Re: [PHP] Re: mysql input
Shawn McKenzie wrote: nihilism machine wrote: I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e Have you tried: dont_fuck_up_my_mysql_command() Hrmph, I can't seem to find that in the manual... -- Richard Heyes http://www.websupportsolutions.co.uk Knowledge Base and Helpdesk software hosted for you - no installation, no maintenance, new features automatic and free -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql input
2008. 02. 19, kedd keltezéssel 11.03-kor Nathan Rixham ezt írta: Richard Heyes wrote: Shawn McKenzie wrote: nihilism machine wrote: I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e Have you tried: dont_fuck_up_my_mysql_command() Hrmph, I can't seem to find that in the manual... it's been depricated I heard in favour of unfuck(); as I remember its also in SPL. $whatever = new MySqlCommandUnFucker($command); $whatever-unFuck(); :D greets Zoltán Németh -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql input
Nathan Rixham wrote: Zoltán Németh wrote: 2008. 02. 19, kedd keltezéssel 11.03-kor Nathan Rixham ezt írta: Richard Heyes wrote: Shawn McKenzie wrote: nihilism machine wrote: I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e Have you tried: dont_fuck_up_my_mysql_command() Hrmph, I can't seem to find that in the manual... it's been depricated I heard in favour of unfuck(); as I remember its also in SPL. $whatever = new MySqlCommandUnFucker($command); $whatever-unFuck(); :D greets Zoltán Németh ?php class MySqlCommandUnFucker { public function _unfucker($toUnFuck) { if(function_exists('get_magic_quotes_gpc')) { if (get_magic_quotes_gpc()) { $in = stripslashes($toUnFuck); } } return $in; } public function unFuck($fucked) { if(function_exists('mysql_real_escape_string')) { return mysql_real_escape_string($this-_unfucker($fucked)); } else { return $fucked; } } } ? usage: $unfucker = new MySqlCommandUnFucker; $sql = $unfucker -unFuck($sql); :) apologies! a slight correction for nihilism (the class does work..) usage: $unfucker = new MySqlCommandUnFucker; $sql = INSERT INTO tablename (varcol) VALUES ('; $sql .= $unfucker-unFuck($myfuckedvariable); $sql .= '); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql input
Zoltán Németh wrote: 2008. 02. 19, kedd keltezéssel 11.03-kor Nathan Rixham ezt írta: Richard Heyes wrote: Shawn McKenzie wrote: nihilism machine wrote: I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e Have you tried: dont_fuck_up_my_mysql_command() Hrmph, I can't seem to find that in the manual... it's been depricated I heard in favour of unfuck(); as I remember its also in SPL. $whatever = new MySqlCommandUnFucker($command); $whatever-unFuck(); :D greets Zoltán Németh ?php class MySqlCommandUnFucker { public function _unfucker($toUnFuck) { if(function_exists('get_magic_quotes_gpc')) { if (get_magic_quotes_gpc()) { $in = stripslashes($toUnFuck); } } return $in; } public function unFuck($fucked) { if(function_exists('mysql_real_escape_string')) { return mysql_real_escape_string($this-_unfucker($fucked)); } else { return $fucked; } } } ? usage: $unfucker = new MySqlCommandUnFucker; $sql = $unfucker -unFuck($sql); :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql input
Richard Heyes wrote: Shawn McKenzie wrote: nihilism machine wrote: I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e Have you tried: dont_fuck_up_my_mysql_command() Hrmph, I can't seem to find that in the manual... it's been depricated I heard in favour of unfuck(); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql input
Bastien Koert wrote: thats awesome bastien To: php-general@lists.php.net Date: Tue, 19 Feb 2008 11:21:02 + From: [EMAIL PROTECTED] Subject: Re: [PHP] Re: mysql input Zoltán Németh wrote: 2008. 02. 19, kedd keltezéssel 11.03-kor Nathan Rixham ezt írta: Richard Heyes wrote: Shawn McKenzie wrote: nihilism machine wrote: I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e Have you tried: dont_fuck_up_my_mysql_command() Hrmph, I can't seem to find that in the manual... it's been depricated I heard in favour of unfuck(); as I remember its also in SPL. $whatever = new MySqlCommandUnFucker($command); $whatever-unFuck();:Dgreets Zoltán Németh ?php class MySqlCommandUnFucker { public function _unfucker($toUnFuck) { if(function_exists('get_magic_quotes_gpc')) { if (get_mag ic_quotes_gpc()) { $in = stripslashes($toUnFuck); } } return $in; } public function unFuck($fucked) { if(function_exists('mysql_real_escape_string')) { return mysql_real_escape_string($this-_unfucker($fucked)); } else { return $fucked; } } } ? usage: $unfucker = new MySqlCommandUnFucker; $sql = $unfucker -unFuck($sql); :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ :) although $in should be $toUnFuck; just can't be bothered chanign a mock class again! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: mysql input
thats awesome bastien To: php-general@lists.php.net Date: Tue, 19 Feb 2008 11:21:02 + From: [EMAIL PROTECTED] Subject: Re: [PHP] Re: mysql input Zoltán Németh wrote: 2008. 02. 19, kedd keltezéssel 11.03-kor Nathan Rixham ezt írta: Richard Heyes wrote: Shawn McKenzie wrote: nihilism machine wrote: I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e Have you tried: dont_fuck_up_my_mysql_command() Hrmph, I can't seem to find that in the manual... it's been depricated I heard in favour of unfuck(); as I remember its also in SPL. $whatever = new MySqlCommandUnFucker($command); $whatever-unFuck();:D greets Zoltán Németh ?php class MySqlCommandUnFucker { public function _unfucker($toUnFuck) { if(function_exists('get_magic_quotes_gpc')) { if (get_magic_quotes_gpc()) { $in = stripslashes($toUnFuck); } } return $in; } public function unFuck($fucked) { if(function_exists('mysql_real_escape_string')) { return mysql_real_escape_string($this-_unfucker($fucked)); } else { return $fucked; } } } ? usage: $unfucker = new MySqlCommandUnFucker; $sql = $unfucker -unFuck($sql); :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _
Re: [PHP] Re: mysql input
Filter the data $data = str_replace(', , $data); I am sure there are many ways to filter the data before insert. (If you are SURE you have A.D.D. then it wont matter what I say to you.) Rick B. On Feb 18, 2008 11:24 PM, Shawn McKenzie [EMAIL PROTECTED] wrote: nihilism machine wrote: I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e Have you tried: dont_fuck_up_my_mysql_command() That has thrown E_DEPRECATED since PHP 4.1. RTFM, n00b. ;-D -- /Dan Daniel P. Brown Senior Unix Geek ? while(1) { $me = $mind--; sleep(86400); } ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: mysql input
On Feb 18, 2008 11:24 PM, Shawn McKenzie [EMAIL PROTECTED] wrote: nihilism machine wrote: I have a user saving a VARCHAR(255) field in a mysql db which has single quotes in the text, how can i replace them so that they dont fuck up my mysql command? -e Have you tried: dont_fuck_up_my_mysql_command() That has thrown E_DEPRECATED since PHP 4.1. RTFM, n00b. ;-D -- /Dan Daniel P. Brown Senior Unix Geek ? while(1) { $me = $mind--; sleep(86400); } ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php