bruce mailto:[EMAIL PROTECTED]
on Monday, September 26, 2005 11:13 AM said:
i'm concerned that i can't seem to craft/create a basic sql cmd
within mysql to get a value (other than NOW()) to work...
[snip]
my question is why???
MySQL timestamps are different from UNIX timestamps.
Chris.
bruce wrote:
thanks...
but that's not it john... i'm not worried about creating the sql_statement
in the php...
i'm concerned that i can't seem to craft/create a basic sql cmd within mysql
to get a value (other than NOW()) to work...
if i do (from mysql)
-- insert into foo (id, time) values
but that still doesn't explain why i can't slam some value directly into the
timestamp var within the mysql tbl...
-Original Message-
From: Chris W. Parker [mailto:[EMAIL PROTECTED]
Sent: Monday, September 26, 2005 11:15 AM
To: php-general@lists.php.net
Subject: RE: [PHP] mysql/php date
-Original Message-
From: John Nichel [mailto:[EMAIL PROTECTED]
Sent: Monday, September 26, 2005 11:19 AM
To: php-general@lists.php.net
Subject: Re: [PHP] mysql/php date functions..
bruce wrote:
thanks...
but that's not it john... i'm not worried about creating the sql_statement
bruce wrote:
john...
that appears to be it!! although i would have assumes it would have done a
most significant bit fill with 0's...
so my question also comes down to .. do i use the php date functions for
date/time manipulation.. or do i use the mysql functions
any
-Original Message-
From: bruce [mailto:[EMAIL PROTECTED]
Sent: Monday, September 26, 2005 2:46 PM
To: 'John Nichel'; php-general@lists.php.net
Subject: RE: [PHP] mysql/php date functions..
john...
that appears to be it!! although i would have assumes it
would have done
Nichel [mailto:[EMAIL PROTECTED]
Sent: Monday, September 26, 2005 11:48 AM
To: php-general@lists.php.net
Subject: Re: [PHP] mysql/php date functions..
bruce wrote:
john...
that appears to be it!! although i would have assumes it would have done a
most significant bit fill with 0's...
so my
bruce
-Original Message-
From: bruce [mailto:[EMAIL PROTECTED]
Sent: Monday, September 26, 2005 12:38 PM
To: 'John Nichel'; php-general@lists.php.net
Subject: RE: [PHP] mysql/php date functions..
so you play with the time/date vars on the php side, and then simply store
them in the mysql tbl
bruce wrote:
or.. better yet.
if i do a php - time(), i get a unix_timestamp var. how do you guys store
this in mysql. you can't simply do an insert into a mysql/timestamp var. so
how do you convert it?
I don't convert it. I store the UNIX timestamp in an INT(11) column.
also, once you
John Nichel mailto:[EMAIL PROTECTED]
on Monday, September 26, 2005 12:43 PM said:
I don't convert it. I store the UNIX timestamp in an INT(11) column.
This is going to be a basic question I'm sure but why INT and not
VARCHAR? Is it simply because a timestamp is a number?
Chris.
--
PHP
- the php var?
thanks
bruce
-Original Message-
From: bruce [mailto:[EMAIL PROTECTED]
Sent: Monday, September 26, 2005 12:38 PM
To: 'John Nichel'; php-general@lists.php.net
Subject: RE: [PHP] mysql/php date functions..
so you play with the time/date vars on the php side, and then simply
Chris W. Parker wrote:
John Nichel mailto:[EMAIL PROTECTED]
on Monday, September 26, 2005 12:43 PM said:
I don't convert it. I store the UNIX timestamp in an INT(11) column.
