Jump to content


Photo

werid problem with mysql query.


  • Please log in to reply
4 replies to this topic

#1 darkcarnival

darkcarnival
  • Members
  • PipPipPip
  • Advanced Member
  • 162 posts

Posted 25 May 2006 - 05:28 PM

hello,

a script of mine that has a login area doesnt seem to like usernames that have or in the name.

like if a user uses toro or coreuser will not let a user log in correctly displaying errors evetywhere.

now my query is simple, the anti-injection function im using i disabled but still seems to cause problems.

if you want to see anything that could help you help me, just let me know and I'll provide it for you.

thanks.

#2 karthikeyan_coder

karthikeyan_coder
  • Members
  • PipPipPip
  • Advanced Member
  • 201 posts

Posted 25 May 2006 - 05:39 PM

let me know the query or script here
www.karthi.us

#3 nogray

nogray
  • Members
  • PipPipPip
  • Advanced Member
  • 930 posts
  • LocationSan Francisco CA

Posted 25 May 2006 - 06:09 PM

try to include the username in the '' quotes like 'toro'

NoGray.com


#4 darkcarnival

darkcarnival
  • Members
  • PipPipPip
  • Advanced Member
  • 162 posts

Posted 25 May 2006 - 06:15 PM

here is the query:

"SELECT * FROM ebb_users WHERE Username='$logged_user'"

$logged_user is either $_COOKIE or $_SESSION(depends on what type of login the user chooses).

the anti_injection script can be found on the code library from this site ;)

#5 darkcarnival

darkcarnival
  • Members
  • PipPipPip
  • Advanced Member
  • 162 posts

Posted 26 May 2006 - 01:55 AM

found the problem, its the anti-injection function i found on this site, if i see the author's email on their profile i might let them know about this problem.

for now I plan to do some research on a replacement to this injection function

any suggestions are fully welcomed :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users