Jean-Christian Imbeault <[EMAIL PROTECTED]> wrote:
> Is addslashes() multi-byte safe?
>
> I will bu sing it to escape multi-byte input and wouldn't want it to
> mangle anything...
Partially yes.
Strings encoded in GB2312(CP936), big5, Shift_JIS are known to be
clobbered by addslashes().
UTF-
Jean-Christian Imbeault <[EMAIL PROTECTED]> wrote:
> Moriyoshi Koizumi wrote:
> >
> > Partially yes.
> >
> > Strings encoded in GB2312(CP936), big5, Shift_JIS are known to be
> > clobbered by addslashes().
>
> Sh*t ... and I just added a whole b
Jean-Christian Imbeault <[EMAIL PROTECTED]> wrote:
> Sorry if my intentions were not clear but I am trying to protect myself
> from SQL injection attacks by using addslashes() to user provided
> information. I cannot assume anything about the incoming data (not even
> the encoding) since anyone
Just correcting a typo :)
Moriyoshi Koizumi <[EMAIL PROTECTED]> wrote:
> mb_internal_encoding("Shift_JIS");
> $escaped = mb_ereg_replace("([\\\"'\0])", "1", $sjis_string);
> ?>
should be
Moriyoshi
--
PHP General Mail
scripts that uses these functions
on win32 platforms, it may help you.
If you are interested, please visit http://phpresolver.sourceforge.net/
Thanks
--
Moriyoshi Koizumi
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hi,
have you tried this one?
$dir = dirname( $HTTP_SERVER_VARS['PHP_SELF'] );
Moriyoshi Koizumi
"Andy" <[EMAIL PROTECTED]> wrote:
> Hi there,
>
> I am trying to find out which dir the user is browsing. How can I get the
> URL into a var? I tr
Hello.
I'm new to this list, and I once looked over the archives,
but the problem like this might not have been proposed, so I ask...
please see the code below
sorry to be too long.
(the result of this code is supposed to be seen with HTML browser)
--
Hello,
Thanks for your great advice,
and also the tutorial http://www.aditus.nu/jpgraph/jpg_phpoo.php helps so much.
I guess I was confusing a copy of object and a reference of object.
btw that's too confusing!
"Gyozo Papp" <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I've not tried your code yet, b
IMHO
$query = "SELECT shoodID FROM shoots WHERE location=\"$location\"";
and even
$query = "SELECT shoodID FROM shoots WHERE location='$location'";
sometimes cause SQL Syntax Error,
because the variable $location may contain quote characters (')(")...
since i experienced the same thing i've b
yes,
both of yours make the same result too, and are clean :-)
and i wonder what the best way is, to put queries into php code...
there's a more complicated sample,
$a=addslashes($a);
$b=addslashes($b);
$c=addslashes($c);
if( $another_table ) { $another_table=','.$another_table; }
$query = "sel
Hello,
I don't think the problem you have is not the size of the file.
It seems to depend on the content of that.
(line 1) $a = 'abc%d';
(line 2) printf( "$a" );
will cause too-few-arguments error
because variable $a contains the sequence of '%','d', which should be interpreted as
formatting ch
11 matches
Mail list logo