Ian Barnes wrote:
> Hi,
>
> $sql1 = "UPDATE members SET $pass WHERE id = '$editid'";
you might consider that $editid is not what you think.
use var_dump() et al to discover what is really in each var.
>
> Thats whats on 199. ON line 198 i have: $pass = $_POST['pass'];
which means I can inject
Hi,
$sql1 = "UPDATE members SET $pass WHERE id = '$editid'";
Thats whats on 199. ON line 198 i have: $pass = $_POST['pass'];
Thanks,
Ian
On 11/29/06, Jochem Maas <[EMAIL PROTECTED]> wrote:
Ian Barnes wrote:
> Hi,
>
> We recently upgraded our primary webserver to php 5 from php4 and we are
Ian Barnes wrote:
> Hi,
>
> We recently upgraded our primary webserver to php 5 from php4 and we are
> now
> getting the following errors on the site:
>
> *Catchable fatal error*: Object of class stdClass could not be converted to
> string in /home/www/somesite/somfile.php on line *199
>
> *Arou
Hi,
We recently upgraded our primary webserver to php 5 from php4 and we are now
getting the following errors on the site:
*Catchable fatal error*: Object of class stdClass could not be converted to
string in /home/www/somesite/somfile.php on line *199
*Around that area in the code is some code
4 matches
Mail list logo
