Search Results

Search found 322 results on 13 pages for 'escaped'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 9/13 | < Previous Page | 5 6 7 8 9 10 11 12 13  | Next Page >

  • Kohana v3, automatically escape illegal characters?

    - by Dom
    Quick question, does Kohana (version 3) automatically escape data that is passed into ORM::factory..... (and everywhere else that has to do with the database)? For example: $thread = ORM::factory('thread', $this->request->param('id')); Would the data passed in the second argument be auto-escaped before it goes in the SQL query or do I have to manually do it? Probably a stupid question and it's better to be safe than sorry, but yeah... I usually do manually escape the data, but I want to know if Kohana does this for me? Thanks

    Read the article

  • Serializing array in PHP, preventing injection

    - by Cyclone
    I'm writing a PHP script which uses serialized arrays to store data. How can I prevent injection in serialization? It would be very easy to name your account: something";s:6:"access";s:5:"admin"; for a simple example. The user could then add the rest of the needed parameters somehow. Would addslashes work for this? Does the php unserialize pick up on that as being an escaped character? If so, is it possible to apply addslashes to an entire array without iterating through? Thanks for the help!

    Read the article

  • Dollar ($) sign in password string treated as variable

    - by ncatnow
    Spent some time troubleshooting a problem whereby a PHP/MySQL web application was having problems connecting to the database. The database could be accessed from the shell and phpMyAdmin with the exact same credentials and it didn't make sense. Turns out the password had a $ sign in it: $_DB["password"] = "mypas$word"; The password being sent was "mypas" which is obviously wrong. What's the best way to handle this problem? I escaped the $ with a \ $_DB["password"] = "mypas\$word"; and it worked. I generally use $string = 'test' for strings which is probably how I avoided running into this before. Is this correct behavious? What if this password was stored in a database and PHP pulled it out - would this same problem occur? What am I missing here...

    Read the article

  • Ideal Java library for cleaning html, and escaping malformed fragments

    - by Tyler
    I've got some HTML files that need to be parsed and cleaned, and they occasionally have content with special characters like <, , ", etc. which have not been properly escaped. I have tried running the files through jTidy, but the best I can get it to do is just omit the content it sees as malformed html. Is there a different library that will just escape the malformed fragments instead of omitting them? If not, any recommendations on what library would be easiest to modify? Clarification: Sample input: <p> blah blah <M+1> blah </p> Desired output: <p> blah blah &lt;M+1&gt; blah </p>

    Read the article

  • Converting an array to JSON and passing that to asmx

    - by user96403
    Hi. I am trying to use JSON.stringify() (from json2.js of json[dot]org ) to convert a JavaScript array to JSON string and to pass it to an asmx web method. I use jQuery AJAX. The call reaches the web method where I take a List <Object> as parameter but I get an empty list there in debug mode. My JSON string looks like well formed with all data , I even tried having single-quotes and double-quotes(escaped) around the 'names' of the JSON string. Please help.

    Read the article

  • How do browsers/PHP handle characters outside the set characterset?

    - by Maarten
    I'm looking into how characters are handled that are outside of the set characterset for a page. In this case the page is set to iso-8859-1, and the previous programmer decided to escape input using htmlentities($string,ENT_COMPAT). This is then stored into Latin1 tables in Mysql. As the table is set to the same character set as the page, I am wondering if that htmlentities step is needed. I did some experiments on http://floris.workingweb.nl/experiments/characters.php and it seems that for stuff inside Latin1 some characters are escaped, but for example with a Czech name they are not. Is this because those characters are outside of Latin1? If so, then the htmlentities can be removed, as it doesn't help for stuff outside of Latin1 anyway, and for within Latin1 it is not needed as far as I can see now...

    Read the article

  • Validate Unicode String and Escape if Unicode is Invalid (C/C++)

    - by vy32
    I have a program that reads arbitrary data from a file system and outputs results in Unicode. The problem I am having is that sometimes filenames are valid Unicode and sometimes they aren't. So I want a function that can validate a string (in C or C++) and tell me if it is a valid UTF-8 encoding. If it is not, I want to have the invalid characters escaped so that it will be a valid UTF-8 encoding. This is different than escaping for XML --- I need to do that also. But first I need to be sure that the Unicode is right. I've seen some code from which I could hack this, but I would rather use some working code if it exists.

