enkidu72 Posted September 27, 2006 Share Posted September 27, 2006 Hello all ,I'm coding ( as a noob :)) an application to access to a mysql db to insert and search for books ..There are two kinds of user, user and admin , authentified by a user/pass stored into the db . Admins have perm=1and users = 0 . I have basically 2 problems . If u hit the "back" button of the browser u can get access again to the pages visited previously by an admin o user . Some quotes :<?session_start();header("Cache-Control: no-cache, must-revalidate");header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); ?>---------------if (((isset($_SESSION['user'])) && ($_SESSION['perms'] == 1))&& (isset($_SESSION['logged']) && $_SESSION['logged']=='1')){This stuff works perfectly if u don't hit back button and then reload ... Another question ... I'd like to escape the input .Which is the better way ? Basically I need to check the user/pass and the input for inserting new books .It's mysql_real_escape_string() what I'm looking 4 ? or maybe addslashes() & stripslashes() ? or escapeshellcmd can do ?Thx in advance David Quote Link to comment Share on other sites More sharing options...
tomfmason Posted September 27, 2006 Share Posted September 27, 2006 I would say something like this[code=php:0]$something = mysql_real_escape_string(trim(strip_tags($_POST['something'])));[/code]Good luck,Tom Quote Link to comment Share on other sites More sharing options...
enkidu72 Posted September 27, 2006 Author Share Posted September 27, 2006 thx Tom !$something = mysql_real_escape_string(trim(strip_tags($_POST['something'])));seems worked for INSERT , but I have problems now for the SELECT ...If I introduce something like "L' acqua " , the for some reason don't appear in the select result ...Any idea ? Quote Link to comment Share on other sites More sharing options...
enkidu72 Posted September 27, 2006 Author Share Posted September 27, 2006 Anyone for the "$_SESSION" stuff ??? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.