
googleing to solve my problem.
We have updated our server to PHP 4.3.8 and MySQL 4.0.2. Some of our
clients run a shop software that need 'LOAD DATA LOCAL INFILE' to store
its data to MySQL. MySQL itself supports the
I often had trouble getting the syntaxt just right with PHP, it's easy to
end up with the wrong number of slashes around the -lines terminated by
'- parts of this.
When you ran your query, what did mysql_error() say about it ?
That would be a line you add directly after the line
mysql_error() says:
1148:The used command is not allowed with this MySQL version
The same Script worked fine before we updated PHP and MySQL.
The query works at the mysql shell prompt. But here it is:
LOAD DATA LOCAL INFILE '/[Path]/inc/../in/wbsuser.src'
REPLACE INTO TABLE user fields
I would like to use an SQLite DB for the prefs for an open source PHP
project, but I can't find any way to be sure the DB file is going to be
secure... Is it possible to encrypt a SQLite DB file?
With the current setup, if I include a .htaccess for the DB dir, this
will only work for Apache -
SQLite security is based primarily on filesystem security, placing the
database outside the web root (i.e. /home/user/private/SQLITE.db instead of
/home/www/SQLITE.db) and including an option in your base configuration or
include file to point to the database file.
You can use Mcrypt, OpenSSL or
I'm having some inconsistency with mysql insert queries when there is a
single quote involved.
Example: A new member register's with the name of Jason O'Neal. There are no
addslashes in the code, and the user is entered into the table correctly.
Insert into members (name) values
Hi Chad, please see below
Chad Stalvey [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I'm having some inconsistency with mysql insert queries when there is a
single quote involved.
Example: A new member register's with the name of Jason O'Neal. There are
no
addslashes in the code,
Ok. It seems that a $_POST value comes over with the escaped single quote as
in O\'Neal. So why does it not preserve that escape when pulling a value
from a table field, and inserting it back into another table field? When I
pull it out and insert it back in it is simply O'Neal.
-Original
Chad Stalvey [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Ok. It seems that a $_POST value comes over with the escaped single quote
as
in O\'Neal. So why does it not preserve that escape when pulling a value
from a table field, and inserting it back into another table field? When I
Is it just me or is this a very bad thing from a security standpoint? It
seems to me that user input should always be filtered before use. Otherwise
there's nothing stopping a hacker from embedding sql into the value of the
name variable.
-Original Message-
Insert into members (name)
Hi Dani et al..
The guys at MySQL turned this off for security reasons. :( They and SuSE say
that you can turn it back on, but I've never been able to get it to work.
There are two ways to handle this, first you have to use LOAD DATA INFILE.
The file then needs to be either in /tmp and
Am 2004-08-16 19:11:50, schrieb James Hatridge:
Hi Dani et al..
The guys at MySQL turned this off for security reasons. :( They and SuSE say
that you can turn it back on, but I've never been able to get it to work.
There are two ways to handle this, first you have to use LOAD DATA
This is a setting in MySQL that you have to explicitly turn on at compile time.
--enable-local-infile Enable LOAD DATA LOCAL INFILE (default: disabled)
I suspect that's what _might_ be happening.
On Mon, 16 Aug 2004 15:33:37 +0200, Daniel Kradolfer
[EMAIL PROTECTED] wrote:
mysql_error()
Dear Friends,
I am getting error while sending email newsletter from local host using
mailing list application.
Its mentioning
verify your SMTP and smtp_port setting in php.ini or use ini_set() in
Setting of php.ini file I have posted.
Any guidance, please.
Sounds like your mailserver isn't running. Have you verified that the
SMTP is running on the local machine? Easy way to verify is open up a
terminal type program and try to connect to localhost 25.
On Mon, 16 Aug 2004 21:55:50 EDT, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
Dear Friends,
I
I don't have smtp server running on my computer. Any suggestions for smtp
server, please.
That's what escapeshellcmd() is for - never ever trust user data. At minimum, I would
always use addslashes() or the new mysql_real_escape_string() around every bit of user
data if it's touching the db. At minimum, and in lieu of data validation that is
really checking what the user entered
-Original Message-
I don't have smtp server running on my computer. Any suggestions for smtp
server, please.
Those settings will depend entirely on your Internet Service Provider.
You'll need to call them and ask what you'd use for your outgoing SMTP
server for sending email.
-Ed
--
I am getting error as my mailing list application isn't configured with smtp
server.
I contacted my isp provider that is aol, they give details of configuring
smtp with applications like outlook express.
I have pasted the error i receive and other details related to my
application. Any
[EMAIL PROTECTED] wrote:
I am getting error as my mailing list application isn't configured with smtp
server.
I contacted my isp provider that is aol, they give details of configuring
smtp with applications like outlook express.
I have pasted the error i receive and other details related to my
On Tuesday 17 August 2004 14:07, John Holmes wrote:
In the Outgoing mail (SMTP): field, change the number that displays to
587.
I guess 587 is the name of AOL's outgoing SMTP server for you? Change
the below line in php.ini to reflect that, then.
[mail function]
; For Win32 only.
21 matches
Mail list logo