[PHP] Re: select * From ????

2002-12-15 Thread Seraphim 

> Print "$row[titletext]";
> Print "$row[img]";

check if the img field in the returned row even has a value or try:
$row[0] and $row[1] instead of $row['titletext'] and $row['img']

-Peter



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: security in guest book and user forums

2003-01-04 Thread Seraphim 
Anders Thoresson wrote:
>   I've seen both guest books and user forums "hacked" by users who
> enter javascript or other code, and that way redirects vistors to
> other sites or do other unwelcome things. What expressions should I
> look for and not allow in my forms?

I use the htmlspecialchars() function to disable all html. This function
basically puts a '\' in front of eacht html character and thus disables all
html.
You may not want to do this if you want to allow, for example  or
other friendly html. If so you can use a regex to disable the

[PHP] Re: Max Limit of post variables

2003-02-06 Thread Seraphim 
Stuart Donald wrote:
> I am trying to generate an html form with approximately 3000 post
> variables (1500 input type text and 1500 hidden, I am mimicing a grid
> control).   The page will handle several hundred but it crashes with
> more. Is there a limit to the number of variables that can be sent
> post.
>
> Or is it possible I am violating some html tag rules  and the browser
> does not have a too much problem with the few hundred post variables.

I thought there is a limit, though I never tried to remember it for I
thought it would always be enough..
You can also try to send it using an array as variable or use sessions.

-Peter



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: Forking PHP

2003-02-06 Thread Seraphim 
Adam Voigt wrote:
> Anyone know a way to make PHP on windows fork itself into the
> background?
> Doesn't matter if it's a windows trick or whatever, aslong as it's
> possible so that
> it doens't appear in the start bar, thats fine.

You have to start it as a service I think you need to be logged in as
administrator on win2000 and I'm not to sure if its possible under w98

-Peter



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: problems with ==?

2003-02-07 Thread Seraphim 
Peter Gumbrell wrote:
> In the following code
>
> $view = $HTTP_GET_VARS[view];
> print $view;
> if ($view == "vendor")
> { code here
> }
>
> print $view produces 'vendor'
>
> but the if statement in the next section isn't being triggered. Can
> anyone see what is wrong here? I have tried double quotes, single
> quotes and no quotes around 'vendor' but none of them work.

You forgot the qoutes around the array argument:
$HTTP_GET_VARS[view] should be $HTTP_GET_VARS['view'].

-Peter



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php