This is going to be a basic question I'm sure but why INT and not
VARCHAR? Is it simply because a timestamp is
]
Sent: 26 September 2005 19:46
To: 'John Nichel'; php-general@lists.php.net
Subject: RE: [PHP] mysql/php date functions..
john...
that appears to be it!! although i would have assumes it would have done a
most significant bit fill with 0's...
so my question also comes down to .. do i use the php
On Wednesday 14 September 2005 07:36 pm, Jesús Alain Rodríguez Santos wrote:
I have a table colum in mysql with two fields: day and month. I
would like to know if it's possible to make a query where I can
determine if exist days before to a selected day, for example:
if I have in my table:
On Wednesday 14 September 2005 07:36 pm, Jesús Alain Rodríguez Santos wrote:
I have a table colum in mysql with two fields: day and month. I
would like to know if it's possible to make a query where I can
determine if exist days before to a selected day, for example:
if I have in my table:
... an automated script that creates a static site that will
allow me to do
that?
If all you're really looking for is a static version of your site
then you could simply use wget. This will crawl all of the links on
your site and generate the static version you wanted.
On Sep 5, 2005, at
On 9/4/05, John Taylor-Johnston
[EMAIL PROTECTED] wrote:
This is maybe what you want:
http://www.indigostar.com/
http://www.indigostar.com/microweb.htm
another good method is a Live Linux CD. you can find a light weight
live linux distro and remaster it to include your live web site. so
your
This is maybe what you want:
http://www.indigostar.com/
http://www.indigostar.com/microweb.htm
Runs an apache server, php all, from a CD. (windows app.)
John
Mario netMines wrote:
Hi all
I have a project where I'm using PHP/Mysql. The client wants to run
that project to a cd.
Does anyone
On 8/19/05, Richard Lynch [EMAIL PROTECTED] wrote:
On Fri, August 19, 2005 12:56 pm, areguera wrote:
could you suggest something about Latin characters and portability?.
As I understand it, or not, more likely, you want to configure your
MySQL server to use UTF-8, and your MySQL client to
Please always reply to the list so that others can benefit from the
exchange. As it happens, I'm not exactly very knowledgeable about
character sets, so someone on the list may be able to offer more help
with regard to the problem you're experiencing.
-Ben
areguera wrote:
On 8/19/05, Ben
sorry...here is the message
On 8/19/05, areguera [EMAIL PROTECTED] wrote:
On 8/19/05, Ben Ramsey [EMAIL PROTECTED] wrote:
Alain Reguera Delgado wrote:
you could try:
1. get all form variables into an array
fine
2. validate values
Good, but do this step as you put the
On Fri, August 19, 2005 12:56 pm, areguera wrote:
could you suggest something about Latin characters and portability?.
As I understand it, or not, more likely, you want to configure your
MySQL server to use UTF-8, and your MySQL client to use UTF-8 and
pretty much everything to use UTF-8, and
Commas are no problem within strings. You might have an apostrophe, which
SQL assumes is the end of the string literal. That was answered by Chris
already, I just wanted to clarify the problem.
You don't need to insert NULL in indx. If indx allows NULL and has no other
default value nor is
Jon [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Please help with an insert problem.
Sometimes $data1 could have a comma and that messes up the insert. how do
I
get around that?
$query = insert into testtable6 (indx, col1, col2) values (NULL,
'$data1',
'$data2');
Dan Baker wrote:
You are looking for the addslashes function. It prepares data for
database querys:
Better yet, don't use addslashes(). Use the escaping function that is
specific to the database you're using. In this case, it's
mysql_real_escape_string(). This is much better than using
you could try:
1. get all form variables into an array
2. validate values
3. convert all values into entities using htmlentities()
4. build sql query (do some tests 'til get it right)
5. execute the built query (with proper db function)
by now, commas aren't a problem, they are limited between
Alain Reguera Delgado wrote:
you could try:
1. get all form variables into an array
fine
2. validate values
Good, but do this step as you put the values into a separate array,
don't put all the values into the array first and then validate them
later... make sure the input received is
Ben Ramsey wrote:
You don't need to convert the values to HTML entities when saving to a
database. That's not going to prevent this problem.
Furthermore, you don't need to use htmlentities() if you specify your
character set properly and all the characters you are outputting are in
your
On 8/1/05, Alessandro Rosa [EMAIL PROTECTED] wrote:
Dear All subscribers,
I wish to submit to you a PHP class I coded to translate native language
parsed queries into SQL syntax ones.
