--- "Ford, Mike" <[EMAIL PROTECTED]> wrote:
> To view the terms under which this email is
> distributed, please go to
> http://disclaimer.leedsmet.ac.uk/email.htm
>
>
>
> > -----Original Message-
> > From: Stuart Felenstein
> > Sent:
When using $_POST vars is it required that a form is
used ?
In other words I can create an href link and echo
variable and pick them up using $_GET in the following
page.
No so with $_POST ?
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/un
Generally, when I set up a form where, for example,
I'll be taking multiple selections from a list I would
set the variable / element name as "myvar[]". So I
have the brackets [] after the variable name to make
it an array.
What I want to know is there a way to get around the
use of this syntax
--- "Ford, Mike" <[EMAIL PROTECTED]> wrote:
> > > If in doubt, print it out (TM)
> > >
> > > echo '$Ind', "$Ind", $Ind;
> > >
> > $Ind
> > '1','2','3','4'
> > '1','2','3','4'
> >
> > Funny, they are both the same.
>
> "Both"? There are three things printed out there,
> so "both" cannot be
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> I think will call it a day for this thread.
As I suspected a loop was needed to make this work.
In the event that there are other idiots, such as
myself, that don't immediately figure out the exact
logic I'll post the code:
//The sql is Adodb syntax
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> > Here is just another variation of my multiple
> select
> > list.
> > > ($rsinds->Fields('CareerIDs')== 5) {echo
> "SELECTED";}
> > ?>> > $rsinds->Fields('CareerCategories')?>
> >
> > Here I was just testing with a specific value.
> > the line == 5 wi
--- David Robley <[EMAIL PROTECTED]> wrote:
> On Mon, 13 Dec 2004 00:56, Stuart Felenstein wrote:
>
> >
> > --- Jason Wong <[EMAIL PROTECTED]> wrote:
> >
> >>
> >> If in doubt, print it out (TM)
> >>
> >> echo &#x
--- Jason Wong <[EMAIL PROTECTED]> wrote:
>
> If in doubt, print it out (TM)
>
> echo '$Ind', "$Ind", $Ind;
>
$Ind
'1','2','3','4'
'1','2','3','4'
Funny, they are both the same.
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> On Sunday 12 December 2004 18:15, Stuart Felenstein
> wrote:
>
> > Still stuck on this one. I know I'm doing
> something
> > wrong and wouldn't mind some correction:
>
> Did you mockup some test HTML
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> > I'm pretty sure I need to loop through the $_Get
> of
> > the array. Not sure , and haven't found anything
> > that shows this.
>
> Yes, you need to reference $_GET to see whether an
> option was selected and
> change the echo above accordingly.
>
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> > Close but no cigar. Since $Ind is already
> imploded my
> > thinking is it need not be incremented in the echo
> > statement ?
>
> You tell me, print_r() and var_dump() it before you
> use it and decide whether
> it is correct.
>
> One final thing
--- [EMAIL PROTECTED] wrote:
> you (just) need to mark the previously chosen items
> as "selected" in
> the repopulated list. the "highlighting" part is a
> basic html/form
> issue. i.e., if you have questions on this you
> should look at how, on
> a simple (html-only) form, an item on a list i
I'm hoping that this question will be more succinct.
I am trying to repopulate a search form with a user's
chosen paramters. I am running into a problem with
"multiple select lists"
First , this is the element when the form is first
presented to the user:
'.$row['CareerCategories'].'';
}
?>
So
--- Stuart Felenstein <[EMAIL PROTECTED]> wrote:
I am ending this thread.
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- Richard Lynch <[EMAIL PROTECTED]> wrote:
> > I made the correction , using $_GET now. Values
> are
> > printing out, aside from the select lists (arrays)
> > which print out as "array".
>
> Yes.
>
> An array will print as "Array"
>
> You'll need to dig into the Array for what you need,
>
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> > Nothing is printing out on $_POST['var'] or $var
> > s makes sense.
