from:"Meir Kriheli \- MKsoft"

Re: [PHP] Filtering out \ when a ' is user entered?

2001-06-27 Thread Meir Kriheli - MKsoft

- Original Message - 
From: Marcus James Christian [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, June 27, 2001 6:18 AM
Subject: [PHP] Filtering out \ when a ' is user entered?

 Hello,

 I'm pretty new to PHP but all I've seen of it so far I pretty much love!

 I've built a web log but when the user enters their data and they use '
 or   (and you know they will)   php always shows it from the included
 web log as

 \'  How can I filter out these backslashes so they don't appear on the
 final public viewable page?

 Thanks,
 Marcus

 --
 Marcus James Christian - UNLIMITED -
 Multimedia Internet Design
 http://mjchristianunlimited.com

You can use stripslashes($yourvar) for this.

You can this behavior off by setting magic_quote_gpc to 
off in php.ini. Please not that  if you'll try to insert this values to 
a database without the slashes, your queries will break, and they'll
become security breaches.

Think about this:

$query = select * from users where username='$u_name';

and the user enters into the $u_name field:
' and '1'='1

Ouch...

However, if those dashes were escaped with slashes, the query 
will execute and return no values.

Never trust input from users, always check it.
--
Meir Kriheli
MKsoft computer systems

  'There's someone in my head but it's not me - Pink Floyd

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Anyone got the new Postgres 7.1 .rpms working?

2001-04-24 Thread Meir Kriheli - MKsoft

- Original Message - 
From: Geoff Caplan [EMAIL PROTECTED]
To: PHP General List [EMAIL PROTECTED]
Sent: Tuesday, April 24, 2001 12:33 PM
Subject: [PHP] Anyone got the new Postgres 7.1 .rpms working?

 Hi

 I am trying to compile the latest version of PHP to work with the new
 Postgres 7.1 on RedHat 6.2

 I have installed the Postgres library, client and server .rpms without
 any problems.

 Then in the php file /ext/pgsql/php_pgsql.h I have changed the
 #include from postgres.h to postgres_fe.h as recommended.

 But my make is failing with the following error:

 php_pgsql.h:32: postgres_fe.h: No such file or directory
 php_pgsql.h:33: libpq-fe.h: No such file or directory
 php_pgsql.h:39: libpq/libpq-fs.h: No such file or directory

 So far as I can see, none of these files exist in my /usr tree.

 Is this a bug with the rpm or am I doing something dumb? My linux
 skills are basic so any help would be much appreciated

 Geoff Caplan

I had the same problem, and solved it by creating a symlink name postgres.h
to fostgres-fe.h, and it is working great.

In ypur postgres include dir do:

ln -s postgres-fe.h postgres.h

Meir Kriheli
MKsoft computer systems

  'There's someone in my head but it's not me - Pink Floyd

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] NETSCAPE Screws QUERY STRING!!!!!!

2001-03-04 Thread Meir Kriheli - MKsoft


You should use the urlencode() function.

See

http://www.php.net/manual/en/function.urlencode.php

--
Meir Kriheli
MKsoft computer systems

  'There's someone in my head but it's not me" - Pink Floyd
- Original Message - 
From: "Thomas Edison Jr." [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, March 04, 2001 2:20 PM
Subject: [PHP] NETSCAPE Screws QUERY STRING!!


 I'm passing variables in a query string to my php
 pages. The variables whose values contain spaces due
 to multiple words are being passed correctly to the
 Internet Explorer browser and are working perfectly
 there. However, they are not working at al in NETSCAPE
 browser. What should i do?
 
 The Internet Explorer converts the spaces in a query
 string into it's hexadecimal value of "%20"
 automatically, but netscape is not doing so. It's not
 reading the space and thus not displaying the page at
 all and giving the HTTP error 400. 
 
 This the link i make :
 a href="add_pro_over.php3?title=? echo $title ?"
 
 if $title contains "Project", it goes.
 But if it contains "Project One" ... it doesn't work
 in NETSCAPE. 
 
 When on to the next page, this $title also has to be
 sent into the Database. 
 
 what do i do?
 
 regards,
 T. Edison jr.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] looking for a PHP editor

2001-01-11 Thread Meir Kriheli - MKsoft


 hi..

 ..i am curious if theres anny linux (x, KDE, Gnome) php editor with syntax
 highliting and this things...

 markus


You can also try quanta+ for the KDE desktop,

http://quanta.sourceforge.net

Meir Kriheli
MKsoft computer systems

  'There's someone in my head but it's not me" - Pink Floyd


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] ibase (firebird) localhost login ?

2001-01-11 Thread Meir Kriheli - MKsoft


use

localhist:path_to_your_db/your_db.gdb

example :

on *nix:

localhost:/opt/interbase/db/my_db.gdb

on win*

localhost:c:\ib_db\my_db.gdb

Meir Kriheli
MKsoft computer systems

  'There's someone in my head but it's not me" - Pink Floyd
- Original Message -
From: "Richard Lynch" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, January 11, 2001 9:03 AM
Subject: Re: [PHP] ibase (firebird) localhost login ?


 Most dbs use "localhost" for that, and the database username/password that
 is configured into the database software/tables...

 I know nothing of Interbase, but that's how all the others work...

 If "localhost" doesn't work for the host, try "127.0.0.1"

 - Original Message -
 From: "Chris Hayes" [EMAIL PROTECTED]
 Newsgroups: php.general
 Sent: Wednesday, January 10, 2001 5:21 PM
 Subject: [PHP] ibase (firebird) localhost login ?


  hi,
  I know it's slightly off topic but i hope you;ll forgive me.
  i'm testing interbase because someone on this list mentioned it would be
 a
  good offline database.
 
  Interbase ('firebird') wants to connect to the local server (i'm running
  WAMP - Windows, Apache, MySQL, PHP), and interbase needs a username.
 
  But its all local, not connected. So what should i tell interbase??
 
  Chris
 
  PS i AM currently downloading the manual but that will take another hour
 (10
  MB, bad line, was interrupted several times )
 
 
 
  
  --  C.Hayes  Droevendaal 35  6708 PB Wageningen  the Netherlands  --
  
 
 
 
  --
  PHP General Mailing List (http://www.php.net/)
  To unsubscribe, e-mail: [EMAIL PROTECTED]
  For additional commands, e-mail: [EMAIL PROTECTED]
  To contact the list administrators, e-mail: [EMAIL PROTECTED]
 


 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 To contact the list administrators, e-mail: [EMAIL PROTECTED]




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Filtering out \ when a ' is user entered?

Re: [PHP] Anyone got the new Postgres 7.1 .rpms working?

Re: [PHP] NETSCAPE Screws QUERY STRING!!!!!!

Re: [PHP] looking for a PHP editor

Re: [PHP] ibase (firebird) localhost login ?

5 matches

Site Navigation

Mail list logo

Footer information