Re: [PHP-DB] Slashes or no slashes

2010-08-19 Thread kapuoriginal 

I think you should use prepared statements.

Kapu

--
From: Karl DeSaulniers k...@designdrumm.com
Sent: Friday, August 20, 2010 12:05 AM
To: php-db@lists.php.net
Subject: Re: [PHP-DB] Slashes or no slashes



On Aug 19, 2010, at 4:44 PM, Karl DeSaulniers wrote:


On Aug 19, 2010, at 4:36 PM, Daevid Vincent wrote:


You should be using
http://us2.php.net/manual/en/function.mysql-escape-string.php

You don't need to search with extra slashes for retrieval.


-Original Message-
From: Karl DeSaulniers [mailto:k...@designdrumm.com]
Sent: Thursday, August 19, 2010 2:29 PM
To: php-db@lists.php.net
Subject: [PHP-DB] Slashes or no slashes

Hello,
When I add an item to my database and I use addslashes(),
do I have to use addslashes() to a query that looks for that item?
Or would I be adding double slashes and canceling my own result?
TIA

Karl DeSaulniers
Design Drumm
http://designdrumm.com





-- PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Ah, but lets say I am using a character set utf-8, I should use  
mysql_real_escape_string() instead?

Best,

Karl DeSaulniers
Design Drumm
http://designdrumm.com


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




For a line like this..

return htmlspecialchars(stripslashes($this-values[$field]));

would I change this to?

return mysql_real_escape_string($this-values[$field]);

Or do I still need the htmlspecialchars? In that case would I change  
it to?


return htmlspecialchars(mysql_real_escape_string($this-values 
[$field]));


TIA

Karl DeSaulniers
Design Drumm
http://designdrumm.com


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DB] Displaying Password

2009-12-22 Thread kapuoriginal 

Hi,

You can't be serious with that. You should try The next code:

$UserPassword = str_repeat(#8226;, strlen($UserPassword));

Enjoy. (I hope that you are not a programmer)

--
From: Karl DeSaulniers k...@designdrumm.com
Sent: Tuesday, December 22, 2009 6:12 AM
To: php-db@lists.php.net
Subject: [PHP-DB] Displaying Password


Never mind.
Got it.

$replaceArray = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i',
'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w',
'x', 'y', 'z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0');
$replaceWith = array
('•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•'
,'•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•'
);
$UserPassword = str_replace($replaceArray, $replaceWith,
$UserPassword); //hide pasword

Best,

Karl DeSaulniers
Design Drumm
http://designdrumm.com




--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php