    Read the article

  • Symfony 1.4: Is it possible to prevent escaping of a redirect URL?

    - by Tom
    Hi, If I do a redirect in action as normal: $this->redirect('@mypage?apple=1&banana=2&orange=3'); ... Symfony produces the correct URL: /something/something?apple=1&banana=2&orange=3 However, the following gets escaped for some bizarre reason: $string = 'apple=1&banana=2&orange=3'; $this->redirect('@mypage?'.$string); ... and the following URL is produced: /something/something?apple=1&amp;banana=2&amp;orange=3 Is there a way to avoid this escaping and have the ampersands appear correctly in the URL? I've tried everything I can think of and it's driving me mad. I need this for a situation where I'm pulling a saved query as a string from the database and would just like to latch it onto the URL. I'm aware that I could generate an array from the string and then generate a brand new URL from the array, but it just seems like a lot of overhead because of this silly escaping. Thanks.

    Read the article

  • Escape doube and single backslashes in a string in Ruby

    - by Nick Gorbikoff
    Hello. I'm trying to access a network path in my ruby script on a windows platform in a format like this. \\servername\some windows share\folder 1\folder2\ Now If I try to use this as a path, it won't work. Single backslashes are not properly escaped for this script. path = "\\servername\some windows share\folder 1\folder2\" d = Dir.new(path) I tried everything I could think of to properly escape slashes in the path. However I can't escape that single backslash - because of it's special meaning. I tried single quotes, double quotes, escaping backslash itself, using alternate quotes such as %Q{} or %q{}, using ascii to char conversion. Nothing works in a sense that I'm not doing it right. :-) Right now the temp solution is to Map a network drive N:\ pointing to that path and access it that way, but that not a solution. Does anyone have any idea how to properly escape single backslashes? Thank you

    Read the article

  • Regex to match CSV file nested quotes

    - by user361970
    Hi, I know this has been discussed a million times. I tried searching through the forums and have seen some close regex expressions and tried to modify them but to no avail. Say there is a line in a csv file like this: "123", 456, "701 "B" Street", 910 Is there an easy regex to detect "B" (since its a non-escaped set of quotes within the normal CSV quotes) and replace it with something like \"B\" ? The final string would end up looking like this: "123", 456, "701 \"B\" Street", 910 Help would be greatly appreciated!

    Read the article

  • Kohana v3, escape illegal characters?

    - by Dom
    Quick question, does Kohana (version 3) automatically escape data that is passed into ORM::factory..... (and everywhere else that has to do with the database)? For example: $thread = ORM::factory('thread', $this->request->param('id')); Would the data passed in the second argument be auto-escaped before it goes in the SQL query or do I have to manually do it? Probably a stupid question and it's better to be safe than sorry, but yeah... I usually do manually escape the data, but I want to know if Kohana does this for me? Thanks

    Read the article

  • How to "serialize" and "deserialize" command line arguments to string in bash?

    - by Vi
    I call my script: $ ./script 'a!#*`*& ^$' "sdf sdf\"qw sdsdf" 1 -- 2 3 It gets arguments: 1: a!#*`*& ^$ 2: sdf sdf"qw sdsdf 3: 1 4: -- 5: 2 6: 3 If I need to call something with the same arguments locally, I do this: someprogram "$@" But how can I put all that array to a string (to store in file or in environment variable or pass over TCP eaisly) and then turn it back to command line arguments somewhere? I want it to be simple, short and secure. export CMDLINE="$@" # What is in CMDLINE now? Escaped or not? sh -c "someprogram $CMDLINE" # Will it do what I mean? Ideally I want two bash subroutines: the first turns turns any Bash array into a [a-zA-Z0-9_]* string, the other turns it back to Bash array I can use.

    Read the article

  • How do you manage your time as a team leader?