The main goal of this class is the implementation into web-based
applications
for letting final
From what I can see it looks a bit like an SQL version of the
strtotime function. Basicly it translates from a less strict syntax,
into the more strict SQL syntax, with the added advantage that the
less strict one can be in a different language(in this case French and
Italian)
Is my understanding
Sure that your php.ini is located correctly?
I have installed php 5.0.4 on my windows 2000, IIS 6.0 server. PHP works but
when I try to connect to MySQL I get the Fatal error: Call to undefined
function mysql_connect(). I have uncommented the line in the php.ini file that
says
Hello,
Consider this:
tbl_project(id, name, parent)
1 6
/ \ / \
2 3 7 8
/\
4 5
if tbl_project.parent = 0 then the project is the top parent.
Therefore, 1 and 6 have the field parent = 0.
So, say if you have project 5, do you
On Tue, 2005-07-26 at 11:45 +0100, Shaw, Chris - Accenture wrote:
Hello,
Consider this:
tbl_project(id, name, parent)
1 6
/ \ / \
2 3 7 8
/\
4 5
if tbl_project.parent = 0 then the project is the top parent.
Therefore, 1 and
Are you familiar with Joe Celko's tree theory? It might help you understand
more about the problem.
http://www.intelligententerprise.com/001020/celko.jhtml?_requestid=235427
--
Hello,
Consider this:
tbl_project(id, name, parent)
1 6
/ \ / \
2 3 7 8
/\
4 5
if
, but this query should work on MSSQL and Oracle.
HTH.
C.
-Original Message-
From: André Medeiros [mailto:[EMAIL PROTECTED]
Sent: 26 July 2005 12:53
To: Shaw, Chris - Accenture
Cc: php-general@lists.php.net
Subject: RE: [PHP] MySQL + PHP question
One thing I didn't quite explain myself well... I'm building this to
register objects on a permission system.
The SQL weight is heavy as it is, and I want to save queries as much as
possible. Making two queries to extract information about a project and
it's parent is not something I'd want to
You're missing the point here. I know how to get the parent project's
info. I know recursiveness. I _JUST_ don't know how to get the current
and parent project's info in just ONE QUERY (since I'm trying to save
them because the sql weight is getting pretty heavy).
--
PHP General Mailing List
André Medeiros [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
One thing I didn't quite explain myself well... I'm building this to
register objects on a permission system.
The SQL weight is heavy as it is, and I want to save queries as much as
possible. Making two queries to
On Tue, 2005-07-26 at 13:39 +0100, Mark Rees wrote:
André Medeiros [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
One thing I didn't quite explain myself well... I'm building this to
register objects on a permission system.
The SQL weight is heavy as it is, and I want to save
.
-Original Message-
From: Mark Rees [mailto:[EMAIL PROTECTED]
Sent: 26 July 2005 13:39
To: php-general@lists.php.net
Subject: Re: [PHP] MySQL + PHP question
*
This e-mail has been received by the Revenue Internet e-mail service
Ross wrote:
Hi all,
I am trying to create a table on the remote server but it never seems to
work
CREATE TABLE `sheet1` (
`id` int(10) NOT NULL auto_increment,
`title` varchar(255) NOT NULL default '',
`fname` varchar(255) NOT NULL default '',
`sname` varchar(255) default NULL,
[snip]
1064 - You have an error in your SQL syntax. Check the manual that
corresponds to your MySQL server version for the right syntax to use
near
'DEFAULT CHARSET=latin1 AUTO_INCREMENT=303' at line 18
and this is what the manual says (not very helpful)
a.. Error: 1064 SQLSTATE: 42000
On Monday 18 July 2005 18:53, Lawrence Kennon wrote:
In my current hosting situation I don't have the ability to store my
file that contains MySQL userids/passwords in a subdirectory that is
not under the server root. In order to protect it from being included
from a foreign host I thought up
Hello Wessley,
Friday, July 1, 2005, 10:55:16 AM, you wrote:
WR $sql = LOAD DATA LOCAL INFILE '/path/to/file.txt' INTO TABLE
WR `mytable` FIELDS TERMINATED BY '\t' ESCAPED BY '\' LINES TERMINATED
WR BY '\n';
WR mysql_query($sql) or die('brbr'.mysql_error());
WR I get this MySQL error:
WR You
Jim Sara Feldman wrote:
Hi:
I have recently upgraded from a Mac G4 running OS 10.3.9 to a G5
running OS 10.4. I ported a working PHP app and upgraded from PHP 4.3.4
to 4.3.10 and MySQL 4.0.17 to 4.1.11. I am having a problem connecting
to MySQL from PHP.
