In my attempts to protect my database from mySQL injection I have created another problem for myself....
Currently all user inputted strings go through this function;
Code: function cleanQuery($string)
{
if(get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = mysql_real_escape_string($string);
$string = htmlentities($string);
return $string;
}
In the most, its great HOWEVER... there are three fields which I would like the user to be able to enter spaces in. An "About me" field for example, if it is run through the above function the new lines are replaced with a 'r' which i assume is "created" by the mysql_real_escape.
Question;
1) Should i run the function on every user variable?
2) Is there a safe "fix" or something alternative which i can run on the three fields which may require line breaks.
thanks.
Web Application Recipe
Hi Guys! I am working with the Web Application recipes. I am currently working on the send password page. The page is working, but I sends the same password and username regardless of the email
what business processes?
Hi,
Mysterious Timeouts
I've deployed a few simple AJAX-enabled web page to a local server that is accessed through the Internet by just two people: Me & one client.When running in VS2008 it works perfectly fine but when
Display the user's weight lost in the past week
Hello everyone,I am working on a weight loss app for my site, and I want to display the user's weight lost in the past week, I have the current weight and the total weight lost today working great,
Run function every 5 mins ??
I have a function PostMessage()How can I run it every 5 mins ??
Insert numbers from Barcode scanner into online php page
I have a real big problem, Here is what I'm trying to do. I have a Intermec CN3 handheld computer that has a builtin scanner. We have built a website that manage our inventory. How? We have a simple
I need help with formatting date from mysql! with php!
Hello guys*Note: this is a php question not MySQL question, please do not move it to mysql section! Thank you.anyway, I have a record from the database as 2009-12-31 23:59:59I needed to when ever I
Greek characters in php
Hi,I'm making a script and I m using for first time greek characters.I started to write a simple drop down menu that loads some city names from the database. The names are in Greek in the database and
Contents of variable not echoing
Hey guys, hopefully this is an easy one...In this line, the variables are not echoing out. The script runs without error though.Code: [Select]echo "Name: $name | E-mail: $email | Comments:
Sequre login with cookies.
I want to build secure login with cookies. I just want your ideas about this, your suggestions. What fields should go to sql table, after username and password? How to keep data in cookies safely? And