In my attempts to protect my database from mySQL injection I have created another problem for myself....
Currently all user inputted strings go through this function;
Code: function cleanQuery($string)
{
if(get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = mysql_real_escape_string($string);
$string = htmlentities($string);
return $string;
}
In the most, its great HOWEVER... there are three fields which I would like the user to be able to enter spaces in. An "About me" field for example, if it is run through the above function the new lines are replaced with a 'r' which i assume is "created" by the mysql_real_escape.
Question;
1) Should i run the function on every user variable?
2) Is there a safe "fix" or something alternative which i can run on the three fields which may require line breaks.
thanks.
IF Statement & Two Tables With Different Echoes
I'm retrieving two tables in a single query using UNION ALL, like so:Code: $query = "SELECT * FROM film UNION ALL SELECT * FROM people ORDER BY id DESC LIMIT 5 ";Now each of those tables,
Query failed issue with php script but works fine in mssql manager!
hi i have the script below which copies data from one table to another but will only insert new data update current data or delete old data from tempproducts to products then it will delete the
php not working written for consumption of slots
1. Here is the function where i will be allowed to consume the slot booked by me.2. Here i check the unique reservation id, current server time & date.3. Then i ask the user to enter the
INSERT for date range
Hi allI have the following tableCode: [Select] `date` date `day` int(2) `month` int(2) `year` int(4)If I pass a date range in PHP, such asCode: [Select]$datefrom = '2009-02-20';$dateto =
HTML form problem
Ive made a form to that i want to send to my email via PHP. but when it send only the name's etc send and then the table belpw only Job location sends and the other columns do not send. is this a html
How to store checkbox array in a session, and then be able to add to it?
I'm trying to store an array of checkbox values into a session array, sort of like a shopping cart, but I can't figure out how to not overwrite the sessions array each time new checkbox values are
How do I get the row number from from an sql table query
Hi allI have a table that I query and it returns a number of rows.mysql_num_rows($query) = $totalI want to have next and previous buttons, is there a way of retrieving the current row number, and can
Attempt to assign property of non-object in...
I'm having issues with the following function in PHP 5... function getTreeWithChildren() { $category_id = $this->fields['id']; $parent_id =
Company Code for Vendors created through Business Partners
Hi, experts!
Disable Scrollbar in TableControl
Hello everbody,