    - by Bryan Slatner
    Where I work, my role has been evolving from a pure development role to team leadership. I find that this suits me, and I'm generally enjoying it. One aspect of the job that continually vexes me, though, is time management. My day used to be pure coding. Now, I still have a largely full plate of coding duties, but I'm expected to mentor other developers, work on requirements, make design decisions for other developers, evaluate bug reports from users, assign them to developers, and so on. I find that my day has become on interruption after another and the prolonged periods of sustained concentration needed to get any actual quality coding done are becoming rarer and rarer. Today, I finally grabbed my laptop and escaped to a coffee shop so I could get some actual work done. How do the team leads here manage their day -- or manage their workplace -- so they don't let their administrative tasks overwhelm them?

    Read the article

  • Nesting quotes in JavaScript/HTML

    - by Ryan Elkins
    How do you nest quotes in HTML beyond the second level? As far as I know, there are only 2 types of quotes - single(') and double("). I am aware of escaping - you have to escape in the code but it converts the escaped quotes back to regular quotes when it hits the browser. What is the accepted method to get around something like the following? <p onclick="exampleFunc('<div id="divId"></div>');">Some Text</p> That code prints to the browser: ');"Some Text

    Read the article

  • How do I suppress asp:image AlternateText from html escaping?

    - by rsturim
    I have an asp:Image -- which I'm assigning "alt" and "tooltip" from the code behind. Unfortunately the value which is coming from the database is getting automatically html escaped -- which I do now want it to -- how do I suppress this? For example my trademark html entity is doing this -- &#174; gets changed to --> &amp;#174 -- which is incorrect Here's my code in the aspx: <asp:Image runat="server" ID="MainImage" Width="260" /> Do I have any options? Thanks, -R And here's my code behind: this.MainImage.AlternateText = this.BasePage.SellGroup.DisplayName;

    Read the article

  • PHP mysql_real_escape_string() returning `NULL`

    - by DavidYell
    I'm using PHP Version 5.1.6 and trying to escape a query string from my $_GET array. However my script is returning a NULL after it's escaped. It seems that mysql_escape_string() works fine, but it's deprecated, so I don't want to use it. Having checked over the phpinfo() the MySQL lib is all loaded fine from what I can see. Has anyone experienced this kind of thing before? $term = $_GET['q']; var_dump($term); // string(7) "richard" echo "<br />"; $sterm = mysql_real_escape_string($term, $db); var_dump($sterm); // NULL It's very strange to me, I can't imagine why this function wouldn't work.

    Read the article

  • How do I set ORDER BY params using prepared PDO statement?

    - by Marlorn
    I'm having problems using params in the ORDER BY section of my SQL. It doesn't issue any warnings, but prints out nothing. $order = 'columnName'; $direction = 'ASC'; $stmt = $db->prepare("SELECT field from table WHERE column = :my_param ORDER BY :order :direction"); $stmt->bindParam(':my_param', $is_live, PDO::PARAM_STR); $stmt->bindParam(':order', $order, PDO::PARAM_STR); $stmt->bindParam(':direction', $direction, PDO::PARAM_STR); $stmt->execute(); The :my_param works, but not :order or :direction. Is it not being internally escaped correctly? Am I stuck inserting it directly in the SQL? Like so: $order = 'columnName'; $direction = 'ASC'; $stmt = $db->prepare("SELECT * from table WHERE is_live = :is_live ORDER BY $order $direction"); Is there a PDO::PARAM_COLUMN_NAME constant or some equivalent? Thanks!

    Read the article

  • Baffled by PHP escaping of double-quotes in HTML forms

    - by rjray
    I have a simple PHP script I use to front-end an SQLite database. It's nothing fancy or complex. But I have noticed from looking at the records in the database that anything I enter in a form-field with double-quotes comes across in the form-processing as though I'd escaped the quotes with a backslash. So when I entered a record with the title: British Light Utility Car 10HP "Tilly" what shows up in the database is: British Light Utility Car 10HP \"Tilly\" I don't know where these are coming from, and what's worse, even using the following preg_replace doesn't seem to remove them: $name = preg_replace('/\\"/', '"', $_REQUEST['kits_name']); If I dump out $name, it still bears the unwanted \ characters.

