Ciao a tutti, ho bisogno di qualche dritta:
Voglio utilizzare la trasformazione xslt ma mi servirebbe un modello xslt di
esempio per vedere se il mio è errato
Allego il mio di test:
http://www.w3.org/TR/WD-xsl";>
Quando faccio la trasformazione il risultato è
My first guess would be exec('lpr somefile');
Jim Hatridge wrote:
Hi Justin et al...
On Thursday 24 October 2002 04:29, Justin French wrote:
Hi,
I've been approached by a couple of site to write an article or two on PHP.
Any ideas on a topic that I might want to tackle? What do people want
This depends on the filesystem used, but I would recomend you to
organized them by year. Now you
have few hundred articles, two or three years later it might be 1000,
and reorganize it then would be
much harder then to create the directories now.
Monty wrote:
This is a more general server quest
hi,
When using sessions , how can i test if a browser supports cookies on the
clients browser. When i use cookies why does the PHPSESSID=blah visible in
the url.
Is it dangerous to let php handle the sid in the url if a browser does not
support cookies?Can someone send me an example of good login
Hi Shaun,
> how can i test if a browser supports cookies
Try and set one on page A, and then read it on page B. If it's not there,
the browser doesn't support cookies.
> Is it dangerous to let php handle the sid in the url
> if a browser does not support cookies?
There's an extremely remote p
My boss wants me to add a number of items to the cart based on a user
form input. At the moment my add to cart function checks if anything is
in it and then increments one item (using this code). I can supply the
full function if required but just this part would get me away I think.
if($cart[$ne
add squere brackets to the name and loop through $_POST['state'], as
this will become an array now
James Taylor wrote:
Heya folks, not sure if this is more of a php question or an html question,
though I'm right now leaning towards a 50% php, 50% html, so I think this is
on topic still.
I have
Hi
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hi to Everyone,
I just want to know if there is a way that i can have register_globals
On in my php.ini file but for some application i can turn that Off
perhaps with a .htacces file.
Thx for any help.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/
I have a single page site I'm working on that displays the contents of your
current session. Users can clear the contents by clicking a link that
triggers a $PHP_SELF?clear=1 - Before any headers are sent out, the script
checks for $_GET['clear'], and if it's set, it does a session_destroy();.
For
Hi,
> I just want to know if there is a way that i
> can have register_globals On in my php.ini file
> but for some application i can turn that Off
> perhaps with a .htacces file.
In your .htaccess:
php_flag register_globals on
or
php_flag register_globals off
Manual pages at
http://w
Thx for your reply It is working.
I also found from php.net that it's possible to set register_globals to
"off" on a site-by-site basis via Apache, thus overriding the "global"
setting of register_globals in php.ini:
In httpd.conf:
ServerName localhost
DocumentRoot /var/www/html/mysite
php_va
Hi,
> Thx for your reply It is working.
No probs, glad to help.
> I also found from php.net that it's possible
> to set register_globals to "off" on a site-by-
> site basis via Apache, thus overriding the "global"
> setting of register_globals in php.ini:
>
>
> ServerName localhost
> Documen
Why my mail prcessing script don't recognize the value from the form file.
If I call the $numele variable it's just output a null.
This is the form.html
Numele
Nume:
And this is mail.php
Mesajul este trimis
the mail command is commentet for testing purpose, I
This has to do with how php works with session internaly. $_SESSION is
set after the fist call to
session_start(), session_destroy() destroys only data that are already
stored, the second call to
session_start() tries to retrieve these data, but there are none. Use
$_SESSION=array() before
sessi
On Friday 25 October 2002 06:51, Matias Silva wrote:
> Hi-ya all, here's a quickie...
>
> In my script I create a directory (mysql.backup.timestamp/) within a
> directory called backup/.
> I use the function mkdir("mysql.backup.timestamp", "0777"); and it shows
> the permissions
> as after t
Dear All
I am wondering if anyone know, some good open source editor for PHP on
linux/Unix
Hopping for The Best :)
Tariq
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Actualy, you can use chgrp(), but apache must be a member of the group
you are changing to.