I can connect to the
On Tue, May 24, 2005 2:14 pm, Jim Sara Feldman said:
$result = mysql_pconnect(localhost, api_user, 97533);
if (!$result) die(mysql_error());
Try it without the 'p' in pconnect, which you probably aren't using in the
other connections in your testing.
--
Like Music?
$sql = select User_name, User_pass from user where User_name =
'$_POST[user_id]' and User_pass = '$_POST[user_pass]';
assuming user_id isnt an int
Rittwick Banerjee wrote:
Hi friends,
I am Rittwick Banerjee
and i have made a mysql based user name and password program but I
found that
what ever
-Original Message-
From: Rittwick Banerjee [mailto:[EMAIL PROTECTED]
Sent: Friday, May 20, 2005 3:59 AM
To: php-general@lists.php.net
Subject: [PHP] mysql with php
Hi friends,
I am Rittwick Banerjee
and i have made a mysql based user name and password program
but I found
May 2005 11:21 am
To: Rittwick Banerjee
Cc: php-general@lists.php.net
Subject: Re: [PHP] mysql with php
$sql = select User_name, User_pass from user where User_name =
'$_POST[user_id]' and User_pass = '$_POST[user_pass]';
assuming user_id isnt an int
Rittwick Banerjee wrote:
Hi
try this:
$sql =
SELECT User_name, User_pass
FROM `user`
WHERE User_name= '$_POST[user_id]'
AND User_pass = '$_POST[user_pass]'
;
-afan
Rittwick Banerjee wrote:
Hi friends,
I am Rittwick Banerjee
and i have made a mysql based user name and password program but I
AM
Subject: Re: [PHP] mysql + addslashes + stripslashes
On Mon, May 16, 2005 5:16 am, Pieter Breed said:
My problem is that I have a large array (without any funnies like
self-referencing) getting serialized. There are some funnies in the
string
fields though (like `'`s etc). After making
I do the following way to achieve portability:
For GET/POST/COOKIE variables:
1. check magic_quotes_gpc PHP setting - if enabled strip slashes from input
variables using stripslashes()
2. check input/anything
3. prior building SQL query escape stuff (mysql - mysql_real_escape_string(),
others
Thanks for the reply
from 1 to 4 I do the same.I havent wrote it here so that my sample to be
more short
whhat i didn't get from your reply was that part:
For data that comes from SQL sources:
1. check magic_quotes_runtime PHP setting...
so what do you do if that setting is on/off
(in my case
Hi,
I have a similar problem at the moment. I was waiting to scrape together an
example, but since you posted first I will jump into the discussion now.
My problem is that I have a large array (without any funnies like
self-referencing) getting serialized. There are some funnies in the string
I do suspect though, that the problem lies with how I am using addslashes
and how I am not using it. Any definitive help would be much appreciated.
