Search Results

Search found 43347 results on 1734 pages for 'php security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 356/1734 | < Previous Page | 352 353 354 355 356 357 358 359 360 361 362 363  | Next Page >

  • PHP - Using strcpsn() to protect against SQL injection?

    - by MichaelMitchell
    I am making a sort of form validation system and I need to check the SQL database to see if the username is already there. So, my question, is it effective to use a little if statement like this to protect against an attack? if (strcspn($string, "/\?!@#$%^&*()[]{}|:;<>,.\"\'-+=" == strlen($string)){ return true; } So essentially, if the string contains any of these characters, "/\?!@#$%^&*()[]{}|:;<>,.\"\'-+=", then the length will not equal that of the original $string. I am just wondering if this is sufficient to protect, or if there is more that I must do. Thanks.

    Read the article

  • Optimizing memory usage and changing file contents with PHP

    - by errata
    In a function like this function download($file_source, $file_target) { $rh = fopen($file_source, 'rb'); $wh = fopen($file_target, 'wb'); if (!$rh || !$wh) { return false; } while (!feof($rh)) { if (fwrite($wh, fread($rh, 1024)) === FALSE) { return false; } } fclose($rh); fclose($wh); return true; } what is the best way to rewrite last few bytes of a file with my custom string? Thanks!

    Read the article

  • Converting a PHP array to class variables.

    - by animuson
    Simple question, how do I convert an associative array to variables in a class? I know there is casting to do an (object) $myarray or whatever it is, but that will create a new stdClass and doesn't help me much. Are there any easy one or two line methods to make each $key => $value pair in my array into a $key = $value variable for my class? I don't find it very logical to use a foreach loop for this, I'd be better off just converting it to a stdClass and storing that in a variable, wouldn't I? class MyClass { var $myvar; // I want variables like this, so they can be references as $this->myvar function __construct($myarray) { // a function to put my array into variables } }

    Read the article

  • Free PHP framework/library for single-sign on / cross domain login

    - by Dennis Cheung
    I am looking for free (non GPL is better) SSO framework/library implementation or code samples. There are many kind of SSO implementation. Sharing cookie, sharing session, one time token, associative accounts, etc, etc. (BTW, any good article compare them?) Is there any keyword I should google and reuse before before I start to implement our own wheel. I know OpenID, but which is too much and it is not our need. We rather keep it KISS. We just want share the credentials of user that could save users from another login form.

    Read the article

  • PHP/MySQL - updateing 2 tables in one request

    - by Phil Jackson
    Morning, I want to learn more about sql and I'm wanting to update to tables; $query3 = "INSERT INTO `$table1`, `$table2` ($table1.DISPLAY_NAME, $table1.EMAIL_ACCOUNT, $table2.DISPLAY_NAME, $table2.EMAIL_ACCOUNT) values ('" . DISPLAY_NAME . "', '" . EMAIL_ADDRESS . "', '" . $get['rn'] . "', '" . $email . "')"; could some one point me in the right direction on how I would go about this? current error is You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' contacts_ACT_Web_Designs (contacts_E_Jackson.DISPLAY_NAME, contacts_E_Jackson' at line 1 regards, phil

    Read the article

  • SQL return error within PHP

    - by Luke
    I use GET to get the id of a result. $id = $_GET['id']; I then use the following code: <? $q = $database->friendlyDetails($id); while( $row=mysql_fetch_assoc($q) ) { $hu = $row['home_user']; $ht = $row['home_team']; $hs = $row['home_score']; $au = $row['away_user']; $at = $row['away_team']; $as = $row['away_score']; $game = $row['game']; $name = $row['name']; $match = $row['match_report1']; $compid = $row['compid']; $date = $row['date_submitted']; $sub = $row['user_submitted']; } ?> And friendDetails- function friendlyDetails($i) { $q = "SELECT * FROM ".TBL_SUB_RESULTS." INNER JOIN ".TBL_FRIENDLY." ON ".TBL_FRIENDLY.".id = ".TBL_SUB_RESULTS.".compid WHERE ".TBL_SUB_RESULTS.".id = '$i'"; return mysql_query($q, $this->connection); } For some reason, the code will only return what is under id =1. Can anyone see anything obvious I am doing wrong?

    Read the article

  • PHP: prepared statement, IF statement help needed

    - by JGreig
    I have the following code: $sql = "SELECT name, address, city FROM tableA, tableB WHERE tableA.id = tableB.id"; if (isset($price) ) { $sql = $sql . ' AND price = :price '; } if (isset($sqft) ) { $sql = $sql . ' AND sqft >= :sqft '; } if (isset($bedrooms) ) { $sql = $sql . ' AND bedrooms >= :bedrooms '; } $stmt = $dbh->prepare($sql); if (isset($price) ) { $stmt->bindParam(':price', $price); } if (isset($sqft) ) { $stmt->bindParam(':price', $price); } if (isset($bedrooms) ) { $stmt->bindParam(':bedrooms', $bedrooms); } $stmt->execute(); $result_set = $stmt->fetchAll(PDO::FETCH_ASSOC); What I notice is the redundant multiple IF statements I have. Question: is there any way to clean up my code so that I don't have these multiple IF statements for prepared statements?

    Read the article

  • Getting information from an XML object in PHP

    - by errata
    Hi! I am using some XML parser to get some information from API, blah blah... :) In one place in my script, I need to convert string to int but I'm not sure how... Here is my object: object(parserXMLElement)#45 (4) { ["name:private"]=> string(7) "balance" ["data:private"]=> object(SimpleXMLElement)#46 (1) { [0]=> string(12) "11426.46" } ["children:private"]=> NULL ["rows:private"]=> NULL } I need to have this string "11426.46" stored in some var as integer. When I echo $parsed->result->balance I get that string, but if I want to cast it as int, the result is: 1. Please help! Thanks a lot!