>
> Now why are you looking in $_POST for your form
> values? They're in $_GET. You
> said earlier that you understood POST and GET?
I made the correction , using $_GET now. Value
--- "Ford, Mike" <[EMAIL PROTECTED]> wrote:
> AARRGGHHH! Vague, generalized, woolly!!
>
> SHOW US the relevant bits of code. SHOW US what you
> get printed out,
> especially anything that isn't what you expect, and
> tell us exactly what you
> did expect.
> SPECIFICS, man, SPECIFICS!!
>
> S
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> Now in an earlier response I asked you to track your
> variables and see at
> which point they cease to contain what you expect
> them to contain. Did you do
> that? If you're not doing *your* part to help solve
> *your* problem then what
> are you ex
--- "Ford, Mike" <[EMAIL PROTECTED]> wrote:
> echo nl2br(htmlspecialchars($text)) is my usual
> mantra for this.
>
nl2br will give you back the correct formatting, but
will leave 's in the output.
I just went through this issue the other day, what I
found worked for me was:
htmlspecialchars('s
--- "Ford, Mike" <[EMAIL PROTECTED]> wrote:
> Please, stop giving us vague, generalized
> descriptions of your application,
> and how it is or isn't working "right", and vague,
> generalized descriptions
> of the data it's supposed to be working with.
I don't believe that the description of my
> --- Richard Lynch <[EMAIL PROTECTED]> wrote:
>
> > Then your new script is broken, as clearly the GET
> > paramters *ARE* there.
>
> Sorry, I'm not following you. Where are my GET
> parameters ? The way I've built my present script
> is
> the reults page is grabbing the parameters. Do I
> n
--- Richard Lynch <[EMAIL PROTECTED]> wrote:
> Then your new script is broken, as clearly the GET
> paramters *ARE* there.
Sorry, I'm not following you. Where are my GET
parameters ? The way I've built my present script is
the reults page is grabbing the parameters. Do I need
to set up GET pa
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> > Basically I'm throwing this out though since I'm
> > wondering if there is something that should be in
> the
> > search script , that when I apply a query string
> to it
> > would fill in the field (like magic hands)
>
> Yeah I wish I had some magic
--- "Ford, Mike" <[EMAIL PROTECTED]> wrote:
> > Lastly, I wasn't concerned about the hex code, but
> I just made some reconnections of scripts. Users
> can save their search parameters. I am saving the
> query string. Now I had this set up before and the
> way it "was" working , is when the u
--- "Ford, Mike" <[EMAIL PROTECTED]> wrote:
> Are you seeing the URL-encoded version *only* in
> your browser's
> Address/Location bar? If so, that's perfectly
> normal and nothing to worry
> about -- it should be automatically decoded by the
> Web server before being
> passed to PHP.
>
> If y
In my search page, the url returned comes back with
the ..err I forget what it's called, but query string
looks like this: %5B%5D=3. I think the %5B and 5D
should be [].
What I think is needed is rawurldecode. I've looked
through my code and think it belongs somewhere in this
block:
$queryStrin
I haven't try this yet but wondering if it's possible.
Can I do something like this:
select fieldone from table ;
$myvar = $fieldone ?
And more so could I do it with a where clause ?
i.e. select fieldone from table where fieldone = 3
$myvar = $fieldone ?
This is probably a stupid question.
--- Mike Smith <[EMAIL PROTECTED]> wrote:
> How about:
>
>
> if ( is_array($_SESSION['schools'] ) ) {
> foreach($_SESSION['schools'] as $h) {
> If($h!=""){ //First added line
> $query = "INSERT INTO Prof_Schools (ProfID, School)
> VALUES ('$LID', '$h')";
> $res6 = run_query($query);
> echo $quer
I have arrays set up in a user form. One type is from
a multi-select list. (I'm passing these through a
multi page form as session variables)
The multi select list array code is like this:
To $_POST (going on to next page)I have this:
$_SESSION['industry'] = $_POST['L_Industry'];
Then in the f
I'm building a search form where users can search for
people by zip code. Trying to get an opinion here.
