The Disguised Jedi wrote:
try users@httpd.apache.org list
On Tue, 25 Jan 2005 14:21:25 -0800, [EMAIL PROTECTED] <[EMAIL PROTECTED]>
wrote:
I have a new installation of php on an existing apache 2 server, and
something strange is happening. The file 'test.php' works and connects to
the databas
Hi guys:
Thanks in advance for your help. I am newby in this
PHP stuff and I've got quite a problem here, and Ive
spent several days (and nights) trying to solve this
problem.
I am trying to manage a many to many relationship in a
web database application. I have three tables:
tbl_project (whi
Hi All,
I am trying to create a page with 2 text boxes a name and a
password with a submit button.The user must enter his
username and password that is stored in mysql to access the
site.
With the following code i get a successfull connection with
a blank username and password but when i enter a
hi Guys,
I'm using Firebird 1.5 with PHP5.
I have a problem where by I am trying to do the equivelant of:
$a = 'A';
$b = 'AG';
if (stristr($b, $a)) {
// do something.
}
Inside a Stored procedure, where $a and $b are both input variables
to the stored
Jochem Maas wrote:
hi Guys,
hope somebody can give me a clue :-),
well about 5 mins after I posted I managed to find a solution thanks to
a man named Ivan Prenosil (who by all accounts knows where his firebird towel
is ;-)
http://www.volny.cz/iprenosil/interbase/ip_ib_code_string.htm
(the sto
On Wed, 2005-01-26 at 12:44 +0200, it clown wrote:
>$db_user = $_POST["txt_name"];
>$db_password = $_POST["txt_password"];
>$db_name = "data";
>$connection = @mysql_connect ($db_host, $db_user,
> $db_password) or die ("error connecting");
>echo "connection successful!";
> ?>
R
>> if(isset($_GET['id'])) {
>> $id=$_GET['id'];
>> $query = "select bin_data, filetype from binary_data where id=$id";
This is a really bad example, anybody can inject your query with
malicious sql commands.
Never trust user supplied data.
--
PHP Database Mailing List (http://www.php.net/)
To u
That is incrediably risky since you are exposing the entire db for those
users. What about setting [limited] permissions for those users?
I woul move to a table based authentication, where you have a users table
and one [or more] mysql accounts with the bare minimum privileges to allow
the user
Yes, I totally agree. This was merely a sample code of how it could be done.
Not a definitive code samples of how to do it securely. There should be way
more validation, and better error handling too.
Bastien
From: Gareth Heyes <[EMAIL PROTECTED]>
To: php-db@lists.php.net
CC: [EMAIL PROTECTED]
S
It turns out that the real problem was problem 1) I am not personally in
control of our web server.
I forwarded some of the posted messages to our IT department and they
decided to change what they were telling me. They actually had register
globals turned off not on. I changed my code to use the
Thanks for all the tips guys. I'll keep the last couple for future
reference.
--
Chip
Gareth Heyes <[EMAIL PROTECTED]> wrote on 01/26/2005 05:30:45 AM:
> >> if(isset($_GET['id'])) {
> >> $id=$_GET['id'];
> >> $query = "select bin_data, filetype from binary_data where id=$id";
>
> This is a
[EMAIL PROTECTED] wrote:
Thanks, I already had prefork installed. I solved the problem by
heaven help those that walk the threaded path heh :-)
changing to php 5 from php 4.
IC interesting to know.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.
Hi all,
I got this sets(20) of defined constants which using them as keys to an
array
eg
define("FNAME", "fname");
farray = array( FNAME => "hello" ,...);
my question is how do I insert that directly into a javascript(to do
some client validation)
I need this:
var fna
tony wrote:
Hi all,
I got this sets(20) of defined constants which using them as keys to an
array
eg
define("FNAME", "fname");
farray = array( FNAME => "hello" ,...);
my question is how do I insert that directly into a javascript(to do
some client validation)
I need this:
14 matches
Mail list logo