On Wed, Sep 21, 2011 at 13:53, Dotan Cohen dotanco...@gmail.com wrote:
I have an application in which the password is stored in the database
as md5(md5('passWord').'userSpecificSalt'). I'm checking the password
entered with:
$password=md5( md5('$_POST['password']').'userSpecificSalt' );
If you're converting the input data in a md5 hash has no reason to scape it.
Regards,
Igor Escobar
*Software Engineer
*
+ http://blog.igorescobar.com
+ http://www.igorescobar.com
+ @igorescobar http://www.twitter.com/igorescobar
On Wed, Sep 21, 2011 at 2:53 PM, Dotan Cohen
On Wed, Sep 21, 2011 at 21:03, Daniel Brown danbr...@php.net wrote:
It never hurts to be overly cautious, but as MD5 hashes are
strictly alphanumeric (using hex characters), you won't have an issue
with injection with the code above. That is, of course, unless your
version of PHP is
Thanks Igor. I will sleep peacefully this night!
--
Dotan Cohen
http://gibberish.co.il
http://what-is-what.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
On Wed, Sep 21, 2011 at 15:32, Dotan Cohen dotanco...@gmail.com wrote:
The rebuild without md5 is an interesting point. That sounds exactly
like the type of it-will-never-happen-until-it-happens-to-me problems!
Thanks for the heads up.
I should've specified, though, that then you would
On Wed, Sep 21, 2011 at 22:36, Daniel Brown danbr...@php.net wrote:
I should've specified, though, that then you would simply have the
fatal error message (call to undefined function) pass through, not the
unhashed original text.
Yes, that is obvious.
--
Dotan Cohen
On Fri, Jul 22, 2011 at 11:48, Floyd Resler fres...@adex-intl.com wrote:
I did a fresh install of PHP on a new server. I had gotten used to PHP
automatically adding a backslash before single quotes when form data is
submitted. It seems that is shut off in my new install. How do I turn it
On 22 July 2011 16:54, Daniel Brown danbr...@php.net wrote:
On Fri, Jul 22, 2011 at 11:48, Floyd Resler fres...@adex-intl.com wrote:
I did a fresh install of PHP on a new server. I had gotten used to PHP
automatically adding a backslash before single quotes when form data is
submitted. It
On Jul 22, 2011, at 11:54 AM, Daniel Brown wrote:
On Fri, Jul 22, 2011 at 11:48, Floyd Resler fres...@adex-intl.com wrote:
I did a fresh install of PHP on a new server. I had gotten used to PHP
automatically adding a backslash before single quotes when form data is
submitted. It seems
On Jul 22, 2011, at 12:08 PM, Richard Quadling wrote:
On 22 July 2011 16:54, Daniel Brown danbr...@php.net wrote:
On Fri, Jul 22, 2011 at 11:48, Floyd Resler fres...@adex-intl.com wrote:
I did a fresh install of PHP on a new server. I had gotten used to PHP
automatically adding a backslash
...
This is a PHP function that escapes strings so you can output them as a
JS string. IIRC it assumes you're using single quotes to enclose your
strings.
/**
* Function to appropriately escape a string so it can be output
* into javascript code.
*
* @param string
This is a PHP function that escapes strings so you can output them as a
JS string. IIRC it assumes you're using single quotes to enclose your
strings.
/**
* Function to appropriately escape a string so it can be output
* into javascript code.
*
* @param
Brad Bonkoski wrote:
All...
A lot has been said recently about the dangers of the family of
magic_quotes...
I understand the dangers.
The question is, for those of us using a database that does not have a
*real_escape_string function...Oracle for example.
What is the *best* way to escape
Jochem Maas wrote:
Brad Bonkoski wrote:
All...
A lot has been said recently about the dangers of the family of
magic_quotes...
I understand the dangers.
The question is, for those of us using a database that does not have
a *real_escape_string function...Oracle for example.
What is the
Brad Bonkoski wrote:
All...
A lot has been said recently about the dangers of the family of
magic_quotes...
I understand the dangers.
The question is, for those of us using a database that does not have a
*real_escape_string function...Oracle for example.