Well maybe more then just one.
Should I have seperate textfields, say (arbitrary) 3 ,
where they can put in 1 zip code per field. Or do I
do it with one text field , using delimited entries
--- Graham Cossey <[EMAIL PROTECTED]> wrote:
How embarassing. I had a typo
elements were School
variables were school
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- Graham Cossey <[EMAIL PROTECTED]> wrote:
> You have got session_start(); at the top of each
> script haven't you?
Absolutely, And the other variables are all working.
> Is the SID being passed down the chain of scripts?
> Is this done by cookie or url?
>
cookie -or session.
Stuart
--
--- Marek Kilimajer <[EMAIL PROTECTED]> wrote:
> print_r($_SESSION['schools']); here
>
> >
> > Then finally on the transaction page, some pages
> down
> > the road:
> >
>
> and also print_r($_SESSION['schools']); here
>
> > foreach($_SESSION['schools'] as $school)
> > {
> What have you f
I thought this one was under my control. Apparently
not.
I'm getting a "Warning: Invalid argument supplied for
foreach() in /home/mysite/public_html/mypage.php on
line 143
First, I have 3 form elements
school[]
school[]
school[]
Here is how I initialize the session variable (after
user it's
I'm getting a:
Parse error: parse error, unexpected '%' in
/home/mysite/public_html/userpage.php on line 120
Fields('DATE_FORMAT(LstUpdate,'%m/%d/%Y')');
?>
Fields('DATE_FORMAT(InitOn,'%m/%d/%Y')');
?>
Fields('DATE_FORMAT(PostStart,'%m/%d/%Y')');
?>
Using this format /syntax
--- Graham Cossey <[EMAIL PROTECTED]> wrote:
> Hi Stuart
>
> Have you looked at the HTML generated by your PHP
> code?
> Using view source you'll see what values each of
> your 3 forms contains and
> therefore what will be submitted in the POST. My
> guess from one of your
> previous posts is th
--- David Bevan <[EMAIL PROTECTED]> wrote:
> Would it be possible to see the code that generates
> the grid?
> Both the php and HTML.
> --
I'm preferring not to post the code solely becasue I
don't want to expose all my database fields here. Of
course this may cost me the help I need.
I'm do
--- Daniel Schierbeck <[EMAIL PROTECTED]> wrote:
> I'd go with a POST form and a JavaScript
>
>
>
> onclick="document.grid['hidden'].value='123'"
> value="foobar" />
>
>
Yes , that is exactly what I'm doing but it's
returning only the last record.
So here below is an example of
--- Jay Blanchard
<[EMAIL PROTECTED]> wrote:
> Without a lick of code or a pointer to the grid on
> the web we would be
> hard pressed to offer solutions or advice. Arrays
> maybe? Hidden form
> fields?
>
Jay, fine - I thought I could spare you the code but
address what the problem might be.
In
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> > Since the grid only is echos of the recordset
> fields,
> > how does it know the correct PrimaryID to send
> when I
> > hit the submit button. I'm thinking this is
> perhaps my
> > problem.
>
> Hidden fields, or give the submit button a name
> that's
I have set up a record grid, where the user may see a
list of their "records". Repeat region, etc.
There is a button next to each record the user may
click to allow them to update the particular record.
This all worked fine with $_GET where I did a link on
the button to send the PrimaryID over.
--- "Ford, Mike" <[EMAIL PROTECTED]> wrote:
> > //Textfields / Dropdown
> > $HTTP_GET_VARS['JTitle'];
> > $HTTP_GET_VARS['City'];
> > $HTTP_GET_VARS['Days'];
>
> And thrice ditto.