Jason Wong wrote:
On Friday 25 October 2002 06:51, Matias Silva wrote:
Hi-ya all, here's a quickie...
In my script I create a directory (mysql.backup.timestamp/) within a
directory called backup/.
Have a look at www.jedit.org
This editor is not specific to PHP but it does handle PHP well.
Clint
-Original Message-
From: Tariq Murtaza [mailto:tariq@;smeda.org.pk]
Sent: Friday, October 25, 2002 6:01 AM
To: [EMAIL PROTECTED]
Subject: [PHP] Looking for an open source PHP editor on li
On Fri, 25 Oct 2002 13:16:27 +0300
Tjoumaidis <[EMAIL PROTECTED]> wrote:
> Hi to Everyone,
> I just want to know if there is a way that i can have register_globals
> On in my php.ini file but for some application i can turn that Off
> perhaps with a .htacces file.
I prefer it Off in php.ini and
Thank you for your response. First of all, I'm not sure if you are
familiar, but I am working on a project called eNetwizard Content
Management Server. More is available here:
http://www.sourceforge.net/projects/enetwizard/
Content is stored as XML, but not in the usual manner. eNetwizard is
a
Thanks Clint Tredway
Actually i am looking for syntax highlighting / help feature of PHP in
editor.
Any body
Tariq
Clint Tredway wrote:
Have a look at www.jedit.org
This editor is not specific to PHP but it does handle PHP well.
Clint
-Original Message-
From: Tariq Murtaza [ma
the personal edition (2.0) from www.zend.com
well - its not open source but it has nice help and debug-features for PHP.
Tariq Murtaza wrote:
Dear All
I am wondering if anyone know, some good open source editor for PHP on
linux/Unix
Hopping for The Best :)
Tariq
--
PHP General Mailing
You have the page in $result, so you need $result=explode("\n",$result),
and echo $result[0] - [99]
Patrick Hsieh wrote:
Hello list,
I am writing a php script to fetch a html page and verify its content which
generated by a remote cgi program. The special cgi program generates endless
content
Register globals problem - either use $_POST['numele'] (prefered), or
turn register_globals on.
Trasca Ion-Catalin wrote:
Why my mail prcessing script don't recognize the value from the form file.
If I call the $numele variable it's just output a null.
This is the form.html
Numele
Nume:
Now I noticed that I can't take any variable from another file. It's my
programs fault or I have to modify something in Apache or PHP?
--
Trasca Ion-Catalin
"Trasca Ion-Catalin" <[EMAIL PROTECTED]> wrote in message
news:20021025100207.89943.qmail@;pb1.pair.com...
> Why my mail prcessing script don
Hi People,
I am running PHP 4.1.2 on a Cobalt Raq4 server. I'm pretty new to Linux and
can't understand why the server has come preinstalled with 2 diffrent
versions of PHP. When I run phpinfo() from scripts on the site through my
browser it says PHP is installed as an Apache module, but when I ru
You need to use $_POST["numele"] instead of $numele - that or edit your
php.ini file.
Now I noticed that I can't take any variable from another file. It's my
programs fault or I have to modify something in Apache or PHP?
--
Trasca Ion-Catalin
"Trasca Ion-Catalin" <[EMAIL PROTECTED]> wrote i
You can try
http://quanta.sourceforge.net
or.
http://nusphere.com/products/phpadv.htm (this one isn't free)
Tariq Murtaza wrote:
Thanks Clint Tredway
Actually i am looking for syntax highlighting / help feature of PHP in
editor.
Any body
Tariq
Clint Tredway wrote:
Have a lo
VIM :)
--
Maxim Maletsky
[EMAIL PROTECTED]
www.PHPBeginner.com // PHP for Beginners
www.maxim.cx // my Home
// my Wish List: ( Get me something! )
http://www.amazon.com/exec/obidos/registry/2IXE7SMI5EDI3
Tariq Murtaza <[EMAIL PROTECTED]> wrote... :
> Dear All
>
> I am wonde
$_GET is definately insecure because the user can insert values into the URL line,
which may expose data which should be secure (depending upon how you've written your
scripts).
