php-general Digest 17 Nov 2013 22:02:38 -0000 Issue 8428

[php-general-digest-help]

php-general Digest 17 Nov 2013 22:02:38 -0000 Issue 8428

Topics (messages 322467 through 322468):

Re: save $_GLOBALS to a database field
        322467 by: Robert Cummings
        322468 by: marco.behnke.biz

Administrivia:

To subscribe to the digest, e-mail:
        php-general-digest-subscr...@lists.php.net

To unsubscribe from the digest, e-mail:
        php-general-digest-unsubscr...@lists.php.net

To post to the list, e-mail:
        php-gene...@lists.php.net


----------------------------------------------------------------------

--- Begin Message --- You have other problems if you think base64_encode is the solution to the hassle of escaping your query properly.

Cheers,
Rob.


On 13-11-15 08:52 PM, Tamara Temple wrote:

Or run it through base64_encode after json_encode, never have to worry about 
quotes and things.

On Nov 14, 2013, at 4:38 PM, Shawn McKenzie <sh...@mckenzies.net> wrote:

If you are for example saving the entire $_POST array in a text field of
your DB, then just serailize() it or json_encode() it and run it through
the appropriate real_escape_string() function if you're not using prepared
statements or other custom escaping.


On Thu, Nov 14, 2013 at 3:40 PM, Ramiro Barrantes <
ram...@precisionbioassay.com> wrote:

Hello,

I would like to record, on a database, the global variables $_POST and
$_SERVER for each action that the user does that involves a modification of
the database.   I am just saving, say $_POST or $_SERVER (and others), as a
string and putting it in a field on the database.

However, when I try to get the info out of the database and access it as
an XML (using the DOMDocument library) it becomes a pain to handle due to
all the special characters (I think, as I haven't been able to get it to
work), for example:

Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20100101 Firefox/16.0

(I seem to need to replace all the "/"s)

It's a pain, and I would like not to have to replace special characters
with preg_replace if possible.

Any suggestions?  I have been having a lot of trouble with this.

Thanks in advance,

Ramiro

--
E-Mail Disclaimer: Information contained in this message and any
attached documents is considered confidential and legally protected.
This message is intended solely for the addressee(s). Disclosure,
copying, and distribution are prohibited unless authorized.

--- End Message ---

--- Begin Message ---

There is no need for escaping if you use prepared statements, which everyone
should do.

> Tamara Temple <tamouse.li...@gmail.com> hat am 16. November 2013 um 02:52
> geschrieben:
>
>
> Or run it through base64_encode after json_encode, never have to worry about
> quotes and things.
>
> On Nov 14, 2013, at 4:38 PM, Shawn McKenzie <sh...@mckenzies.net> wrote:
>
> > If you are for example saving the entire $_POST array in a text field of
> > your DB, then just serailize() it or json_encode() it and run it through
> > the appropriate real_escape_string() function if you're not using prepared
> > statements or other custom escaping.
> >
> >
> > On Thu, Nov 14, 2013 at 3:40 PM, Ramiro Barrantes <
> > ram...@precisionbioassay.com> wrote:
> >
> >> Hello,
> >>
> >> I would like to record, on a database, the global variables $_POST and
> >> $_SERVER for each action that the user does that involves a modification of
> >> the database.   I am just saving, say $_POST or $_SERVER (and others), as a
> >> string and putting it in a field on the database.
> >>
> >> However, when I try to get the info out of the database and access it as
> >> an XML (using the DOMDocument library) it becomes a pain to handle due to
> >> all the special characters (I think, as I haven't been able to get it to
> >> work), for example:
> >>
> >> Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20100101 Firefox/16.0
> >>
> >> (I seem to need to replace all the "/"s)
> >>
> >> It's a pain, and I would like not to have to replace special characters
> >> with preg_replace if possible.
> >>
> >> Any suggestions?  I have been having a lot of trouble with this.
> >>
> >> Thanks in advance,
> >>
> >> Ramiro
> >>
> >>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>

--
Marco Behnke
Dipl. Informatiker (FH), SAE Audio Engineer Diploma
Zend Certified Engineer PHP 5.3

Tel.: 0174 / 9722336
e-Mail: ma...@behnke.biz

Softwaretechnik Behnke
Heinrich-Heine-Str. 7D
21218 Seevetal

http://www.behnke.biz

--- End Message ---