Personally, I'd rather have the error messages go SOMEWHERE useful, and
write custom error handler to put "nice" error messages to the browser
that reveal nothing.
If things go wrong in my script/software/hardware/network, I don't want
the system to just silently FAIL and swallow errors.
Yes, it'
On Wed, May 11, 2005 4:58 am, Kit DeKat said:
> Richard Lynch wrote:
>
>>You could do all this...
>>
>>Or you could just move the files outside your web tree and change your
>>include path. [shrug]
>>
>>
> This is probably true, but I was thinking of a virtual hosting
> environment where its easie
On Wed, May 11, 2005 5:15 am, [EMAIL PROTECTED] said:
> I have a site and the other days i received a message from a guy that told
> me my site is vulnerable to mysql injections. I do not know how can i
> prevent this. The server is not configured or it's all about the script?
It should also be no
On Wed, May 11, 2005 3:36 am, M. Sokolewicz said:
> [EMAIL PROTECTED] wrote:
>
>> Hi,
>> This is not the proper list to put this question but i hope you can help
>> me.
>> Does anyone know a good tutorial about mysql injections?
>>
>> Thanks a lot for your help
>>
>>
> what's there to make a tutori
On Wed, May 11, 2005 5:32 am, Carl Furst said:
> Yeah, the solution I use was posted to the user comments on the strtr
> command page which is also documented as a better solution than
> str_replace
> except for the one caveat that it will only try and change a character
> once,
> and some of the h
{ } became special characters in PHP strings, at some point...
You may or may not be able to change a php.ini setting to change that...
I wouldn't have expected it to change from 4.3.10 to 4.3.11, but I don't
really KNOW when it changed. I suck at tracking version numbers and small
changes with
On Wed, May 11, 2005 12:26 am, Mario Lopez said:
\> I would like to measure how much users per minute
> can handle my php script, mysql db and apache server
>
> also, would like to determine how much users can be
> served at the same time and how script execution time
> changes in this case
>
> if
On Wed, May 11, 2005 6:44 pm, Dan Rossi said:
> I've done this by serializing and unserializing the the object. Its
> been discussed however using shared memory, shm is a better way to do
> it ? Sadly sh doesnt compile as default.
Shared memory would maybe be faster, but then ALL your PHP scripts
On 5/11/05, Richard Lynch <[EMAIL PROTECTED]> wrote:
> Is mysql_real_escape_string *DIFFERENT* in some incredibly huge secure way
> that I want to stop working on all my current projects to go re-write the
> 10,000,000 lines of code?
2 words: Search & Replace.
--
PHP General Mailing List (http://
On Thursday 12 May 2005 09:57, Richard Lynch wrote:
> On Wed, May 11, 2005 5:23 pm, Jason Wong said:
> > But now that mysql_real_escape_string() is available that is what you
> > ought to use.
>
> But are they REALLY different.
mysql_real_escape_string() is most certainly different from
mysql_esc
> I dunno what the hell 0x96 is in MS Word, but if you want a dash, use an
> ASCII dash and be done with it. :-)
>
> Or, if you REALLY want that "ASCII extended" Linux dash (assuming it
> exists) I'm sure you can strtr(0x96, 0xYY, $string) and get it.
>
> Then it won't work on Windows, of course,
Kristen G. Thorson wrote:
I don't understand what you're trying to do. Do you want two separate
list boxes, one for product types and one for makers? If so, use two
queries. Use the same block of code you have for product types to
populate the makers box. If that's not what you're looking fo
Hi there,
I am curious if PHP is now able to pars xml without aditional tools like xmlrpc.
If yes which version is required? Is the current php 4.x tree sufficient?
Thanx, Merlin
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
101 - 113 of 113 matches
Mail list logo