>
They looked good, gone now :)
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
--- "Chris W. Parker" <[EMAIL PROTECTED]> wrote:
> Did you purposefully ignore my previous email???
> Someone else I think
> mentioned this in another email in this thread also.
> Why are you
> assigning anything to $HTTP_GET_VARS at all? It's
> meant to retrieve
> data.
>
> // (again) this is h
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> When you're building a query string then (in
> general) there is no need for
> urldecode(). On the contrary you want to use
> urlencode(), this is done on the
> *value* of the individual parameters.
>
> And about this: $_POST["Ind[]"], it's obvious
--- "Ford, Mike" <[EMAIL PROTECTED]> wrote:
> The main problem with the above snippet that I can
> see is that there's very
> unlikely to be such a thing as $_POST["Ind[]"] --
> form fields with
> name="Ind[]" will turn up as an array in
> $_POST["Ind"] ($_POST["Ind"][0],
> $_POST["Ind"][1], etc
--- Richard Davey <[EMAIL PROTECTED]> wrote:
> Use urldecode() to get them back to "normal" again.
Changed the form action line to this:
action="searchresults.php?Ind=http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I hope this is a reasonable question:
This is the query string my search page is kicking out
to the results page. It works fine but curious about
these codes or characters. And I know this maybe
unrelated to PHP, so I'll apologize in advance:
Why is each value preceeded by the %5B%5D ? I think
--- "Gryffyn, Trevor" <[EMAIL PROTECTED]>
wrote:
> This is a PHP General mailing list, it should be for
> general, newbie,
> etc sort of questions. But the expectation is that
> the questions being
> asked were researched some ahead of time as well.
> Although that's not
> always an option and
See inline please:
--- David Bevan <[EMAIL PROTECTED]> wrote:
> Did you take the time to think about what you were
> going to do before starting
> your application?
Honestly , no I did not. What I did start out with is
a belief that there wouldn't be a need to know php. I
was using a RAD, tha
See inline:
--- "Chris W. Parker" <[EMAIL PROTECTED]> wrote:
> Stuart Felenstein <mailto:[EMAIL PROTECTED]>
> on Monday, November 15, 2004 1:10 AM said:
>
> > The way I was approaching this was to grab the
> url,
> > the part after the ? , so not
Please see inline:
--- Graham Cossey <[EMAIL PROTECTED]> wrote:
> A couple of possibilities are:
>
> Store search criteria (form entries) in MySQL
> Store query string in MySQL
So with my current form, the where statement is built
from conditions that are set (or not set) in the form.
Perhaps I
For those who recognize this topic from me and perhaps
are sick of it , my apologies :)
This is actually a different question more about logic
then syntax or functionality.
One of the uses of my search form is that users may
save their search parameters. Typical benefits, they
don't have to re-en
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> you need to build a string which looks like:
>
> Stat[1]=value1&State[2]=value2...&Stat[n]=valuen
>
> which you append to your URL like so:
>
searchresults.php?Stat[1]=value1&Stat[2]=value2...&Stat[n]=valuen
>
> This can be done using a foreach()
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> Sadly, you're really not learning much from this
> list ...
I partially disagree. I think it might be better for
me to take a more elementary approach to the language
before getting moving on to specific project issues.
> ... print_r()/var_dump() $
--- Stuart Felenstein <[EMAIL PROTECTED]> wrote:
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
After googling for quite some time I'm back asking
here. I want to be able to seperate by search and
results into two pages.
My form is set up on Search.php
I have set action"searchresults.php"
Couple of questions:
I have my array of user selected options from my form
element - Ind[]
I gather t
--- Graham Cossey <[EMAIL PROTECTED]> wrote:
> Hi Stuart
>
> Not sure what's happening with the $Ind variable,
> maybe check the $_POST
> array as you enter the script to ensure that the
> form is passing the data
> correctly. It is almost as if you are appending it
> to itself at some point.