i'm not an expert at this, but i think that since you're using mysql
to store your data, you shouldn't use addslashes() and use
On Mon, May 16, 2005 5:16 am, Pieter Breed said:
My problem is that I have a large array (without any funnies like
self-referencing) getting serialized. There are some funnies in the string
fields though (like `'`s etc). After making a roundtrip to the mysql
database, things start to get bad
On Fri, May 13, 2005 12:51 am, Marek Kilimajer said:
Richard Lynch wrote:
On Thu, May 12, 2005 4:43 pm, Chris Shiflett said:
From me:
The fact that it uses the character set of your current connection to
MySQL means that what your escaping function considers to be a single
quote is exactly
Richard Lynch wrote:
On Fri, May 13, 2005 12:51 am, Marek Kilimajer said:
Richard Lynch wrote:
On Thu, May 12, 2005 4:43 pm, Chris Shiflett said:
From me:
The fact that it uses the character set of your current connection to
MySQL means that what your escaping function considers to be a single
Richard Lynch wrote:
On Thu, May 12, 2005 4:43 pm, Chris Shiflett said:
From me:
The fact that it uses the character set of your current connection to
MySQL means that what your escaping function considers to be a single
quote is exactly what your database considers to be a single quote. If
these
Sam Smith wrote:
I need a new book?
What's up with this filtering thing, Collation in phpMyAdmin?
It's defaulting to latin1_swdish_ci. What can I just set it to to forget
about it till I can read up on it?
This is a PHP mailing list, not a phpMyAdmin or MySQL ... (just needed
to get that off
On Wed, May 11, 2005 8:58 pm, Jason Wong said:
Well put it this way, addslashes() was not meant to make data safe for
mysql, it just happened to work. Now there is a better/official/whatever
alternative why not use it?
Actually, unless I'm very much mistaken about why addslashes() was
written,
On Wed, May 11, 2005 8:27 pm, James Williams said:
On 5/11/05, Richard Lynch [EMAIL PROTECTED] wrote:
Is mysql_real_escape_string *DIFFERENT* in some incredibly huge secure
way
that I want to stop working on all my current projects to go re-write
the
10,000,000 lines of code?
2 words:
can
i prevent this. The server is not configured or it's all about the
script?
- Original Message -
From: Bostjan Skufca @ domenca.com [EMAIL PROTECTED]
To: php-general@lists.php.net
Sent: Wednesday, May 11, 2005 1:50 PM
Subject: Re: [PHP] MySql injections
-Original Message-
From: Richard Lynch [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 12, 2005 8:47 AM
I'd bet a dollar that if the MySQL C Client library changed what needs
escaping, addslashes would change with it.
Ehhh? I think not. Let´s let a mindgame (can´t spell hypo..whatever
I'm pretty sure that, in order to use mysql_real_escape_string() you
must have magic quotes off or use stripslashes first... the same as
addslashes, so it should work if you just search and replace. Don't
quote me on that though
On 5/12/05, Richard Lynch [EMAIL PROTECTED] wrote:
On Wed, May 11,
On Thu, May 12, 2005 12:39 pm, James Williams said:
I'm pretty sure that, in order to use mysql_real_escape_string() you
must have magic quotes off or use stripslashes first... the same as
addslashes, so it should work if you just search and replace. Don't
quote me on that though
Well, yes,
I couldn't tell you the technicals of it, but just from the php documentation:
This function must always (with few exceptions) be used to make data
safe before sending a query to MySQL.
On 5/12/05, Richard Lynch [EMAIL PROTECTED] wrote:
On Thu, May 12, 2005 12:39 pm, James Williams said:
I'm
On Thu, May 12, 2005 1:44 am, Kim Madsen said:
-Original Message-
From: Richard Lynch [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 12, 2005 8:47 AM
I'd bet a dollar that if the MySQL C Client library changed what needs
escaping, addslashes would change with it.
Ehhh? I think not.
