i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any help greatly appreciated. thanks. derek
Code: <?php
include("connect1.php");
session_start(); // this is the session declaration , one per page.
$u = trim($_POST['username']);
$p = trim($_POST['password']);
$logoff = $_GET['logoff'];
$hack = $_GET['hack'];
if($logoff){
unset($_SESSION['userid']);
//session_destroy(); //commented out gets rid of the having to login twice.
$message = "You have been logged off";
}
if($hack){
$message = "Naughty Naughty!"; // COOL
}
// escape username and password for use in SQL
$u = mysql_real_escape_string($u);
$p = mysql_real_escape_string($p);
// if fields username and password have contents, then...
if($u && $p){
$query = mysql_query("SELECT * FROM table2 WHERE username = '$u' AND password = '$p'");
$result = mysql_fetch_array($query); //creates array called result,//notice we dont need a while loop here.
if($result['username']){
$message = "You have been logged in";
$_SESSION['userid'] = $result['username'];
header("Location:old.mainsite.php");
exit;
}else{
$message = "You do not exist on the system";
}
}
?>
How to read posted binary data from a mobile device and post it to a web server?
Here is the senario...I have a mobile device (MD) that posts binary data to a Web Server (WS1) and that Web Server (WS1) posts that binary data (from the MD) to another Web Server (WS2).(MD)
How to display objects in a row
I have 7 codes that i want to display in a row one next to another.The first is {$ads->ads_display('1')}, the second {$ads->ads_display('2')} and so on...They appear one under the other.
parameter passing issue on function
Well I thought I had created a pretty slick web page, using ?page and $_GET to load pages which where really function calls.Here is a few lines that make up the menuCode:
Printer configuration
Hi All,
Oracle Connectivity
Hi Every One,
UDP server recvfrom() always returns -1? :(
Hello all,I am getting a very strange error in my code :( I am writing a server application in C, to send and receive UDP packets to/from a client. Right now, im just running a loop in which the
problem in program for counting no of chars using pointers
Hi all, I was trying to make a program which counts number of chars in a string using concpt of pointers. Following is the code:
How to file_get_contents when login required?
Hello!I am trying to read data from a page that you have to be logged into to view, I am trying to use file_get_contents to do this, I have read that I need to use cURL, Is that true?Also, as Another
Can't get the unicode character
I'm trying to get some text from various parts of a file. I have converted the file to hex (bin2hex) and I've got this:64 72 e6 62 65 72 (without spaces)I'm converting that back by:Code:
How do I replace any number of character occurences with one occurrence?
How do I replace any number of character occurences with one occurrence?Let's say I have:aaaaaaaaaaaaaaaaaaaaaaAll of the above should be replaces with a single 'z' character say for exampleI can do
