On Wed, 2009-03-04 at 15:21 -0800, Michael A. Peters wrote:
Robert Cummings wrote:
To punt what is repeated over and over during runtime to a single
compilation phase when building the template target. To simplify the use
of parameters so that they can be used in arbitrary order with
PJ wrote:
Shawn McKenzie wrote:
Robert Cummings wrote:
On Wed, 2009-03-04 at 15:48 -0600, Shawn McKenzie wrote:
Whatever you do, please, please, please, for the love of all that is
holy, please, do not vilify potatoes! ...or the Irish :-)
Potatoes are best served sliced
Shawn McKenzie wrote:
PJ wrote:
Shawn McKenzie wrote:
Robert Cummings wrote:
On Wed, 2009-03-04 at 15:48 -0600, Shawn McKenzie wrote:
Whatever you do, please, please, please, for the love of all that is
holy, please, do not vilify potatoes! ...or the Irish :-)
Potatoes
Eric Butera wrote:
So here's some examples of bad behavior.
= Database =
Bad:
$name = mysql_real_escape_string($_POST['name'], $link);
myql_query(INSERT INTO foo (`name`) VALUES ('. $name .'));
$name now contains slashes which means it is corrupt and not able to
be echo'd without a
Robert Cummings wrote:
On Wed, 2009-03-04 at 15:21 -0800, Michael A. Peters wrote:
Robert Cummings wrote:
To punt what is repeated over and over during runtime to a single
compilation phase when building the template target. To simplify the use
of parameters so that they can be used in
On Wed, Mar 4, 2009 at 8:18 PM, Chris dmag...@gmail.com wrote:
You only need to escape data coming from a user going in to your database.
If you put user input into your database and pull it back out, it's
still raw user input. Never trust any piece of data ever, whether it
comes from a
On Wed, Mar 4, 2009 at 8:54 PM, Michael A. Peters mpet...@mac.com wrote:
Eric Butera wrote:
So here's some examples of bad behavior.
= Database =
Bad:
$name = mysql_real_escape_string($_POST['name'], $link);
myql_query(INSERT INTO foo (`name`) VALUES ('. $name .'));
$name now contains
On Wed, Mar 4, 2009 at 6:27 PM, Eric Butera eric.but...@gmail.com wrote:
On Wed, Mar 4, 2009 at 8:54 PM, Michael A. Peters mpet...@mac.com wrote:
Eric Butera wrote:
So here's some examples of bad behavior.
= Database =
Bad:
$name = mysql_real_escape_string($_POST['name'], $link);
Eric Butera wrote:
On Wed, Mar 4, 2009 at 8:18 PM, Chris dmag...@gmail.com wrote:
You only need to escape data coming from a user going in to your database.
If you put user input into your database and pull it back out, it's
still raw user input. Never trust any piece of data ever, whether
On Wed, Mar 4, 2009 at 6:55 PM, Chris dmag...@gmail.com wrote:
Eric Butera wrote:
On Wed, Mar 4, 2009 at 8:18 PM, Chris dmag...@gmail.com wrote:
You only need to escape data coming from a user going in to your
database.
If you put user input into your database and pull it back out, it's
Kyle Terry wrote:
On Wed, Mar 4, 2009 at 6:55 PM, Chris dmag...@gmail.com wrote:
Eric Butera wrote:
On Wed, Mar 4, 2009 at 8:18 PM, Chris dmag...@gmail.com wrote:
You only need to escape data coming from a user going in to your
database.
If you put user input into your database and pull
On Wed, Mar 4, 2009 at 20:10, Al n...@ridersite.org wrote:
$obligatoryFieldNotPresent=null;
foreach($_POST, as $value)
{
if(!empty($value)continue;
Parse error. ;-P
--
/Daniel P. Brown
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ ||
On Wed, Mar 4, 2009 at 20:28, Shawn McKenzie nos...@mckenzies.net wrote:
Well, the ground beef is actually tartar and it goes without saying that
it would be topped with foie gras and grape chutney with caviar on the side.
with gold-plated platinum flakes and diamond-dust salt.
--
On Wed, Mar 4, 2009 at 7:35 PM, Daniel Brown danbr...@php.net wrote:
On Wed, Mar 4, 2009 at 20:28, Shawn McKenzie nos...@mckenzies.net wrote:
Well, the ground beef is actually tartar and it goes without saying that
it would be topped with foie gras and grape chutney with caviar on the
On Wed, Mar 4, 2009 at 22:46, VamVan vamsee...@gmail.com wrote:
Hey Guys I have Question. I just noticed that once the whoami thread
reached 100 posts it automatically created another thread. Is this intended?
Can a discussion be only 100 post's long??
Just out of curiosity :)
In
On Wed, Mar 4, 2009 at 7:50 PM, Daniel Brown danbr...@php.net wrote:
On Wed, Mar 4, 2009 at 22:46, VamVan vamsee...@gmail.com wrote:
Hey Guys I have Question. I just noticed that once the whoami thread
reached 100 posts it automatically created another thread. Is this
intended?
Can a
Actually no; you said You only need to escape data coming from a user
going in to your database.
Using a known variable in my app is not going to cause an sql injection
problem.
switch ($value) {
case 'x':
$my_field = 1;
break;
default:
$my_field = 0;
}
an insert here with
On Wed, Mar 4, 2009 at 7:01 PM, Michael A. Peters mpet...@mac.com wrote:
Robert Cummings wrote:
On Wed, 2009-03-04 at 15:21 -0800, Michael A. Peters wrote:
Robert Cummings wrote:
To punt what is repeated over and over during runtime to a single
compilation phase when building the
On Wed, Mar 4, 2009 at 7:12 PM, Shawn McKenzie nos...@mckenzies.net wrote:
Jason Cipriani wrote:
On Wed, Mar 4, 2009 at 2:10 PM, Shawn McKenzie nos...@mckenzies.net wrote:
Jason Cipriani wrote:
Is there a way to force PECL to use multipart/form-data encoding for
all post fields added with
Hello,
on 03/05/2009 02:31 AM Jason Cipriani said the following:
Thanks. I actually had a look at the HttpRequest source code, and I
can see the logic where it switches to multipart encoding if files are
present but it actually appears that it's not possible to force it to
do that. It's sort
On Thu, Mar 5, 2009 at 12:48 AM, Manuel Lemos mle...@acm.org wrote:
Hello,
on 03/05/2009 02:31 AM Jason Cipriani said the following:
Thanks. I actually had a look at the HttpRequest source code, and I
can see the logic where it switches to multipart encoding if files are
present but it
Hello Jason,
on 03/05/2009 03:17 AM Jason Cipriani said the following:
Thanks. I actually had a look at the HttpRequest source code, and I
can see the logic where it switches to multipart encoding if files are
present but it actually appears that it's not possible to force it to
do that. It's
On Thu, Mar 5, 2009 at 1:48 AM, Manuel Lemos mle...@acm.org wrote:
Hello Jason,
on 03/05/2009 03:17 AM Jason Cipriani said the following:
Thanks. I actually had a look at the HttpRequest source code, and I
can see the logic where it switches to multipart encoding if files are
present but it
101 - 123 of 123 matches
Mail list logo