> Y
--- Stuart Felenstein <[EMAIL PROTECTED]> wrote:
Okay, so what did I learn.
1) That a comma delimited list (from the array) to be
used correctly in the sql statement had to use the IN
word.
$sql .= " WHERE VendorJobs.Industry IN ($s_Ind)";
2) I need a space between the first
I've changed my logic around but still running into a
sql query error.
I've tried a number of things with no success. Here
is the error that returns on POST:
SELECT PostStart, JobTitle, Industry, LocationState,
VendorID FROM VendorJobs WHERE (VendorJobs.Industry =
''1','2','3''Query failed: You h
--- James Kaufman <[EMAIL PROTECTED]>
wrote:
> Right here, print the contents of $sql. That is the
> most important thing to
> know right now.
>
SELECT PostStart, JobTitle, Industry, LocationState,
VendorID FROM VendorJobs WHERE VendorJobs.Industry
IN(1','2','3','4','5','6','7','8','9','10','1
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> See the "Array" (also missing a single-quote),
> that's element [30] mentioned
> above.
>
> Summary: the missing single-quotes are the
> show-stopper.
>
I see that , but I'm not sure how that is happening.
Here is the sql:
$sql = 'SELECT PostStar
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> Yes, that was apparent from your previous post. So
> did you print out your
> query and examine it for any obvious mistakes? And
> if you couldn't spot any
> obvious mistakes then the least you could have done
> was to copy and paste the
> full query
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> Uhmm, you could try some debugging of your own
> instead of relying on the list.
> Liberally douse your code with print_r() and
> var_dump() of all your important
> variables. Do they contain what you expected? If not
> try and figure out why
> not.
Sorry, I fixed Ind , since the element is named Ind[].
Now I get a different error:
Query failed: You have an error in your SQL syntax.
Check the manual that corresponds to your MySQL server
version for the right syntax to use near
'','','Array)' at line 3
> $where = array();
> $Ind[] = "";
> $
I think I'm almost there :)
Only right now I'm getting an error message:
"Query failed: You have an error in your SQL syntax.
Check the manual that corresponds to your MySQL server
version for the right syntax to use near '' at line 3"
1)
{
$IndStr = implode("','", $Ind);
$where[] = "V
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> $row is what contains the data you're grabbing from
> the DB and you're not
> using it
>
> Jason Wong -> Gremlins Associates ->
Thank you Jason, its working now !
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: h
--- "M. Sokolewicz" <[EMAIL PROTECTED]> wrote:
> I would suggest writing it like this:
[snip]
I'm getting the page now with the "box" but no values
inside. Database conn is fine and all. I can print
out the value , just can't get them to show up inside
form element (Multiple select
Ok, hopefully I can explain this clearly, even though
I think I might be an idiot since Ive been going on
about this for a few days.
I have a table that holds values and labels
i.e. 1 = New York
2 = Boston
3 = Kansas City
4 = Amsterdam
I want to put this table into a multiple sele
--- Graham Cossey <[EMAIL PROTECTED]> wrote:
> This should result in:
>
> WHERE vendorjobs.Industry IN (2,3,5)
>
> OR
>
> WHERE vendorjobs.Industry = 2
>
> HTH
> Graham
Not sure what you mean by the above ?
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: ht
--- Sebastian Mendel <[EMAIL PROTECTED]> wrote:
>
> $where = array();
>
> if ( isset($_POST['Ind']) ) {
> $where[] = 'vendorjobs.Industry = ' . (int)
> $_POST['Ind'];
> }
> if ( isset($_POST['Days']) ) {
> $where[] = 'Date_Sub(Curdate(), interval ' .
> (int) $_POST['Days'] .
