FaRmBoX

Seems way too easy to just use mysql_real_escape_string(). Will this really prevent most, if not all SQL injections? I remember reading somewhere that preg_matching a variable is much safer than mysql_real_escape_string().

If a text area which updates a `description`field in MySQL is placed in front of you, how would I validate it to prevent SQL injections? What characters are a MUST to preg_match against to accomplish this? If theres an easier way than to preg_match the text area, please do share. If possible, explain how the text area im typing into right this second fights off against an SQL injection. Pretty much any character can be typed in, am I right? I hope you understand my question. Thanks.

How do I convert from 11-15-09 01:38 pm format to 2009-11-15 13:38 format so I can use it with strtotime and compare the dates? The date in the first format that I receive always changes, so I will need a way to convert it. Thanks for your help.

What code can I use to determine when the current datetime is in between 2 datetimes. This is what I came up with: if ((date(m.d.y h:i a) > 11-14-09 01:38 pm) && (date(m.d.y h:i a) < 11-15-09 08:38 am)) { echo "It is time to do it!"; } else { echo "Its not ready yet."; } I hope you understand what im trying to do. However, my code doesnt look right to me in the sense of how I am comparing the dates. Help please.

Thanks, putting the ``s around the column names fixed it.

I have a piece of code that is just not updating my SQL database. Its giving me a headache. I had success with it before, but not this time. Here is my form tag <form action="index.php?editsave=true" method="POST" enctype="multipart/form-data"> It also has a file upload, which is the only part that works... Here is the PHP code for receiving the form: ("save_edit" is the name of the submit button) if ($_POST['save_edit']) saveEdit($_POST['id'], $_POST['imagelink'], $_POST['name'], $_POST['price'], $_POST['desc'], $_POST['imagewidth'], $_POST['imageheight']); Which goes to a function called saveEdit: function saveEdit($id, $imagelink, $name, $price, $desc, $imagewidth, $imageheight) { $q = 'UPDATE main SET imagelink = "'.$imagelink.'", imagewidth = "'.$imagewidth.'", imageheight = "'.$imageheight.'", name = "'.$name.'", price = "'.$price.'", desc = "'.$desc.'" WHERE id = '.$id.''; // Run query $r = mysql_query($q); } My problem is that the above code does not update. The connection to the database works. The values from the form are saved to the correct variables. The value of q is in single quotes from my attempt to switch things around in case it worked when the double quotes didnt. Please help. Edit: I forgot to mention I get no errors with error_reporting(E_ALL); ini_set('display_errors', '1');. I find myself looking at a blank page.

Thank you kind sir. This topic is pretty much solved but any more tutorials would be greatly appreciated as well. I want to nail this puppy and learn everything.

Hello, if anyone can refer me a really good tutorial on PHP HttpRequest, I will greatly appreciate it. http://us3.php.net/manual/en/class.httprequest.php Im not looking for the javascript XML one, as this is the one that keeps coming up on my searches

http://us3.php.net/manual/en/class.httprequest.php Is that XML HTTP Request or am I missing something? Whats it doing in php.net? I am not trying to redirect ANYONE anywhere. I am simply trying to keep the user in MY page. When they click on a button, I want php to 'serverside' login, go to a certain page, retrieve specific text, stick it to a variable, and ECHO back on MY page. I dont even want the user to know the page exists outside of my hosting. Them being redirected there has nothing to do with. Now I hope you understand what i mean.

The login credentials are correct. Im not trying to load the page in my 'browser'. Im trying to login, and change the page while the php serverside code is going through in order to parse some data back and echo it to 'my' page. I hope you understand what I mean.

No, this is PHP... hence why it is in PHP Coding Help forum.

Heres the situation. There are 2 web pages. Web page A is where I login. Web page B is where I need to go after logging in. I managed to get logged in, but I have no clue on how to get to Web page B. Please Help? Code Snippet: $url = 'http://www.website.com/webpageB.php'; $http = new HttpRequest( 'http://www.website.com/webpageA.php', HTTP_METH_POST ); $http->addPostFields( array( 'login_username' => 'username', 'login_password' => 'pass', 'remember' => '1' ) ); $http->send(); $cookies = $http->getResponseCookies(); foreach( $cookies as $cookie ) { $http->addCookies( $cookie->cookies ); } $http->setUrl($url); $http->send(); echo $http->getResponseBody(); I need to get to Web page B to parse some text and retrieve it back, but it never reaches Web page B. What in the world am I doing wrong? Please help!

bump... Can anyone help me?

bump

Any way I can use sockets?