$_POST is more secure, if you add additional protective coding. An excellent example
was provided a couple days ag
> The more secure method ensures it MUST come from a form. Be
> advised: the user can create his own form with $admin as a variable
> and submit it to your PHP script. Therefore, additional precautions
> and authentication are warranted.
And what should these precautions be? If a malicious u
A determined hacker can get through. Period.
Additional safeguards might include username/password authentication against a
database.
You can only make it more difficult for a hacker to break-in. You can never have
absolute certainty he won't.
- Original Message -
From: "Chri
it works only if i put it in my httpd.conf - yes allowoveride is set to
all :/
i'm using apache 1.3.27 on win2k.
Jon Haworth wrote:
> Hi,
>
>
> >Thx for your reply It is working.
>
>
> No probs, glad to help.
>
>
> >I also found from php.net that it's possible
> >to set register_globals to "off"
Hi Frank,
> > ServerName localhost
> > DocumentRoot /var/www/html/mysite
> > php_value register_globals 0 (or 1 for "on")
>
> it works only if i put it in my httpd.conf - yes
> allowoveride is set to all :/
>
> i'm using apache 1.3.27 on win2k.
Well, you're doing *something* wrong, 'cos it wor
well, i found my mistake ;)
on windows i forgot to change the name of the .htaccess-files because on
win they couldnt have a extentsion without a name.
So i've named them now only "htaccess" without the dot and it works fine
Frank W. wrote:
it works only if i put it in my httpd.conf - yes allo
Hey all,
I've been fighting this all night, I need a bit of help. I have a string like.
#21-935 Item Description: $35.95
Where the part # could be 10-2034 a combination of 2 and 3 or 4 digits, and the price
could be a combination of 1,2,3 . 2 digits. I want to chop that string into Part # /
Des
> "William Glenn" <[EMAIL PROTECTED]> wrote in message
news:003101c27c3b$ff8c61a0$6401a8c0@;cortez.co.charter.net...
> Hey all,
> I've been fighting this all night, I need a bit of help. I have a string
like.
>
> #21-935 Item Description: $35.95
>
> Where the part # could be 10-2034 a combination
I presently generate pdf files as required...
I use FPDF for writing PDF...
I require to save these to file... is it a simple case of:
where the script: generate_stats_view_table_pdf.php generates the PDF...
http://www.domain.com/autoreport/generate_stats_view_table_pdf.php');
while (list (
"Paul Kaiser" <[EMAIL PROTECTED]> wrote in message
news:58851.208.216.64.17.1035495310.squirrel@;illinimedia.com...
> I have around 50 checkboxes on an HTML form. Their "value" is "1". So,
> when a user check the box, then no problem -- the value returned by the
> form is "1" and I can enter that
I think Glimmer is pretty good.
http://glimmer.sourceforge.net/
Brad
On Fri, 2002-10-25 at 07:49, Maxim Maletsky wrote:
>
> VIM :)
>
>
>
> --
> Maxim Maletsky
> [EMAIL PROTECTED]
>
>
> www.PHPBeginner.com // PHP for Beginners
> www.maxim.cx // my Home
>
> // my Wish List: ( G
- Original Message -
From: "William Glenn" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, October 25, 2002 10:34 AM
Subject: [PHP] Ereg help
Hey all,
I've been fighting this all night, I need a bit of help. I have a string like.
#21-935 Item Description: $35.95
Where the pa
"Tim Haynes" <[EMAIL PROTECTED]> wrote in message
news:20021023162115.16675.qmail@;pb1.pair.com...
> Here is a puzzle, infact it is a game that I need to do in PHP, here is
the
> spec
>
> 3 prizes to be won every day over a month by clicking on 24 seperate
> windowsand thats it
>
> How could I
> And what should these precautions be? If a malicious user can submit
> his own form and you are looking for a POST variable, how can you
> ensure that $admin came from your form and not that user's?