What is the *best* way to escape
Brad Bonkoski wrote:
Jochem Maas wrote:
...
Understood what the esacpe character needs to be...the question is the
best way to get it there?
Currently I have:
magic_quotes_sybase = On
this adds single quotes automatically - addslashes (unless Im mistaken -
wouldnt be the first time)
Jochem Maas wrote:
Brad Bonkoski wrote:
Jochem Maas wrote:
...
Understood what the esacpe character needs to be...the question is
the best way to get it there?
Currently I have:
magic_quotes_sybase = On
this adds single quotes automatically - addslashes (unless Im mistaken -
Brad Bonkoski wrote:
...
this adds single quotes automatically - addslashes (unless Im mistaken -
wouldnt be the first time) would add slashes (and not single quotes)
which is not what you want.
Only done automatically IFF magic_quotes_gpc is ALSO on, which in my
case it is off.
From: Brad Bonkoski [mailto:[EMAIL PROTECTED]
Sent: Fri 26/05/2006 15:41
A lot has been said recently about the dangers of the family of
magic_quotes...
I understand the dangers.
The question is, for those of us using a database that does not have a
*real_escape_string function...Oracle
From: Jochem Maas [mailto:[EMAIL PROTECTED]
Sent: Fri 26/05/2006 15:54
Brad Bonkoski wrote:
All...
A lot has been said recently about the dangers of the family of
magic_quotes...
I understand the dangers.
The question is, for those of us using a database that does not have a
On 25/05/06, Pavleck, Jeremy D. [EMAIL PROTECTED] wrote:
So I'm writing this page (PHP Newbie here) and it checks to see if a var
is set, if it isn't it spits out the form info like so: echo form
action=myform.php method=post;
Now is there a way to 'wrap' that so I don't have to escape quotes?
So I'm writing this page (PHP Newbie here) and it checks to see if a var
is set, if it isn't it spits out the form info like so: echo form
action=myform.php method=post;
Now is there a way to 'wrap' that so I don't have to escape quotes?
Something like perls 'qq' function is what I'm looking
Pavleck, Jeremy D. wrote:
So I'm writing this page (PHP Newbie here) and it checks to see if a var
is set, if it isn't it spits out the form info like so: echo form
action=myform.php method=post;
Now is there a way to 'wrap' that so I don't have to escape quotes?
Something like perls 'qq'
or heredeoc syntax :)
On 5/25/06, John Nichel [EMAIL PROTECTED] wrote:
Pavleck, Jeremy D. wrote:
So I'm writing this page (PHP Newbie here) and it checks to see if a var
is set, if it isn't it spits out the form info like so: echo form
action=myform.php method=post;
Now is there a way to
Not sure I understand your question correctly. I think you can just use
soemthing like:
echo 'form action=myform.php method=post';
Mindaugas L wrote:
or heredeoc syntax :)
On 5/25/06, John Nichel [EMAIL PROTECTED] wrote:
Pavleck, Jeremy D. wrote:
So I'm writing this page (PHP Newbie
Hi,
Try this
print(value=\ . $attributes[messageSubject] . \);
Binoy
__ __ __ __
Sent via the WebMail system at softwareassociates.co.uk
---
Scanned by MessageExchange.net (12:54:20 SPITFIRE)
--
PHP General
I had a parrot idea whilst writing this.. (see bottom)
Giles wrote:
Hi Guys
Really simple question. How do I change the following:
print(value=' . $attributes[messageSubject] . ');
to have double quotes around the subject field instead. i.e.:
print(value= . $attributes[messageSubject] . );
you
To view the terms under which this email is distributed, please go to
http://disclaimer.leedsmet.ac.uk/email.htm
On 27 January 2005 12:14, Giles wrote:
Hi Guys
Really simple question. How do I change the following:
print(value=' . $attributes[messageSubject] . ');
to have double
Hi Guys
Really simple question. How do I change the following:
print(value=' . $attributes[messageSubject] . ');
to have double quotes around the subject field instead. i.e.:
print(value= . $attributes[messageSubject] . );
Simple:
Print (value=\{$attributes['messageSubject']}\);
Giles wrote:
Hi Guys
Really simple question. How do I change the following:
print(value=' . $attributes[messageSubject] . ');
to have double quotes around the subject field instead. i.e.:
print(value= . $attributes[messageSubject] . );
print(value=\ . $attributes[messageSubject] . \);
Jochem Maas wrote:
I had a parrot idea whilst writing this.. (see bottom)
...