    Read the article

  • Regex: Match words in sentence PHP

    - by Granit Luzhnica
    Hi, I have an array with words like $arr = arra("go", "walk", ...) I would like to replace these words with links f they are matched in sentences. But it should be only if they match exactly (for example "walk" should match "Walk" or "walk!" but not also "walking") And the replacement should be a simple link like: < a href='#walk' walk< /a Anybody Any idea?

    Read the article

  • JavaScript doesn't parse when mod-rewrited through a PHP file?

    - by Newbtophp
    If I do the following (this is the actual/direct path to the JavaScript file): <script href="http://localhost/tpl/blue/js/functions.js" type="text/javascript"></script> It works fine, and the JavaScript parses - as its meant too. However I'm wanting to shorten the path to the JavaScript file (aswell as do some caching) which is why I'm rewriting all JavaScript files via .htaccess to cache.php (which handles the caching). The .htaccess contains the following: <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^js/(.+?\.js)$ cache.php?file=$1 [NC] </IfModule> cache.php contains the following PHP code: <?php if (extension_loaded('zlib')) { ob_start('ob_gzhandler'); } $file = basename($_GET['file']); if (file_exists("tpl/blue/js/".$file)) { header("Content-Type: application/javascript"); header('Cache-Control: must-revalidate'); header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 3600) . ' GMT'); echo file_get_contents("tpl/blue/js/".$file); } ?> and I'm calling the JavaScript file like so: <script href="http://localhost/js/functions.js" type="text/javascript"></script> But doing that the JavaScript doesn't parse? (if I call the functions which are within functions.js later on in the page they don't work) - so theirs a problem either with cache.php or the rewrite rule? (because the file by itself works fine). If I access the rewrited file- http://localhost/js/functions.js directly it prints the JavaScript code, as any JavaScript file would - so I'm confused as to what I'm doing wrong... All help is appreciated! :)

    Read the article

  • Referral System PHP

    - by Liam
    I have a membership based website and im planning on implementing a referral system. My website is credit based, the idea is that if User X refers User Y, then User X gets 100 bonus credits. Has anybody built a referral system before and if so what obstacles should I bear in mind? I've had a snoop round SO tonight but couldn't find any suitable answers. My theory is to give each user a random string which is generated and stored in the DB when they sign up, The user will then be presented with a URL incl. that string which when they pass to somebody (User Z), User Z is then sent to a page, the page then uses the GET method to gather the Random string and update the DB Row they currently occupy, does this sound feasible or could it easily be breached? Thanks

    Read the article

  • PHP difference between notice and warning

    - by Stegeman
    When writing code errors, warnings and notices can occur. I know the idea behind errors. I suppose a warning is there to inform you about something that can cause an error, but isn't a notice exaclty the same? I suppose a notice is not a message of something doing right ;). It's just a bit confusing to me. Can anybody tell the difference between those two and the way these messages should be treated.

    Read the article

  • PHP array of object(stdClass) fusion/intersect?

    - by Gremo
    $arr1 is an associative array of anonymus objects: array 15898 => object(stdClass)[8] public 'date' => int $arr2 is another associative array with two (or more, it's not fixed) properties: array 15898 => object(stdClass)[10] public 'fruits' public 'drinks' I can't find any function for intersect and content fusion when dealing with objects. Basically i'd like to obtain: array 15898 => object(stdClass)[8] public 'date' => int public 'fruits' public 'drinks' Question is: is this even possible?

    Read the article

  • unhandled errors in php

    - by lexus
    How can I know during runtime that my code threw a Warning? example try { echo (25/0); } catch (exception $exc) { echo "exception catched"; } throws a "Warning: Division by zero" error that i can not handle on my code.

    Read the article

  • PHP concatenate variable

    - by Jerry
    Hi guys. Might be an easy question for you guys. can't find it on google. I am trying to concatenate two variables name; $i=0; for ($i=0;$i<5;$i++){ if($array[$i]>0){ $test.$i=//do something }else{ $test.$i=//do something } } //echo $test0 gives me nothing. //echo $test1 gives me nothing. I know I can't use $test.$i but don't know how to do this.Any helps? Thanks!

    Read the article

  • Creating a calendar in PHP

    - by Chris T
    Are there any APIs or libraries that make it easy to generate a calendar for a certain month/year? I need to have some sort of admin interface for a "event planner" part of a CMS for a local youth group and I'm at a loss as to how to generate a decent calendar. Note: I only need something to generate the calendar HTML, not manage events. I'll be coding that part.

    Read the article

  • PHP MySQL Syntax Error 'You have an error in your SQL syntax'

    - by Alec
    I cannot figure out the issue with my code here. I am trying to take info from the table, then subtract 1 second from Current_Time which looks like '2:00'. The problem is, I get: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Current_Time) VALUES('22')' at line 1" I don't even understand where it gets 22 from. Thanks, I really appreciate it. if (isset($_GET['id']) && isset($_GET['time'])) { mysql_select_db("aleckaza_pennyauction", $connection); $query = "SELECT Current_Time FROM Live_Auctions WHERE ID='1'"; $results = mysql_query($query) or die(mysql_error()); while ($row = mysql_fetch_array($results)) { $newTime = $row['Current_Time'] - 1; $query = "INSERT INTO Live_Auctions(Current_Time) VALUES('".$newTime."')"; $results = mysql_query($query) or die(mysql_error()); } }

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 352 353 354 355 356 357 358 359 360 361 362 363  | Next Page >