The problem is when a cracker uses form variables in an attempt to set the
values of "flag" v
Hi,
I am having a major problem getting set_time_limit() to work at all
with PHP 4.2.3 running as a CGI program under IIS for Windows 2000 (I
originally posted this message to php-win, but am hoping someone here
can shed some light on this). I have a form that accepts large files
for upload,
Hi
i struggling with multiple select lists in HTML forms. The resulting
$_REQUEST array cuts some characters from the values. If the value is
value="99" i will get "99" after posting...
my php file:
***
echo "{$_SERVER['REQUEST_URI']} ";
echo "First: {$_REQUEST['msel'][0]} ";
echo "Co
use $_POST, not $_REQUEST
- Original Message -
From: "Heiko Mundle" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, October 25, 2002 10:39 AM
Subject: [PHP] cutted values after posting multiple select list
Hi
i struggling with multiple select lists in HTML forms. The resulting
I can't get the DomDocument->dump_file($file, false, true); to work.!
help needed!
Everyting else works just fine.
Running
IIS5
PHP 4.2.3
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
yes it does...
/me answered myself again ;)
"Brian McGarvie" <[EMAIL PROTECTED]> wrote in message
news:20021025145239.65314.qmail@;pb1.pair.com...
> I presently generate pdf files as required...
>
> I use FPDF for writing PDF...
>
> I require to save these to file... is it a simple case of:
>
> w
Is there anyway to have php convert a database from mySQL to Access via a
webpage? I have a couple of people here who use Access to do mail merging
things with word and it would make my life a ton easier if I did not have to
convert the db's everytime they want the info. If anyone has any though
php-general Digest 25 Oct 2002 16:40:19 - Issue 1665
Topics (messages 121385 through 121443):
Sessions help Please
121385 by: Bryan McLemore
121387 by: Peter Houchin
121389 by: Justin French
Re: How many is too many?
121386 by: Justin French
121388 by
On Fri, 25 Oct 2002, Tyler Durdin wrote:
>-Is there anyway to have php convert a database from mySQL to Access via a
>-webpage? I have a couple of people here who use Access to do mail merging
>-things with word and it would make my life a ton easier if I did not have to
>-convert the db's ever
[snip]
Is there anyway to have php convert a database from mySQL to Access via a
webpage? I have a couple of people here who use Access to do mail merging
things with word and it would make my life a ton easier if I did not have to
convert the db's everytime they want the info. If anyone has any th
First time playing with PHP, Apache, and MySQL. I have a simple form error
and I don't know how to solve it. I was doing the Webmonkey PHP/MySQL
tutorial and when I started using forms with $PHP_SELF I started getting
errors with variables not defined.
PHP 4.2.3
MySQL 4.0 Windows 2000
Apache 1.3
Hi William, try this:
^(#[0-9]{2}-[0-9]{2,4} Item Description: [\$][0-9]{1,3}[\.][0-9]{2})$
I've just been putting a number of expressions together for validation
myself.
Regards,
Dave Pratt
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I found some products that may be of help to you.
http://www.mysql.com/documentation/mysql/bychapter/manual_Contrib.html#SEC67
4
MyAccess is an AddIn for MS Access 97/2000 that allows you to manage MySQL
databases from within Access. Main functions are:
a.. Create/Modify Tables
b.. Execute Qu
The simple but potentially wrong..harmful solution is to turn on
register globals in php.ini,
The right solution is to use $_SERVER['PHP_SELF'];
On Fri, 2002-10-25 at 11:48, Mario Montag wrote:
> First time playing with PHP, Apache, and MySQL. I have a simple form error
> and I don't know ho
Cool! the umask() is what I have to set prior to mkdir() for this to work.
Thanks Jason & Marek
-Matias
"Matias Silva" <[EMAIL PROTECTED]> wrote in message
news:20021024225108.24906.qmail@;pb1.pair.com...
> Hi-ya all, here's a quickie...