---
ParrotTalk: I think that this topic of string interpolation/quotes
deserves 'parrot' attention which made me think that maybe the parrot
could parse for markers (that if added to an email by an autorized poster)
John Holmes wrote:
print(value=\ . $attributes[messageSubject] . \);
Slight typo there:
value=\ . ...
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Subject: Re: [PHP] escaping quotes
John Holmes wrote:
print(value=\ . $attributes[messageSubject] . \);
Slight typo there:
value=\ . ...
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP
What also works is this:
print 'value='. $foo['bar'] . '';
Read the manual section on strings:
http://php.net/types.string
Regards,
Philip
On Thu, 27 Jan 2005, Giles wrote:
Thanks, that works great.
Knew that worked for JavaScript but didn't know it worked for PHP.
print(value=\ .
Nick Wilson wrote:
Hi all,
If i want to find a url on a page, there are some chars i need to escape
right?
like '/' and '?'
do i also need to escape '.'?
Are there any other things that might pop up in a url that I can escape
with addcslashes()?
Much thanks
Don't use posix regexp, but use
* and then Marek Kilimajer declared
If i want to find a url on a page, there are some chars i need to escape
right?
like '/' and '?'
do i also need to escape '.'?
Are there any other things that might pop up in a url that I can escape
with addcslashes()?
Don't use posix regexp,
[snip]
2) By not escaping quotes in the data
...
You can do it this way but you must make sure that any strings in your
values array have been escaped before with
[/snip]
There is no quotes in the data. The data coming in is a $_POST array.
$dbmssql-dbinsert($_POST, $table);
However this did
On Wed, 11 Aug 2004 19:03:32 -0500, Alex Hogan
[EMAIL PROTECTED] wrote:
Hi All,
I have this expression;
$query = INSERT INTO $table (%s) VALUES (%s);
$query = sprintf($query, implode(,, $fld), implode(,,
$val));
$result = mssql_query($query) or
Hi,
Thursday, August 12, 2004, 10:03:32 AM, you wrote:
AH Hi All,
AH I have this expression;
AH $query = INSERT INTO $table (%s) VALUES (%s);
AH $query = sprintf($query, implode(,, $fld), implode(,,
AH $val));
AH $result = mssql_query($query) or die($errmsg);
AH
On Thu, 12 Aug 2004 12:34:30 +1000, Tom Rogers [EMAIL PROTECTED] wrote:
Hi,
Thursday, August 12, 2004, 10:03:32 AM, you wrote:
AH Hi All,
AH I have this expression;
AH $query = INSERT INTO $table (%s) VALUES (%s);
AH $query = sprintf($query, implode(,, $fld),
On Apr 16, 2004, at 3:40 AM, Merlin wrote:
Hi there,
I am just validating html generated by a php page. There is an error
which comes
up if ther is a dash in the content text. Those characters come out of
a database.
Is there a command in php which is escaping those characters for valid
html
Lowell Allen wrote:
On Apr 16, 2004, at 3:40 AM, Merlin wrote:
Hi there,
I am just validating html generated by a php page. There is an error
which comes
up if ther is a dash in the content text. Those characters come out of
a database.
Is there a command in php which is escaping those
On Friday 16 April 2004 20:19, Merlin wrote:
hmm so you would suggest to save the entitty code directly to the database
in the first place?
If the data is mainly displayed as HTML then yes, store the HTML entities and
do a conversion when you want plain text or whatever.