> ' day)
--- Graham Cossey <[EMAIL PROTECTED]> wrote:
> Is this something like what you are after:
>
> $sql = "SELECT col1, col2, col3, col4 as colx, col5
> FROM my_table
> WHERE col2 LIKE '%$search%'
> ORDER BY col3
> LIMIT $from, $max_results";
>
> $result = mysql_que
--- [EMAIL PROTECTED] wrote:
> This would be handled in your query, so get a SQL
> book or look into the mysql documentation...
>
> Look at the select statement, to request specific
> fields, as well as the Limit keyword to return a
> certain number of results per page.
> -B
>
So there is no
I'm building a search function and I think most of the
search part is solid.
Now I'm trying to figure out the results part.
Since my results would return about 7 fields per
record, I'm thinking mysql_fetch_row over mysql
results works better ?
But I don't want every field from the row returned,
o
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> Why not build your sql query according to whether or
> not whatever you want is
> selected or not. That way debugging is easier as
> you won't be looking at
> queries that contain redundant "... AND 0 ...".
>
Jason, How would I do that ? Care to sh
--- Jon Hill <[EMAIL PROTECTED]> wrote:
> You might want to try looking up the syntax for left
> join queries.
> I think this might be what you are after.
>
> http://dev.mysql.com/doc/mysql/en/JOIN.html
>
It has nothing to do with left joins. It works fine
provided I do one of two things, make
I am creating a database search form and results.
Running into a problem though.
I have two form elements, both that are fed by tables
that have int values (1, 2 , etc)
my sql statement is such:
SELECT vendorjobs.PostStart, vendorjobs.JobTitle,
vendorjobs.Industry, vendorjobs.VendorID,
vendorjobs
--- Ben Ramsey <[EMAIL PROTECTED]> wrote:
> I'm not exactly sure what the SQL statement you have
> above is supposed
> to do, but you could just do something like this:
>
> $curdate = date('Y-m-d H:i:s');
> $sql = "SELECT * FROM records WHERE '$curdate' <=
> PostStart;";
>
I'm having some pro
I have a form element which allows a user to go back
"x number of days" in the records.
$sql.=sprintf("SELECT * FROM records WHERE
Date_Sub(Curdate(), interval day) "$%s" <=
PostStart")
This formula works when I actually hardcode the number
of days in where this mess --> "$%s" is right now.
I
Never mind , I found it!
http://www.w3.org/
TR/xhtml1/DTD/xhtml1-transitional.dtd">
One of these days I'll master the header function ;)
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- Richard Davey <[EMAIL PROTECTED]> wrote:
some
> text or
>white-space, aborting';
> }
> else
> {
> Richard Davey
I think white space is my problem. What causes white
space ?
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Say I have a script that processes input data. How do
I get the script to work, where after processing the
user is taken to another page ? The script outputs
nothing to the screen and will end either in failure
or success.
Seems header won't work for me.
Stuart
--
PHP General Mailing List
Can anyone give me a clue what I have done wrong here.
//These would be passed as ints:
array_walk($l_industry, 'mysql_escape_string');
Warning: Wrong parameter count for
mysql_escape_string() in
/xxx//public_html/Test2.php on line 104
//These would be passed as ints:
array_walk($l_tterm, 'my
This array_walk() looks like a good function
Would this be a legitimate call:
array_walk($myarray, 'mysql_real_escape_string');
?
Thank you,
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> 2) Lookup array_map() and understand what it does.
>
> 3) stripslashes_deep() is a recursive function (ie.
> it calls itself). You
> should find a good tutorial on recursive functions
> to learn exactly what it
> does.
Thank you Jason.
Another thi
--- Stuart Felenstein <[EMAIL PROTECTED]> wrote:
On second thought, I have a question. What is the
$value in the example ?
Does that mean I put in my own values ?
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- Jordi Canals <[EMAIL PROTECTED]> wrote:
> In the manual
>
http://es2.php.net/manual/en/function.get-magic-quotes-gpc.php
> you have an example just for that. Take a look to
> the Example 2.
>
Ok, that makes sense. Thank you .
