I would like, in my app, to recover from as many run-time errors as possible,
so that I can tidy up. And unsolicited output generated by the standard error
system is really unhelpful as it becomes part of the ajax reply to the browser.
So I've added my own error handler, but it seems that I can'
Sean Greenslade wrote:
>>
>
> [MASSIVE
SNIP]
>
> Well, from what I saw while wading through your
code, you allow
> unsanitized
> variables to be
concatenated to your queries. Big no-no! For ANY
>
client-generated variable, always sanitize with
mysql_real_escape_string.
> In
> fact, sanitize al
>[SNIP]
> added and else clause.
> while ($_parent != 0)
> {
> if
> ($num_rows > 0)
>{
>
> perform some action
>}
>else
>{
> $_parent =
> "0";
>}
> }
>
> and that solved the
> problem.
>
> Thank you, everyone for your help.
>
> Curtis
A small remark:
I think it is good
On 14 May 2011 12:33, Tim Streater wrote:
> I would like, in my app, to recover from as many run-time errors as possible,
> so that I can tidy up. And unsolicited output generated by the standard error
> system is really unhelpful as it becomes part of the ajax reply to the
> browser.
>
> So I'
4 matches
Mail list logo
