rickyj
Members-
Posts
27 -
Joined
-
Last visited
Never
Everything posted by rickyj
-
okay, its a simple question, but I have no idea how to search for this. How can I put a forward slash within quotes. I have a problem, a string gets converted to "xyz/" and is then put in an sql querry, how can I detect the slash, I cant use: strpos($encPass, "\" ) > -1 Since the \ makes the quotation a non surrounding quotaion.. so what can I use to detect a forward slash?
-
a simple java solution would be: (after splitting Srch into array) this_column.indexOf(splitSrch) != -1 but have no idea how to put this into an sql statement. Please HELP..
-
for example : WHERE this_column Like '%srch%"' solves if srch = "puzzle" and this_column = "a puzzle search phrase" but doesnt solve the case where for instance if srch = "this is a puzzle" and on one of the rows this_column = "a puzzle search phrase" - It might be possible to split srch, via ' ', and then check for each of the arrays eg: $splitSrch = split(' ', $srch) and then use: WHERE (this_column Like '%splitSrch[0]%' Or this_column Like '%splitSrch[1]%' ...) but $srch may not always contain two words... hmm, must be an easier way of doing this
-
Does anyone know how to put the following in to a query WHERE At least one of the words in the phrase "srch" must contain at least on of the words in "this_column" for instance if srch = "this is a puzzle" and on one of the rows this_column = "a puzzle search phrase" so the where statement is true for this row.
-
my above code was supposed to say str_replace (The edit function was not working for me?). preg replace doesnt seem to work here for some reason? However, It should be noted, before I use these variables, I get them via this method: stripslashes((get_magic_quotes_gpc()) ? $_POST[$MyString] : addslashes($_POST[$MyString])));
-
Thanks for the help, I tried this but get the following for: 1st line new line third line gets converted to :1st line\r\nnew line\r\nthird line\r\n (looking at the database: looks exactly the same) i.e., it doesn’t get converted at all. yet, $string = preg_replace('\r', '<br>', $string); works but leave /n at the start of each line, and $string = preg_replace('\r\n', '<br>', $string); works, but deletes n's off of the start of a new line if its present <-- this I find really odd!
-
Hi there, I’m having a real bit of trouble, and I cant narrow it down. I’m trying to get a form to post a message to a mySQL data base, and replace the users input new lines into <br> - But this doesn’t seem to be working as expected. - I have tried lots of things, but they all give strange results. - the Mysql column is a text column - I have tried using nl2br, but this does nothing to the text. Im currently using: function nl2br2($string) { $string = str_replace('\r\n', '<br>', $string); $string = str_replace('\r', '<br>', $string); $string = str_replace('\n', '', $string); return $string; This works perfect, unless the new line start with an n, if the new line starts with an n the n gets striped: first line new line third gets converted to first line<br>ew line<br>third if I use this: function nl2br2($string) { $string = str_replace('\r\n', '<br>', $string); $string = str_replace('\r', '<br>', $string); return $string; I get: first line \nnew line \nthird I cant figure out whets going on here? I have also tried using variations, but get exactly the same result: function nl2br2($string) { $string = str_replace('\n\r\n', '<br>', $string); $string = str_replace('\r\n\n', '<br>', $string); $string = str_replace('\r\n', '<br>', $string); $string = str_replace('\r', '<br>', $string); $string = str_replace('\\n', '', $string); $string = str_replace('\nn', ' n', $string); $string = str_replace('\n', '', $string); return $string; gets converted to first line<br>ew line<br>third function nl2br2($string) { $string = str_replace('\n\r\n', '<br>', $string); $string = str_replace('\r\n\n', '<br>', $string); $string = str_replace('\r\n', '<br>', $string); $string = str_replace('\r', '<br>', $string); $string = str_replace('\\n', '', $string); $string = str_replace('\nn', ' n', $string); return $string; I get: first line \nnew line \nthird Any on know what is happening?