Stuart
--
PHP General Mailing List (http://www.php.net/)
To u
I asked a question yesterday about this but I think my
question is now more fine tuned:
Right now I have about 50+ session variables that will
be inserted into my mysql database in a transaction.
I need to do the mysql_real_escape_string and because
magic_quotes_gpc is turned on stripslashes as w
--- Daniel Schierbeck <[EMAIL PROTECTED]> wrote:
> Where are you redirecting the client to? An error
> page?
Either an error page or back out to a main page.
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- Daniel Schierbeck <[EMAIL PROTECTED]> wrote:
> I'm not quite getting what you're saying - are you
> sending the error
> messages on to a new page?! The usual and simple way
> of doing this is
> the good 'ol OR operator:
>
I'm saying, currently if there is an error and the
script needs to
I've started getting into the habit of passing error
messages through session variables, particularly on
redirects.
>From some peoples reaction on this list I gather it's
not the best practice.
What is an alternative way ? I believe it's through a
URL. not sure how to go about that method
Stuart
--- "M. Sokolewicz" <[EMAIL PROTECTED]> wrote:
(http://www.php.net/manual/en/function.mysql-real-escape-string.php)
I have my eye on example 3: The Quote_Smart function.
Do I have to list all the variables out though or is
there a way to have it check everything passing
through ?
What would ni
First I'm a bit unsure , because in the manual it
states that you must use mysql_real_escape_string on
binary data. So first question, what constitutues
binary data, a file or just an integer?
Second question - Since magic_quote_gpc is enabled on
my server (and I have no choice) - I gather I must
I'm reading PHP security paper by Chris Shiflett.
Trying to figure out what is meant by first
initializing a variable.
Now, just for the record, I'm not completely dumb.
I know you can start with a
$var = 2
What I want to know is if the variable assignment is
unknown, as in a user form.
Would
--- Ben Ramsey <[EMAIL PROTECTED]> wrote:
> You should also use mysql_real_escape_string() on
> the data from the client.
Even though Magic Quotes GPC is turned on ?
Stuart
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- Jay Blanchard
<[EMAIL PROTECTED]> wrote:
> [snip]
> May I ask why you are suggesting this function ?
>
> > You can use htmlentities() on the information
> placed
> [/snip]
>
> Because it will convert things like quotes into
> their HTML counterparts
> before you place them into the table.
I
May I ask why you are suggesting this function ?
Stuart
--- Jay Blanchard
<[EMAIL PROTECTED]> wrote:
> [snip]
> It's a mysql text field.
> [/snip]
>
> You can use htmlentities() on the information placed
> into the field
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe,
--- "Vail, Warren" <[EMAIL PROTECTED]> wrote:
> I also don't know if MySQL will police things input
> to a text column to make
> sure they are valid ascii text characters.
>
No Mysql won't do it. PHP validation would have to be
involved.
Stuart
--
PHP General Mailing List (http://www.php.net
It's a mysql text field.
Stuart
--- Jay Blanchard
<[EMAIL PROTECTED]> wrote:
> [snip]
> Any thoughts ?
> [/snip]
>
> I thought I'd have lunch today, but I didn't.
>
> Is it a 'text' data type, or 'BLOB', (you said,
> "actual Mysql Text
> column, aka like a blob") because the distinction is
> ne
I have a field that is an actual Mysql Text column,
aka like a blob. I'm wondering if doing a standard
validation that checks for characters outside of the
alphanumeric range is enough. I'm imagining some
users will cut and paste from a Word or PDF doc into
the field. I've done it myself and no w
--- Jason Wong <[EMAIL PROTECTED]> wrote:
> Maybe what you had before was:
>
> if (count($myarray) > 5)
>$_SESSION['arrayerr'] = "you have selected
> too many industries";
>session_write_close();
>header ("Location: Page2.php?".SID);
>exit;
>
> And yes that h
1 - 100 of 172 matches
Mail list logo
