[PHP] Re: Checking a string for # of charactors.

2003-03-28 Thread rotsky
strlen() I would like to check that a string as more than 20 charactors in it. Can someone point me in the right direction. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Cleaning user data

2003-03-20 Thread rotsky
That's useful stuff, thanks - and thanks to other respondents. My main concerns are to avoid junk in the database (and on-screen messages) and to avoid dangerous and malicious postings, like the one Justin outlined below (so I guess strip_tags is a major step there). What I have in mind, then,

[PHP] Cleaning user data

2003-03-19 Thread rotsky
I'd like to canvas opinions about what's needed to clean user input. I'm using an HTML form where users enter simple things like name and phone number, but also a couple of small text areas for address and a message (up to 50 words or so). How would people recommend cleaning this data when it's

[PHP] HTTP_REFERER reliability

2003-03-16 Thread rotsky
I have a small login form on the home page of my site. At the moment, when people enter their user details and hit 'send', they go to another page which check their details and, if they are successful, prints a welcome message. The problem is, they are now on this page and have to work their way

Re: [PHP] http_session_vars

2003-03-14 Thread rotsky
Aaah! That clears something up. Thanks. Ernest E Vogelsinger [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] At 22:17 13.03.2003, rotsky said: [snip] I thought session vars were either POSTed or passed via cookies... [snip

[PHP] Security advice

2003-03-13 Thread rotsky
I'd appreciate some opinions about security user IDs. My site has a registration process in which people use their email addresses as login names and also have a password. The user database has a user ID field with a unique identifier for each user and this is used as a session variable to

Re: [PHP] http_session_vars

2003-03-13 Thread rotsky
I thought session vars were either POSTed or passed via cookies... Cpt John W. Holmes [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] do the session vars get treated with magic quotes? The last comment at the bottom of:

[PHP] Re: PHP Books

2003-03-12 Thread rotsky
Don't know any of those but the books I have experience with so far (as a newbie with less than 2 weeks' PHP experience and next-to-no programming experience generally): 'Programming PHP' - Rasmus Lerdorf Kevin Tatroe (O'Reilly) - straight from the horse's mouth, as it were. Excellent book which

[PHP] Re: Another questions about usning session.

2003-03-12 Thread rotsky
As I understand it, PHP sessions use cookies by default. If cookies are disabled, it switches to appending the session id to the URL. The advantage with using sessions is that all this is transparent to you and it therefore requires very little coding. Did you ensure the code below went into a