Jump to content

floridaflatlander

Members
  • Posts

    671
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by floridaflatlander

  1. I set a session with the captcha value sha1 'pass_phrase' then

     

     

    // $_POST user_phrase from captcha

    if (isset($_POST['image'])) {

    $user_pass_phrase = sha1($_POST['image']);

    }

     

    then

     

    if ($_SESSION['pass_phrase']  == $user_pass_phrase)

  2. So you didn't get an error message?

     

    I thought mysqli_query() expects 2 parameters, you have one

     

    Try

     

    $result=mysql_query($dbc, $sql) or die("Error: ".mysqli_error($dbc));

     

    where $dbc =  mysql_connect("$host", "$username", "$password")or die("cannot connect");

  3. Thanks for the reply.

     

    Is it even worth worrying about using mb_detect_encoding? I've don't think I've seen it here(or anyone talking about UTF-8 encoding/decoding) before and the only place I've seen that said it needed to be used is the book "Wicked Cool PHP"

  4. Just throwing this out there and it sounds like a jury rig but … assign your queried variables to a list and then use if statements or a loop inside the main loop if any to reassign the empty variable to   if needed.

     

    Then you'll have a named variable with the value from the query or   to use in your results or in your while() loop.

  5. I have a book "Wicked Cool PHP" and in the security section it suggest that one would should use utf8_decode to "prevent  potential Unicode codec problems"

     

    Something like this $name = utf8_decode($_POST ['name']);

     

    Is this a good idea? I have "<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />" in the header, are these diffent things?

     

    I've found web sites saying this is a bad thing

     

     

    Wicked Cool PHP suggest

    		$name = utf8_decode($_POST ['name']);
    	$name = htmlentities($name, ENT_NOQUOTES);
    	$name = str_replace("#", "&#35;", $name);
    	$name = str_replace ("%", "&#37;", $name);]

     

    Is this a good idea or just extra work?

    I use the standard strip_tags & mysqli_real_escape_string now.

  6. You're a web developer with an attitude and your web page doesn't even have a header?

    This is a prime example why there's enough work out there for the rest of us.

     

    Us? lol, Here's a menu people like us can use. http://ago.tanfa.co.uk/css/examples/menu/tutorial-h.html.  Here's another http://htmldog.com/articles/suckerfish/dropdowns/

    Also last I looked, you don't have a html header and you don't have opening and closing html tags or opening and closing body tags.

    Do you know what these things are?

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.