Richard Lynch wrote:
It's all very well to repeat these pronouncements from on high that
mysql_real_escape_string is better but I personally would sure
appreciate somebody who's saying this to say *WHY* it is better, and in
precisely what ways it is different from addslashes and/or magic quotes
On Thu, May 12, 2005 4:43 pm, Chris Shiflett said:
From me:
The fact that it uses the character set of your current connection to
MySQL means that what your escaping function considers to be a single
quote is exactly what your database considers to be a single quote. If
these things don't
-- Original message --
From: Richard Lynch [EMAIL PROTECTED]
On Thu, May 12, 2005 4:43 pm, Chris Shiflett said:
From me:
The fact that it uses the character set of your current connection to
MySQL means that what your escaping function considers to be a
Probably you mean about prevening mysql injections - or not? :)
Bostjan
On Wednesday 11 May 2005 11:38, [EMAIL PROTECTED] wrote:
Hi,
This is not the proper list to put this question but i hope you can help
me. Does anyone know a good tutorial about mysql injections?
Thanks a lot for your
Hi,
This is not the proper list to put this question but i hope
you can help me.
Does anyone know a good tutorial about mysql injections?
Thanks a lot for your help
http://phpsec.org
HTH,
Mikey
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
PROTECTED]
To: php-general@lists.php.net
Sent: Wednesday, May 11, 2005 1:50 PM
Subject: Re: [PHP] MySql injections
Probably you mean about prevening mysql injections - or not? :)
Bostjan
On Wednesday 11 May 2005 11:38, [EMAIL PROTECTED] wrote:
Hi,
This is not the proper list to put this question
Read Chris' article here: http://shiflett.org/articles/security-corner-apr2004
This should explain everything to you - and yes it's down to the
scripts you run.
Chris R
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[snip]
I have a site and the other days i received a message from a guy that
told
me my site is vulnerable to mysql injections. I do not know how can i
prevent this. The server is not configured or it's all about the script?
[/snip]
PHP Security - http://www.shiflett.org
--
PHP General Mailing
Hey,
I had the same questions a little while back, and from the advise i got on
this list
I checked out the PEAR:DB class and ADODB...I went with the ADODB solution
and
have not regretted it since.
Check both of them out for your needs.
Cheers,
Ryan
On 5/11/2005 12:50:14 PM, Bostjan Skufca @
this. The server is not configured or it's all about the script?
- Original Message -
From: Bostjan Skufca @ domenca.com [EMAIL PROTECTED]
To: php-general@lists.php.net
Sent: Wednesday, May 11, 2005 1:50 PM
Subject: Re: [PHP] MySql injections
Probably you mean about prevening mysql
@lists.php.net
Sent: Wednesday, May 11, 2005 1:50 PM
Subject: Re: [PHP] MySql injections
Probably you mean about prevening mysql injections - or not? :)
Bostjan
On Wednesday 11 May 2005 11:38, [EMAIL PROTECTED] wrote:
Hi,
This is not the proper list to put this question but i hope you can
I have a related question, many of you have suggested
using addslashes on your variables to prevent SQL
injections, but is it safer to use
mysql_real_escape_string (or mysql_escape_string)?
What is the benefit / cost of using
mysql_real_escape_string rather than addslashes? When
using Postgres i
On Thursday 12 May 2005 06:30, -k. wrote:
I have a related question, many of you have suggested
using addslashes on your variables to prevent SQL
injections, but is it safer to use
mysql_real_escape_string (or mysql_escape_string)?
What is the benefit / cost of using
mysql_real_escape_string
On Wed, May 11, 2005 5:23 pm, Jason Wong said:
But now that mysql_real_escape_string() is available that is what you
ought to use.
But are they REALLY different.
Or, put it this way:
Suppose I have 10,000,000 lines of code that have Magic Quotes on, which
calls addslashes automatically, and I
On Wed, May 11, 2005 5:15 am, [EMAIL PROTECTED] said:
I have a site and the other days i received a message from a guy that told
me my site is vulnerable to mysql injections. I do not know how can i
prevent this. The server is not configured or it's all about the script?
It should also be
On 5/11/05, Richard Lynch [EMAIL PROTECTED] wrote:
Is mysql_real_escape_string *DIFFERENT* in some incredibly huge secure way
that I want to stop working on all my current projects to go re-write the
10,000,000 lines of code?
2 words: Search Replace.