    Read the article

  • How to create a valid schema in a WSDL that restrict to <|<=|>|>=

    - by wsxedc
    This is what I have in my schema section of my WSDL to specify the field has to be comparison operators <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:pattern value="&lt;|&gt;|&lt;=|&gt;=|="/> </xsd:restriction> </xsd:simpleType> SoapUI complains about this part of the WSDL, I tried to set the value to something with non special characters and the WSDL is valid. So I tried to replace that whole long string to be value=">gt;" and it valid but value="<lt;" is not valid, and value=">" is also not valid. My question is, why does the WSDL validation need > to be double escaped? The main question is, how to provide a valid less than side within the pattern value.

    Read the article

  • Escaping quotes twice in PHP

    - by Genadinik
    Hello, I have a complicated form where I first have to take some _GET parameters and obviously I have to do a mysql_real_escape_string() on them since I look stuff up in the database with them. Them problem for me is after the initial db lookup. When the user submits a form, I send them along as a _POST request and obviously have to do this mysql_real_escape_string call again just in case someone tries to hack my site with a faked form submission. Then the problem I have is the arguments are escaped twice and my queries begin to look strange like this: select field1 , field2 , from my_table where some_id = \'.$lookup_id.\' ... So the system seems to be adding \' and it is messing me up :) Also, in my other forms I have not seen such behavior. Any ideas on what may be causing this? One weird thing is that I tried to send unescaped parameters to the post, and the same problem happens. That is a clue, but not a sufficient one for me. :( Thanks, Alex

    Read the article

  • Why is '\x' invalid in Python?

    - by Paul McGuire
    I was experimenting with '\' characters, using '\a\b\c...' just to enumerate for myself which characters Python interprets as control characters, and to what. Here's what I found: \a - BELL \b - BACKSPACE \f - FORMFEED \n - LINEFEED \r - RETURN \t - TAB \v - VERTICAL TAB Most of the other characters I tried, '\g', '\s', etc. just evaluate to the 2-character string of a backslash and the given character. I understand this is intentional, and makes sense to me. But '\x' is a problem. When my script reaches this source line: val = "\x" I get: ValueError: invalid \x escape What is so special about '\x'? Why is it treated differently from the other non-escaped characters?

    Read the article

  • What causes a UIViewController to become active?

    - by Rob Bonner
    I am sure this is an easy question, but one that has escaped me for some time now. Say I have a UIViewController, either defined as a root in an XIB or on a stack. At some point in my code I want to replace it with another view controller. Just flat out replace it. How would I do that? I have tried defining the controller and assigning, but not sure what actually makes it push on the screen with the absence of a navigation controller.

    Read the article

  • JQuery selector value escaping

    - by user53794
    I have a dropdown list that contains a series of options: <select id=SomeDropdown> <option value="a'b]&lt;p>">a'b]&lt;p></option> <option value="easy">easy</option> <select> Notice that the option value/text contains some nasty stuff: single quotes closing square bracket escaped html I need to remove the a'b]<p option but I'm having no luck writing the selector. Neither: $("#SomeDropdown >option[value='a''b]&lt;p>']"); or $("#SomeDropdown >option[value='a\'b]&lt;p>']"); are returning the option. What is the correct way to escape values when using the "value=" selector?

    Read the article

  • addslashes and addcslahes

    - by theband
    I was seeing today the addslashes and addcslashes in php.net, but did not get the point on what is the difference between them and what are the characters escaped in these two. <?php $originaltext = 'This text does NOT contain \\n a new-line!'; $encoded = addcslashes($originaltext, '\\'); $decoded = stripcslashes($encoded); //$decoded now contains a copy of $originaltext with perfect integrity echo $decoded; //Display the sentence with it's literal \n intact ?> If i comment the $decoded variable and echo $encoded, i get the same value which is in the original string. Can anyone clearly explain me the difference and use of these two.

    Read the article

  • replacing the beginning and end but not the same chars within a string

    - by Jordan Trainor
    lines = "some stuff\"some other \"stuff\"\""; lines = lines.Replace("\"", "\""); lines = lines.Replace("\"", "\""); in its current context and in its simplest form these two actions seem absolutely pointless but when I put this into code it will be not be pointless and will have a purpose other than replacing itself with itself. OK so I have the String lines that has 4 escaped quotation marks and I wish to replace the first quote with a quote and the end quote with a quote how would I accomplish this without replacing any of the inner quotes?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 5 6 7 8 9 10 11 12 13  | Next Page >