What happens if I
* Thus wrote Marek Kilimajer ([EMAIL PROTECTED]):
Adam Williams wrote:
If I have the SQL statement:
$sql = select subject from subwhile where subject = '*$var[0]*';
Don't you want to do:
$sql = select subject from subwhile where subject LIKE '%$var[0]%';
I think more precisely:
$sql =
Curt Zirzow wrote:
Don't you want to do:
$sql = select subject from subwhile where subject LIKE '%$var[0]%';
I think more precisely:
$sql = select subject from subwhile where subject LIKE '%{$var[0]}%';
Either will work, as will
$sql = ... subject LIKE '%$var[string_index]%';
--
PHP General
Adam --
...and then Adam Williams said...
%
% If I have the SQL statement:
%
% $sql = select subject from subwhile where subject = '*$var[0]*';
%
% do I need to put a \ before each '?
1) You should have just tried it.
2) No.
You owe the Newbie Guide a paragraph on quoting and escaping.
Adam Williams wrote:
If I have the SQL statement:
$sql = select subject from subwhile where subject = '*$var[0]*';
Don't you want to do:
$sql = select subject from subwhile where subject LIKE '%$var[0]%';
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
[snip]
If I have the SQL statement:
$sql = select subject from subwhile where subject = '*$var[0]*';
Don't you want to do:
$sql = select subject from subwhile where subject LIKE '%$var[0]%';
[/snip]
Not if the variable is exactly what he is looking for.
--
PHP General Mailing List
Yeah thats what I meant to do, my PHP is very rusty if you can't tell
(and so is my SQL) :)
Jay Blanchard wrote:
[snip]
If I have the SQL statement:
$sql = select subject from subwhile where subject = '*$var[0]*';
Don't you want to do:
$sql = select subject from subwhile where subject LIKE
Dan Anderson mailto:[EMAIL PROTECTED]
on Wednesday, September 10, 2003 5:17 PM said:
If you don't like somebodys post just ignore it. I'd bet your 2 cents
that you don't find every post to this list interesting. Do you reply
to those people and ask them to not post stuff that doesn't
You've completely misread and misinterpreted Robert's comments. He
didn't say he didn't want to read posts he wasn't interested in and he
didn't ask the poster to not post things he wasn't interested in
reading. He DID however request that people not send html emails to the
list.
Oh wait, he
*chuckle* this explains your responses to me. In this new light I
apologize for my condescending responses.
Cheers,
Rob.
On Thu, 2003-09-11 at 20:17, Dan Anderson wrote:
You've completely misread and misinterpreted Robert's comments. He
didn't say he didn't want to read posts he wasn't
I need to print the following:
onClick=MM_openBrWindow('http://www.gilardi.com/pdf/gwyt1poc.pdf','','')
and I am not sure how to escape the ' characters.
with a slash.
http://www.google.com/search?q=php+single+quote+escape+site%3Aphp.net
I believe the general posting guidelines discourage posting HTML to
mailing lists, and to be quite honest many of us pay for our bandwidth
and don't need your 8k image eating up resources.
2 cents,
Rob.
On Wed, 2003-09-10 at 13:27, Todd Cary wrote:
I need to print the following:
Try this
?php$url="";echo "a href=#
asd/a";?
HTH
-Murugesan
- Original Message -
From:
Todd
Cary
To: [EMAIL PROTECTED]
Sent: Wednesday, September 10, 2003 10:57
PM
Subject: [PHP] Escaping the " ' "
character
I need to print the
I believe the general posting guidelines discourage posting HTML to
mailing lists, and to be quite honest many of us pay for our bandwidth
and don't need your 8k image eating up resources.
If you don't like somebodys post just ignore it. I'd bet your 2 cents
that you don't find every post to
Funny, I could swear I made a comment about bandwidth not topic. You
should go read my original message, then read the guidelines, then
wonder to yourself if you are all alone in this world -- if you by
chance find that you're not in your own little world, perhaps you see
why guidelines posted for
[snip]
$query = LOAD DATA LOCAL INFILE '/home/data.txt' INTO TABLE mytable
FIELDS TERMINATED BY ',' ENCLOSED BY ' . '' . ' ;
{/snip]
try ...
$query = LOAD DATA LOCAL INFILE '/home/data.txt' INTO TABLE mytable
FIELDS TERMINATED BY ',' ENCLOSED BY '' ;
The period concats were not needed.