>
> In my script I create a directory (mysql.backup.tim
I would also recommend jedit. It is a VERY nice IDE. Supports a TON of
language, any operating system that supports Java, syntax highlighting.
etc.
Tyler Lane
[EMAIL PROTECTED]
On Fri, 2002-10-25 at 04:14, Clint Tredway wrote:
> Have a look at www.jedit.org
>
> This editor is not specific to PH
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 25 October 2002 11:23 am, Johnson, Kirk wrote:
> > And what should these precautions be? If a malicious user can submit
> > his own form and you are looking for a POST variable, how can you
> > ensure that $admin came from your form and not
As was already mentioned, $_SERVER['PHP_SELF'] is what you want. But on a
side note you may consider changing the way you're checking for results in
that if() statment. You will end up with another error if no records are
returned. So instead you should check for the nubmer of records returned
w
Thanks, but what are the parameters to make the dir?
> - Original Message -
> From: "John W. Holmes" <[EMAIL PROTECTED]>
> To: "'Stephen'" <[EMAIL PROTECTED]>; "'PHP List'"
> <[EMAIL PROTECTED]>
> Sent: Thursday, October 24, 2002 8:27 PM
> Subject: RE: [PHP] Creating Directories
>
>
> > m
Thanks for the tip. I have another issue once I click on a form. Could you
take a quick look at this one:
//--- START OF CODE --
First name:
Last name:
Address:
Position:
// -- END OF CODE
I open it and I get the following text boxes:
And if you want to take it a step further, to ensure that the values are
submitted from YOUR form, check the $_SERVER['HTTP_REFERER'] to see if
it's coming from your domain | page.
Paul Nicholson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 25 October 2002 11:23 am, Johnson, K
please delete
"Paul Reisinger" <[EMAIL PROTECTED]> wrote in message
news:20021024144642.71222.qmail@;pb1.pair.com...
> I think my problem lies in the php.ini file. What should my include_path
be
> set to in my php.ini file??
>
> Whenever I try and include anything I get the error message below.
>
HTTP_REFERRER can be spoofed, so don't rely on it for much.
---John Holmes...
- Original Message -
From: "John Nichel" <[EMAIL PROTECTED]>
To: "Paul Nicholson" <[EMAIL PROTECTED]>
Cc: "Johnson, Kirk" <[EMAIL PROTECTED]>; "PHP General"
<[EMAIL PROTECTED]>
Sent: Friday, October 25, 2002 2:0
I thought of this was well and into the PHP documentation about this
option. Here's a side note that the documentation includes:
Not all user agents will set this, and some provide the ability to modify
HTTP_REFERER as a feature. In short, it cannot really be trusted.
Even thought it's not a s
Hi,
I have a website with lots of stories (each story is about 20 pages long).
The list of stories is in a MySQL database.
I've read somewhere that pdf files can be embeded on a webpage. I want my
visitor to use the navigation system of my website. (and don't want them to
leave my website while re
Yes, but that's what we've been discussing. Nothing is bulletproof,
unless your box has no route to the outside world, no Nic, no modem,
etc. But, depending on how security conscience (paranoid *G*) you may
be, there are different steps to 'add' security, and keep out all but
the most determi
On Friday 25 October 2002 03:52, Shawn McKenzie wrote:
> Some have eluded to this but I haven't seen a working example. I would
> like to declare globals in my main script and then inside functions that
> need these globals just somehow use the $GLOBALS or something to declare
> the variables glob
On Saturday 26 October 2002 01:23, Stephen wrote:
> Thanks, but what are the parameters to make the dir?
Try searching manual for:
> > > mkdir()
??
--
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet
Hi Jason, I have a follow-up question about mkdir. If the files created by
mkdir are owned by 'nobody', does that create a security risk for those
files? If so, how does one get around accepting files via an upload form
that are assigned to a user other than 'nobody'?
Monty
--
PHP General Mail
Ok, let me see if I have this right:
When you do:
$var = new myClass();
$var instantiates and holds a copy of myClass. But when
you do:
$var =& new myClass();
$var instantiates and references that instantiation?