--
PHP General Mailing List
On Thursday 12 May 2005 09:57, Richard Lynch wrote:
On Wed, May 11, 2005 5:23 pm, Jason Wong said:
But now that mysql_real_escape_string() is available that is what you
ought to use.
But are they REALLY different.
mysql_real_escape_string() is most certainly different from
[snip]
OK, I have check all the mysql doc and php docs on using exists in the
query, but it seems I still can not get the query to work. Here it is:
SELECT * FROM icisp.account WHERE id in (select oldaccountID from
BillMax.account)
Or Using
sELECT * FROM icisp.account WHERE id exists(select
Dustin Wish wrote:
snip
Anyone have any idea what I'm doing wrong?
/snip
Asking on the wrong list.
--
John C. Nichel
berGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Jay Blanchard wrote:
snip
Asking a MySQL question on a PHP list? *slaps knee!*
/snip
I bet you think you're funny. ;)
--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[snip]
Jay Blanchard wrote:
snip
Asking a MySQL question on a PHP list? *slaps knee!*
/snip
I bet you think you're funny. ;)
[/snip]
I know that you think I am. Yuk-yuk!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
It is version 3.23.56
-Original Message-
From: John Nichel [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 27, 2005 2:44 PM
To: php-general@lists.php.net
Subject: Re: [PHP] MySQL PHP issue?
Jay Blanchard wrote:
snip
Asking a MySQL question on a PHP list? *slaps knee!*
/snip
I bet
[snip]
It is version 3.23.56
[/snip]
Sub-queries are not supported in that version of MySQL.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
SH^*^t
Thanks guys. Figured something like that.
-Original Message-
From: Jay Blanchard [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 27, 2005 2:53 PM
To: Dustin Wish; php-general@lists.php.net
Subject: RE: [PHP] MySQL PHP issue?
[snip]
It is version 3.23.56
[/snip]
Sub-queries
Dustin Wish wrote:
It is version 3.23.56
snip
Know thy software. 3.x doesn't support sub-queries.
--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
-Original Message-
From: Richard Lynch [mailto:[EMAIL PROTECTED]
Sent: 19 April 2005 03:27
To: Bosky, Dave
Cc: php-general@lists.php.net
Subject: Re: [PHP] mysql blob datatype for documents
On Mon, April 18, 2005 5:40 am, Bosky, Dave said:
Would it be better to store uploaded pdf, word, or excel
On Mon, April 18, 2005 5:40 am, Bosky, Dave said:
Would it be better to store uploaded pdf, word, or excel documents in a
MySql blob field rather than keeping them in a directory?
I really want to secure the documents and limit document access to
specific users.
It shouldn't be significantly
On Sun, April 17, 2005 10:56 am, Dasmeet Singh said:
I regularly need to insert data into MySQL.. and instead of writing
Insert query everytime i wrote this function... and it works well..
Please see and tell is it a good idea using this..or there might be
problems with it?
It's not a Bad
Andy Pieters wrote:
Hi
Whilst you are searching the net, you might also want to search for 'sql
injection'. This is no joke!
Please use the mysql_escape_string on each variable you get from the user
side.
Use mysql_real_escape_string() instead.
--
PHP General Mailing List (http://www.php.net/)
Frank Miller wrote:
All,
I have a form which submits technical requests. It worked fine on an
old linux box using Mysql 3 series but recently we switched to windows
2003 server SP1 using Mysql 4.1.10. It was doing this before the
service pack. I get the form values and then insert them into a
Hi
Whilst you are searching the net, you might also want to search for 'sql
injection'. This is no joke!
Please use the mysql_escape_string on each variable you get from the user
side.
In your example
$Email = mysql_escape_string($_POST['Email']);
$Phonenumber =
On Fri, 15 Apr 2005, Frank Miller wrote:
All,
I have a form which submits technical requests. It worked fine on an
old linux box using Mysql 3 series but recently we switched to windows
2003 server SP1 using Mysql 4.1.10. It was doing this before the
service pack. I get the form values and then
501 - 600 of 1710 matches
Mail list logo