--
PHP
--- Roy W [EMAIL PROTECTED] wrote:
The query doesn't take ... but if I cut and paste the printed
response into the mysql server manually ... works like a charm
http://www.php.net/addslashes
Chris
=
Become a better Web developer with the HTTP Developer's Handbook
http://httphandbook.org/
Sorry...Because of the double quote near the ENCLOSED BY .. It delivers a
PARSE ERROR
?
-Original Message-
From: Jay Blanchard [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 31, 2003 12:38 PM
To: Roy W; [EMAIL PROTECTED]
Subject: RE: [PHP] Escaping nasty quotes
[snip]
$query = LOAD
]
Subject: Re: [PHP] Escaping nasty quotes
--- Roy W [EMAIL PROTECTED] wrote:
The query doesn't take ... but if I cut and paste the printed response
into the mysql server manually ... works like a charm
http://www.php.net/addslashes
Chris
=
Become a better Web developer with the HTTP
[snip]
Sorry...Because of the double quote near the ENCLOSED BY .. It delivers
a
PARSE ERROR
$query = LOAD DATA LOCAL INFILE '/home/data.txt' INTO TABLE mytable
FIELDS
TERMINATED BY ',' ENCLOSED BY '' ;
[/snip]
Are the fields enclosed by a quote? If not...
$query = LOAD DATA LOCAL INFILE
Unfortunately, they are indeed enclosed by double quotes
Roy
-Original Message-
From: Jay Blanchard [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 31, 2003 12:58 PM
To: Roy W; [EMAIL PROTECTED]
Subject: RE: [PHP] Escaping nasty quotes
[snip]
Sorry...Because of the double quote near
[snip]
Unfortunately, they are indeed enclosed by double quotes
[/snip]
Can you show us a snippet of data.txt?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I have this:
$query = LOAD DATA LOCAL INFILE '/home/data.txt' INTO TABLE
mytable FIELDS
TERMINATED BY ',' ENCLOSED BY ' . '' . ' ;
$result = MYSQL_QUERY($query);
PRINT br$query2br;
The query doesn't take ... but if I cut and paste the printed
response into
the mysql server manually ...
On Thu, 2003-07-31 at 14:31, Roy W wrote:
I have this:
$query = LOAD DATA LOCAL INFILE '/home/data.txt' INTO TABLE mytable FIELDS
TERMINATED BY ',' ENCLOSED BY ' . '' . ' ;
$result = MYSQL_QUERY($query);
PRINT br$query2br;
The query doesn't take ... but if I cut and paste the printed
-Original Message-
From: Erik Price [mailto:[EMAIL PROTECTED]]
Sent: 18 February 2003 18:11
PS: I am using htmlentities() on the output before displaying
it in the
browser, but it doesn't apply to singlequotes.
Ahem! I quote from
On Tue, 18 Feb 2003 13:10:33 -0500, you wrote:
input type='text' name='publisher' value='O'Reilly' /
input type=text name=blah value=aaquot;aa
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I need to get a password value from a form, store it in a database and
then
later be able to compare a login password to the one stored in the db.
This works great unless the password contains the '\' char.
magic_quotes_gpc is ON and magic_quotes_runtime is OFF.
As a klude, I tried just
a whole new set of challenges.
I'd appreciate any other advice or clarification you could offer.
Thanks,
-Original Message-
From: John W. Holmes [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 07, 2003 4:25 PM
To: 'Rob Walls'; [EMAIL PROTECTED]
Subject: RE: [PHP] Escaping Chars
I need
Thanks for the reply, but I still can't seem to make the connection...
If I enter the value
123\/'
in a web form and put the form post value directly into the db (no
stripslashes or any other function), the value as reported by the db
at a
command line query is
123\/'
That's not right. If
I'm having a problem escaping double quotes in email messages sent with
mail(). The message is built as a string and assigned to a variable and
the
variable name is passed to the mail function.
The double quotes appear correctly in a simple test like this:
$message = This message uses
From: 1LT John W. Holmes [EMAIL PROTECTED]
I'm having a problem escaping double quotes in email messages sent with
mail(). The message is built as a string and assigned to a variable and
the
variable name is passed to the mail function.
