mp; $check==md5( . $delete))
$sql=sprintf("delete from tbl where id = %d",$delete);
This makes sure that the person is using the correct path.
Jerry
-Original Message-
From: Jaime Bozza [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 21, 2001 7:32 PM
To: [EMAIL PROTECTED]
Subje
aime Bozza
-Original Message-
From: Nathan Cassano [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 21, 2001 11:34 AM
To: [EMAIL PROTECTED]
Subject: RE: [PHP] Mommy, is it true that...?
One thing that I do know is dangerous is deleting rows based on an
integer field with an unprocessed value;
Yes, that's a very good one I didn't think of!
> One thing that I do know is dangerous is deleting rows based on an
> integer field with an unprocessed value;
> Ca-Boom! The entire table has been deleted. Don't you feel dumb!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-
One thing that I do know is dangerous is deleting rows based on an
integer field with an unprocessed value;
Example: Delete row script
By simply appending an all inclusive sql clause.
$id = "21421 or 1 = 1";
Ca-Boom! The entire table has been deleted. Don't you feel dumb!
Instead process t
On Friday 21 December 2001 02:39, you wrote:
I believe (not sure so please clarify) that if your code was
if ($pwd == "goodpwd") $lethimin = 1;
else $lethimin = 0;
the code would be secure. only setting the variable when the pass is correct
would be too easy to crack right? since I'd call the p
At 03:39 AM 12/21/2001 +0200, Bogdan Stancescu wrote:
>Hi everybody!
>
>Two things I consider urban myths about PHP (plus MySQL) - please let me
>know what you think of these:
>
>1. The evil global variables
[...]
>My question to you guys is this: does anybody know of a real example of
>reasonably
6 matches
Mail list logo