On 10 Aug 2011, at 02:10, Frank Thynne wrote:
> In the interest of clarity and maintainability I would like to be able
> to write code that makes it clear what kind of arguments a function
> expects and what it returns.
>
> This is what I tried:
>
> function integer int_func(string $s) {
> // do
In the interest of clarity and maintainability I would like to be able
to write code that makes it clear what kind of arguments a function
expects and what it returns.
This is what I tried:
function integer int_func(string $s) {
// does something like, say, converting "five" to 5
}
There are t
Sorry but escaping doesnt protect against mysql injection either, it is not
a good answer, nor does it really work, its an effort, yes, buuut in unicode
world we pretty much have the ability to override what it means to be a
character through best guess matching, etc, iiit just doesnt quite work;
e
For the first one, it may be that zend studio does have an internal script to
do the job. Check the general preferences tab, template stuff. Please note that
wrote:
> I've inherited a bunch of code and the previous developers have done two
> things that are really bugging me and I want to clean
I've inherited a bunch of code and the previous developers have done two
things that are really bugging me and I want to clean up.
[a] They use short-tag "
David Green wrote:
>Thank you all for the various suggestions.
>
>It now works with this:
>
>$find = strip_tags($find);
>$find = trim($find);
>
>$data = mysql_query("SELECT * FROM news_items WHERE headline LIKE
>'%$find%'");
>
>Another "newb" question: does strip_tags() help at all in preventin
Thank you all for the various suggestions.
It now works with this:
$find = strip_tags($find);
$find = trim($find);
$data = mysql_query("SELECT * FROM news_items WHERE headline LIKE
'%$find%'");
Another "newb" question: does strip_tags() help at all in preventing SQL
injection attacks?
Kind reg
Hi,
I am having problems while trying to decrypt an encrypted string (generated
from a java system) in PHP.
To take external factors out of the way I decided to make them work first in
my local system.
So I've created a sample encrypt/decrypt from PHP (using mcrypt's extension)
and the java code
On 9 August 2011 16:31, Tim Streater wrote:
> On 09 Aug 2011 at 13:30, Chris Stinemetz wrote:
>
>> Not sure if I am doing it right. It looks like the last single quote
>> is being escaped.
>>
>> When I dump the query I get:
>>
>> SELECT store_id, store_subject FROM stores WHERE store_subject =
>>
On 09 Aug 2011 at 13:30, Chris Stinemetz wrote:
> Not sure if I am doing it right. It looks like the last single quote
> is being escaped.
>
> When I dump the query I get:
>
> SELECT store_id, store_subject FROM stores WHERE store_subject =
> 'Bella Roe 4980 Roe Blvd\'
>
>
> I am thinking maybe
Or the query should look like this, if there is a 'headline' field:
UPPER(`headline`) LIKE '%".mysql_real_escape_string(trim(strtoupper($find)))."%'
Cheers,
Tamas
-Original Message-
From: Andrew Ballard [mailto:aball...@gmail.com]
Sent: Tuesday, August 09, 2011 4:55 PM
To: Davi
On Tue, Aug 9, 2011 at 10:14 AM, David Green wrote:
[snip]
> $data = mysql_query("SELECT * FROM news_items WHERE upper('headline') LIKE
> '%$find%'");
A couple things to consider.
First, as a few others have pointed out, you probably want to remove
the single quotes around the word headline in y
It would be easier and faster to convert your string to lower case, than
perform the upper operation on every entry in the database. Also, just to
point it out, your code is very vulnerable to SQL injection.
But the suggestion is right, dump the query to make sure its correct, and
check for mysql
> -Original Message-
> From: David Green [mailto:simp...@gmail.com]
> Sent: Tuesday, August 09, 2011 10:14 AM
> To: php-general@lists.php.net
> Subject: [PHP] Struggling with MySQL query
>
> Hi
>
> I have a simple from which uses the post method to get to my page
> script
> results.php
>
Why not trying this:
$q = "SELECT * FROM news_items WHERE upper('headline') LIKE '%".$find."%'";
echo $q;
$data = mysql_query($q);
...
And try running the echoed query in phpmyadmin, etc.
Cheers,
Tamas
-Original Message-
From: David Green [mailto:simp...@gmail.com]
Sent: Tue
Hi
I have a simple from which uses the post method to get to my page script
results.php
in results.php I have
$find=$_POST["find"]; //this works perfectly, echo $find gives me the search
term as entered
I then connect to mysql and select the db successfully.
After that, I have the following:
On Aug 9, 2011, at 7:42 AM, Jasper Mulder wrote:
> Date: Tue, 9 Aug 2011 07:30:47 -0500
> From: chrisstinem...@gmail.com
> To: tamouse.li...@gmail.com
> CC: php-general@lists.php.net
> Subject: Re: [PHP] pass text variables to next page
>
> Thank you Tamara.
>
> Not sure if I am doing it right.
> Date: Tue, 9 Aug 2011 07:30:47 -0500
> From: chrisstinem...@gmail.com
> To: tamouse.li...@gmail.com
> CC: php-general@lists.php.net
> Subject: Re: [PHP] pass text variables to next page
>
> Thank you Tamara.
>
> Not sure if I am doing it right. It looks like the last single quote
> is being es
Thank you Tamara.
Not sure if I am doing it right. It looks like the last single quote
is being escaped.
When I dump the query I get:
SELECT store_id, store_subject FROM stores WHERE store_subject =
'Bella Roe 4980 Roe Blvd\'
I am thinking maybe I have too many single quotes some where, but I
19 matches
Mail list logo