-
Referer is not used by all browsers (and can easily be faked)
-
Sorry, cant do that, but I can give examples (as the one above) Im bassically asking it there is a way of grabing the full url, since $_SERVER['PHP_SELF'] only grabs "/this.php" from www.example.come/this.php?other=things&more=1 If I could grab the full url I would be able to show that 'other' and 'more' are or are not set without using isset, or get. I dont like using isset($_GET['a'] ) since if the user manipulates the a variable to "a = ']) && more code //", this is unsafe!
-
The problem is, I really dont want to use isset and then get (I cant trust users input so do a lot of stipping of characters). I was initially using isset, and then relised the security flaw
-
I need it to go to the second page, and then display the contense, its just looping at the moment
-
is there a way to redirect www.example/this.php to www.example/this.php?a=1&b=2 I have tried using: but this results in a loop, any ideas?
-
yup, you where exactly right Thanks
-
hmm, "INSERT INTO sigparsed (a, b, c, d) VALUES ('2', '1', '$var1', '0' )WHERE userid = '$UserID' " hmm getting there, but I cant use the where statment like this can I? how can I do the above?
-
yes, I shouldnt be using insert, But I have made some progress thanks to you guys, cheers
-
opps i should be replacing not inserting, hmm
-
hmm now Im getting : abDuplicate entry '119' for key 1 what does this mean, my querry is now: print 'a'; $Querry = "INSERT INTO sigparsed (a, b, c, d, e ) VALUES ('2', '$var1', '1', '$var2', '0' ) "; $result= mysql_query($Querry) or die(mysql_error()); print 'b'; $Querry2 = "INSERT INTO usertextfield (f, g) VALUES ('$var3', '$var4') "; $result2= mysql_query($Querry2) or die(mysql_error()); print 'c';
-
this is the shothand sqlquerry(after connecting to the database an table): and my error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' But I see nothing wrong with my syntext
-
Thanks, unfortunately I doubt my server has the php GD2 library (im not hosting this one myself). $_SESSION[] looks like a good idea to implement though : http://uk3.php.net/function.session-register
-
Hi, Im thinking of writting my own Text(picture) verification I know there are methods out there, but I dont want to use standards (since i know the common ones always get hacked eventualy). Im thinking of writting this in php, where the php gets a image number (say from the milliesecond that the user has gone to the registration of this page) eg, 01 millseconds = pic 1 (an algorithum will modify this, but you get the idea) But I have then run into security problems, with various approaches: 1. onSend the javaScript can verify that the image the same as the input eg 01img = Myinput - security problem, javascript can be searched 2. imageNumber can be varified by php that imageNumber corresponds to Myinput - cant see anyproblems with this so far Anyone done this before, any infomation on this sort of thing would be appreciated, thx
-
from a securit point of view how is it possible to make sure that any post data only comes from one site (that you define) for instance if I had a example.MyRegistrationForm.php, which posts to example2.MyUserCreation.php How could I make sure that the data is only posted from example.MyRegistrationForm.php I dont want to send this in the post request (since post request can be manipulated), i need to find a way for example2.MyUserCreation.php to know it come from example.MyRegistrationForm.php Any ideas?
-
the above didnt work, it just set it to the first one, regardles of it already being present in the database! but I used: why dont these posts merge
-
I have something else that does the inserting, so the follwing code should work? foreach ($ltURLarray as $ltURL) { $fetch=mysql_fetch_assoc(mysql_query("SELECT `LT_URL` FROM `lt_users` WHERE `LT_URL`='".$ltURL."'")); if (empty($fetch['LT_URL'])) { break; } } // so now $ltURL is set to $ltURLarray (where ltURLarray is not found) (sorry for me being a bit dumb and spelling it out in full), do you think this will work?
-
dow! break... thats what i was looking for, just forgot, thanks
-
Thanks for the quick response Will foreach not go through each one(regardles of result), I want to stop if the 1st is not found in the colum, or if not try second....