RE: [PHP] Mommy, is it true that...?

2001-12-24 Thread Jerry Verhoef (UGBI)
mp; $check==md5( . $delete)) $sql=sprintf("delete from tbl where id = %d",$delete); This makes sure that the person is using the correct path. Jerry -Original Message- From: Jaime Bozza [mailto:[EMAIL PROTECTED]] Sent: Friday, December 21, 2001 7:32 PM To: [EMAIL PROTECTED] Subje

RE: [PHP] Mommy, is it true that...?

2001-12-21 Thread Jaime Bozza
aime Bozza -Original Message- From: Nathan Cassano [mailto:[EMAIL PROTECTED]] Sent: Friday, December 21, 2001 11:34 AM To: [EMAIL PROTECTED] Subject: RE: [PHP] Mommy, is it true that...? One thing that I do know is dangerous is deleting rows based on an integer field with an unprocessed value;

Re: [PHP] Mommy, is it true that...?

2001-12-21 Thread Bogdan Stancescu
Yes, that's a very good one I didn't think of! > One thing that I do know is dangerous is deleting rows based on an > integer field with an unprocessed value; > Ca-Boom! The entire table has been deleted. Don't you feel dumb! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-

RE: [PHP] Mommy, is it true that...?

2001-12-21 Thread Nathan Cassano
One thing that I do know is dangerous is deleting rows based on an integer field with an unprocessed value; Example: Delete row script By simply appending an all inclusive sql clause. $id = "21421 or 1 = 1"; Ca-Boom! The entire table has been deleted. Don't you feel dumb! Instead process t

Re: [PHP] Mommy, is it true that...?

2001-12-21 Thread TD - Sales International Holland B.V.
On Friday 21 December 2001 02:39, you wrote: I believe (not sure so please clarify) that if your code was if ($pwd == "goodpwd") $lethimin = 1; else $lethimin = 0; the code would be secure. only setting the variable when the pass is correct would be too easy to crack right? since I'd call the p

Re: [PHP] Mommy, is it true that...?

2001-12-20 Thread Michael Sims
At 03:39 AM 12/21/2001 +0200, Bogdan Stancescu wrote: >Hi everybody! > >Two things I consider urban myths about PHP (plus MySQL) - please let me >know what you think of these: > >1. The evil global variables [...] >My question to you guys is this: does anybody know of a real example of >reasonably