The double quotes appear correctly in a simple test
-Original Message-
From: Mike Smith [mailto:[EMAIL PROTECTED]]
Sent: 12 December 2002 14:47
Rendered results of a href... =
http://company.com/custmaint.php?id=70class=cust=company
T/T #29type=OEM
id is the record id
class is Null so that's OK.
cust=company T/T #29
since I've started scripting in PHP, but would
appreciate any pointers.
Thanks for pointing me in the right direction!
Mike Smith
-Original Message-
From: Ford, Mike [LSS] [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 13, 2002 4:22 AM
To: 'Mike Smith'; PHP General
Subject: RE: [PHP
-Original Message-
From: Mike Smith
Is this fundamentally flawed? You mentioned ...is probably invalid in
itself, but we'll come to that. Were you referring to the space or the
whole pasing of array variables in an URL.
Yup, I meant the spaces, not the whole concept -- when I wrote that
=$id) this record cust will now be company T/T
All the other fields fill in correctly. Is it seeing the # as a comment?
-Original Message-
From: Richard Baskett [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 11, 2002 3:57 PM
To: Mike Smith; PHP General
Subject: Re: [PHP] Escaping
Why don't you just try:
$cust2 = str_replace('#','#35;',$cust);
That should replace all instances of # with it's html entity equivalent. If
that doesn¹t work then there is something else wrong with your script and
we'll need to see it all! :)
Rick
People who drink to drown their sorrow should
Have to be a bit more specific, cause I can't reproduce your
problem... Do you have some code examples that show it clearer?
name for client is COMPANY #1 in DB
?php
include dbconnect.inc; //sets up db connection
$sel = mysql_query(select name from client
where
Hello,
Ernest E Vogelsinger [EMAIL PROTECTED] wrote:
At 23:53 14.11.2002, Lars Espelid said:
[snip]
Try to execute this code:
if (ereg[^0-9], $num))
print That's not a number!;
result: parsing error, expects ')' on the if-line.
You forgot an
Hello again...
Lars Espelid wrote:
Hello,
I'm running Apache 1.3.26, PHP 4.0.5 and WinXPpro.
My problem is as follows:
Try to execute this code:
if (ereg[^0-9], $num))
print That's not a number!;
result: parsing error, expects ')' on the if-line.
This one does have a parse error
At 23:53 14.11.2002, Lars Espelid said:
[snip]
Try to execute this code:
if (ereg[^0-9], $num))
print That's not a number!;
result: parsing error, expects ')' on the if-line.
You forgot an opening bracket, and need to quote the regex, like
if
Just escape the \ with a single escape character. eg. your string
'\0PZ\0Îê˜Úµ' would end up as '\\0PZ\\0Îê˜Úµ' - each \ simply
escapes the backslash following it. If you add two backslashes, you end
up with one too many which is what the error is referring to.
..micahel..
On Thu,
One of the guys over on the php-db list told me that to store the binary
string correctly in postrgresql, that I would
have to double quote whats already there.
So in essence, by the time it hits the database, it has to be -
\\\0PZ\\\0Îê˜Úµ
Any suggestions to modify the string like this...
See: http://www.php.net/manual/en/function.htmlspecialchars.php
John Hughes wrote:
I'm stumbling over how to allow people to put single or double quotes
in a form text field.
I am passing the form to itself ($PHP_SELF) and on the second time
through previewing what the form data will
is ignored.
Same for the double quotes.
---John Holmes...
- Original Message -
From: Robert Cummings [EMAIL PROTECTED]
To: John Hughes [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday, May 06, 2002 5:06 PM
Subject: Re: [PHP] escaping quotes in forms and redisplaying variables in
form
On Tue, 19 Mar 2002, Dr. Shim wrote:
Well, this is a fairly simple problem. I'm having problems with escaping a
string, and then ending the string right after the escape! For example,
echo Then Johnathan said, \That's exactly what I said!\;
I get a parse error on the line where the string
Hmmm. How about this?
echo form name=\frmMovies\ method=\post\ action=\ . echo $PHP_SELF
. \;
Miguel Cruz [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
On Tue, 19 Mar 2002, Dr. Shim wrote:
Well, this is a fairly simple problem. I'm having problems with
You need to remove the second echo.
