pumaf1 Posted March 6, 2008 Share Posted March 6, 2008 I have been working on a new section of my site, of which will be launched early next year. I have been working on this section: http://www.pumaf1.org.uk/infobase/ for a while and thanks to help from here i have pretty much got it running I would like some feedback if at all possible, mainly offf those that know F1 and those that may be able to see ways of improving the way it works. Dont worry about the layout thats going to change its just set out like it is to look like its "being worked on" The whole site www.pumaf1.org.uk is a work in progress and again any comments or suggestions on how to improve it are greatly taken the 2009 site is at www.pumaf1.org.uk/en/ which will be moved over in early 2009. it has little or no formatting, but it has improvements on the news system over the current live version, again any comments will be accepted GOOD or BAD. (and i know a lot of site for F1 exist but its my love and what i REALLY care about!)(aka a hobby) Link to comment https://forums.phpfreaks.com/topic/94809-please-test-new-part-of-my-site-f1-based/ Share on other sites More sharing options...
Coreye Posted March 7, 2008 Share Posted March 7, 2008 SQL: http://www.pumaf1.org.uk/infobase/driveralld.php?name=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1 SQL: http://www.pumaf1.org.uk/infobase/teamalld.php?team=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1 SQL: http://www.pumaf1.org.uk/infobase/enginealld.php?engine=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1 SQL: http://www.pumaf1.org.uk/getnews.php?id=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1 Link to comment https://forums.phpfreaks.com/topic/94809-please-test-new-part-of-my-site-f1-based/#findComment-486156 Share on other sites More sharing options...
pumaf1 Posted March 7, 2008 Author Share Posted March 7, 2008 may i ask how you got those errors? Link to comment https://forums.phpfreaks.com/topic/94809-please-test-new-part-of-my-site-f1-based/#findComment-486214 Share on other sites More sharing options...
phpSensei Posted March 7, 2008 Share Posted March 7, 2008 may i ask how you got those errors? He shows you how he did it, by removing your existing HTTP vars and editing it to adding single quotes, this is SQL injection... use the function mysql_real_escape_string($_GET['id']) Link to comment https://forums.phpfreaks.com/topic/94809-please-test-new-part-of-my-site-f1-based/#findComment-486241 Share on other sites More sharing options...
Dysan Posted March 16, 2008 Share Posted March 16, 2008 just out of curiously, what use javascript to navigate back to the previous page? Why not use PHP? - as upon turning JavaScript off, your link doesn't work. It will always work if you used PHP! I may be being picky here, but is still worth considering Dysan Link to comment https://forums.phpfreaks.com/topic/94809-please-test-new-part-of-my-site-f1-based/#findComment-493677 Share on other sites More sharing options...
Dysan Posted March 16, 2008 Share Posted March 16, 2008 just out of curiously, what use javascript to navigate back to the previous page? Why not use PHP? - as upon turning JavaScript off, your link doesn't work. It will always work if you used PHP! I may be being picky here, but is still worth considering Dysan Link to comment https://forums.phpfreaks.com/topic/94809-please-test-new-part-of-my-site-f1-based/#findComment-493678 Share on other sites More sharing options...
pumaf1 Posted March 17, 2008 Author Share Posted March 17, 2008 basically becuase i am learning php and dont know how to do that, I dont even know how to correct the problems outlined above! Link to comment https://forums.phpfreaks.com/topic/94809-please-test-new-part-of-my-site-f1-based/#findComment-494369 Share on other sites More sharing options...
john010117 Posted March 19, 2008 Share Posted March 19, 2008 may i ask how you got those errors? He shows you how he did it, by removing your existing HTTP vars and editing it to adding single quotes, this is SQL injection... use the function mysql_real_escape_string($_GET['id']) He did tell you how to fix those errors. Link to comment https://forums.phpfreaks.com/topic/94809-please-test-new-part-of-my-site-f1-based/#findComment-495530 Share on other sites More sharing options...
Recommended Posts