If so, then I'm curious - if you do:
$var2 =& new myClass();
and you modify
Okay, I really want to understand how to make $_GET and $_POST more secure
because it means changing a fundamental way my scripts are now working.
So, it sounds like what I need to do in order to make form data more secure
is something like this...
$isAdmin = $_POST['isAdmin'];
$myName = $_POST['
Where should you point the command --with-mysql to. The binary, header
files, what? Currently I have MySQL installed at /usr/lib/mysql/. And
this is a RedHat Linux 8.0.
Suggestions?
~ Matthew
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.p
Hello,
"MET" <[EMAIL PROTECTED]> wrote:
> Where should you point the command --with-mysql to. The binary, header
> files, what? Currently I have MySQL installed at /usr/lib/mysql/. And
> this is a RedHat Linux 8.0.
>
> Suggestions?
Try --with-mysql=/usr
- E
...[snip]...
--
PHP General Ma
You can still use extract($_POST).
It is as safe/vulernable as $_POST['isAdmin'].
In either case, use only variables that you know are yours and be certain these contain
values which you believe to be safe.
For instance, if you expect a variable called $firstname to contain a name to be
stored in
Thanks again but one more question. How would you then delete a directory?
- Original Message -
From: "1LT John W. Holmes" <[EMAIL PROTECTED]>
To: "Stephen" <[EMAIL PROTECTED]>
Sent: Friday, October 25, 2002 1:32 PM
Subject: Re: [PHP] Creating Directories
> www.php.net/mkdir
>
> ---John
I have a problem, I need to filter HTML from data but want to preserve the
tags in it, is there any function that allows this?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hello,
"Monty" <[EMAIL PROTECTED]> wrote:
> Okay, I really want to understand how to make $_GET and $_POST more secure
> because it means changing a fundamental way my scripts are now working.
>
> So, it sounds like what I need to do in order to make form data more
secure
> is something like this
You could delete all HTML tags. Then use nl2br() to re-insert the tags
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, October 25, 2002 3:28 PM
Subject: [PHP] HTML filtering
I have a problem, I need to filter HTML from data but want to preserve the
I am trying to install php-4.2.3-Win32 on MS WinXP using
apache_2.0.43-win32-x86-no_ssl.
I have followed instructions included in the php package only I have
changed:
LoadModule php4_module "C:/php/sapi/php4apache.dll"
to
LoadModule php4_module "C:/php/sapi/php4apache2.dll"
I am receiving:
apache
Hello,
Please check the manual first before posting questions. ;)
It seems like you're dealing with files/directories so you may want to read
up a bit here:
http://www.php.net/manual/en/ref.filesystem.php
"Stephen" <[EMAIL PROTECTED]> wrote:
> Thanks again but one more question. How would yo
This thread has been great! I've learned so much useful stuff.
> For instance, if you expect a variable called $firstname to contain
> a name to be stored in a SQL database, be certain it does not contain
> SQL commands which can damage your database.
This is another thing I'd be interested in
Hello,
"Chris Boget" <[EMAIL PROTECTED]> wrote:
> Ok, let me see if I have this right:
>
> When you do:
>
> $var = new myClass();
>
> $var instantiates and holds a copy of myClass. But when
> you do:
>
> $var =& new myClass();
>
> $var instantiates and references that instantiation?
>
>
Hello,
"Erich Kolb" <[EMAIL PROTECTED]> wrote:
> I am trying to install php-4.2.3-Win32 on MS WinXP using
> apache_2.0.43-win32-x86-no_ssl.
>
> I have followed instructions included in the php package only I have
> changed:
> LoadModule php4_module "C:/php/sapi/php4apache.dll"
> to
> LoadModule ph
Lets say you have a statement like:
$query = "SELECT * FROM mytable WHERE firstname=$firstname";
And if $firstname is set to:
"xyz"; DELETE FROM mytable
Then this is executed as: SELECT* FROM mytable WHERE firstname="xyz";DELETE FROM
mytable
This can wipe out your table...a bad thing...