On Tue, 19 Mar 2002, Dr. Shim wrote:
Hmmm. How about this?
echo form name=\frmMovies\ method=\post\ action=\ . echo $PHP_SELF
. \;
Miguel Cruz [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
On Tue, 19 Mar 2002,
On Tue, 19 Mar 2002, Dr. Shim wrote:
Hmmm. How about this?
echo form name=\frmMovies\ method=\post\ action=\ . echo $PHP_SELF
. \;
You're concatenating echo $PHP_SELF rather than just $PHP_SELF, which
isn't necessarily helping. But just between me and you, life would be a
lot easier if
Strangley enough, $PHP_SELF is empty. Nothing appears when I do it the way
Bob and you suggested, the action property equals .
Miguel Cruz [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
On Tue, 19 Mar 2002, Dr. Shim wrote:
Hmmm. How about this?
echo form
Are you inside a function, having neglected to do
global $PHP_SELF;
?
miguel
On Tue, 19 Mar 2002, Dr. Shim wrote:
Strangley enough, $PHP_SELF is empty. Nothing appears when I do it the way
Bob and you suggested, the action property equals .
Miguel Cruz [EMAIL PROTECTED] wrote in
*screams, I'm such a newbie!!*
I didn't know I had to declare $PHP_SELF with global before using it
inside a function. Sorry! Works now! Thanks very much! =)
Miguel Cruz [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Are you inside a function, having neglected
PROTECTED]
Subject: RE: [PHP] escaping ?
what about this?
$contents = str_replace('?xml version=1.0?'.'', '', $contents);
-Original Message-
From: Steven Jarvis [mailto:[EMAIL PROTECTED]]
Sent: Saturday, February 09, 2002 8:46 AM
To: [EMAIL PROTECTED]
Subject: [PHP] escaping
what about this?
$contents = str_replace('?xml version=1.0?'.'', '', $contents);
-Original Message-
From: Steven Jarvis [mailto:[EMAIL PROTECTED]]
Sent: Saturday, February 09, 2002 8:46 AM
To: [EMAIL PROTECTED]
Subject: [PHP] escaping ?
I'm trying to do some string replaces on XML
Hi, try this:
str_replace(?xml version=\1.0\?
Jeff
At 03:45 PM 2/8/2002 -0600, Steven Jarvis wrote:
I'm trying to do some string replaces on XML files to import them into a
prprietary db that doesn't understand XML.
I need to strip the XML tags out of the file.
However, when I use this
on 5/16/01 9:12 PM, Augusto Cesar Castoldi at [EMAIL PROTECTED] wrote:
I'm tring to print the variable tmp, but the echo is just printing abcd,
the rest he can't print.
Why?
regards,
Augusto
$tmp=abcdefg;
echo $tmp.br;
echo br;
$tmp=addslashes($tmp);
echo $tmp.br;
echo br;
""Wade"" [EMAIL PROTECTED] wrote in message
9c6dcb$h8e$[EMAIL PROTECTED]">news:9c6dcb$h8e$[EMAIL PROTECTED]...
Aside from " (quotes), which HTML characters should be preceded with a \
(backslash) to avoid parsing errors?
No.
I have the following, which I have in an .inc file outside my web
double quotes
' single quotes (yes, they are used quite often)
\ backslash (JavaScripts etc.)
there are your enemies, nothing else.
forget about + = $ ...
Sincerely,
Maxim Maletsky
Founder, Chief Developer
PHPBeginner.com (Where PHP Begins)
[EMAIL PROTECTED]
www.phpbeginner.com
My previous post is a bit misleading.
""Wade"" [EMAIL PROTECTED] wrote in message
9c6dcb$h8e$[EMAIL PROTECTED]">news:9c6dcb$h8e$[EMAIL PROTECTED]...
Aside from " (quotes), which HTML characters should be preceded with a \
(backslash) to avoid parsing errors?
No and Yes.
NO: You don't have to
1 - 100 of 103 matches
Mail list logo