---
Hello,
Just a few comments... And no, I'm not Jason :)
"Monty" <[EMAIL PROTECTED]> wrote:
> Hi Jason, I have a follow-up question about mkdir. If the files created by
> mkdir are owned by 'nobody', does that create a security risk for those
> files?
No, not really.
> If so, how does one get aro
Hello,
"Rick Emery" <[EMAIL PROTECTED]> wrote:
> Lets say you have a statement like:
> $query = "SELECT * FROM mytable WHERE firstname=$firstname";
>
> And if $firstname is set to:
> "xyz"; DELETE FROM mytable
>
> Then this is executed as: SELECT* FROM mytable WHERE
firstname="xyz";DELETE FROM
[EMAIL PROTECTED] wrote:
>
> I have a problem, I need to filter HTML from data but want to preserve the
> tags in it, is there any function that allows this?
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
Doesn't get any simpler...
Hello,
Just a few ideas...
"derek fong" <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I am having a major problem getting set_time_limit() to work at all
> with PHP 4.2.3 running as a CGI program under IIS for Windows 2000 (I
> originally posted this message to php-win, but am hoping someone here
> can s
"Chris Boget" <[EMAIL PROTECTED]> wrote in message
news:023501c27c62$23b74dd0$8c01a8c0@;ENTROPY...
> Ok, let me see if I have this right:
>
> When you do:
>
> $var = new myClass();
>
> $var instantiates and holds a copy of myClass.
No. The "new" operator makes a new object which is an instance o
Please do a little reading on your own.
Ulink(), I think... it's in the same manual section as mkdir().
---John Holmes...
> -Original Message-
> From: Stephen [mailto:webmaster@;melchior.us]
> Sent: Friday, October 25, 2002 4:30 PM
> To: PHP List
> Subject: Re: [PHP] Creating Directories
No, this can't happen. There can only be one SQL query per
mysql_query().
Google for SQL injection or something and I'm sure you'll find examples.
---John Holmes...
> -Original Message-
> From: Rick Emery [mailto:remery@;emeryloftus.com]
> Sent: Friday, October 25, 2002 4:59 PM
> To: Chr
> This thread has been great! I've learned so much useful stuff.
>
> > For instance, if you expect a variable called $firstname to contain
> > a name to be stored in a SQL database, be certain it does not
contain
> > SQL commands which can damage your database.
>
> This is another thing I'd be i
[snip]
> There are many places (websites) wherein you can choose the country
from a
> pulldown menu. This prevents somebody (somehow) from posting something
> illegal. Besides, if the values assigned are numbers (e.g. value="100">My Country) then you can check whether the value
> is_numeric() or s
Hello everybody,
I want to allow the client to upload a text file on my web server, so I use
this code :
Uploaded files details
", $HTTP_POST_FILES["userfile"]["name"]);
printf("Temporary Name : %s ",
$HTTP_POST_FILES["userfile"]["tmp_name"]);
printf("Size : %s ", $HTTP_POST_FILES["userf
This is all really simple, actually. Get in the habit, now, of just
using $_POST['var'] directly. Quit assigning it to a simpler variable
name. It's really not that hard to type.
Next, you should never use an _POST, _GET, or _COOKIE var directly in an
SQL query or in anything that echo's it back
You can still create a sub-query to do the damage.
Jason
-Original Message-
From: John W. Holmes [mailto:holmes072000@;charter.net]
Sent: Friday, October 25, 2002 4:01 PM
To: 'Rick Emery'; 'Chris Boget'; [EMAIL PROTECTED]; 'Monty'
Subject: RE: [PHP] extract($_POST)
No, this can't happen
I'm not sure of the backwards compatibility, but if you're running PHP
4.2.x (I think? Maybe it came in earlier) .. use the $_FILES global
variable, in place of $HTTP_POST_FILES. The array is exactly the same:
$_FILES[name_of_file][attributes]
Hopefully this helps?
-Jason
Cyrille Andres wrote
1 - 100 of 126 matches
Mail list logo
