In my attempts to protect my database from mySQL injection I have created another problem for myself....
Currently all user inputted strings go through this function;
Code: function cleanQuery($string)
{
if(get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = mysql_real_escape_string($string);
$string = htmlentities($string);
return $string;
}
In the most, its great HOWEVER... there are three fields which I would like the user to be able to enter spaces in. An "About me" field for example, if it is run through the above function the new lines are replaced with a 'r' which i assume is "created" by the mysql_real_escape.
Question;
1) Should i run the function on every user variable?
2) Is there a safe "fix" or something alternative which i can run on the three fields which may require line breaks.
thanks.
urldecode question
How would I format this line of code properly?<?php echo urldecode($_GET['Title']); ?>
Material Master Update through BAPI - Follow up material not updated
Hi Experts,
this code is not working????
it says this error.. Warning: Division by zero in ..the variables are correct, so why is the variable $max zero??/Code: $sw = $_GET['w']; $sh = $_GET['h'];
Need help making a blockquote and line items conditional
I have some code I bought a few years ago that allows my clients to update content on their site using an Excel spreadsheet. Well this particular application sometimes has line items so I need to come
Google Wave
So... has anyone used it yet? Is it any good?http://wave.google.com/help/wave/about.html#video
EXplanation help
Hey all,I am still fairly new to PHP programming and I am trying to put together a page where you select search terms from a drop down menu and it keeps the menu at your search choice in the menu
duplicate record notification
In my database, after insertion of records, I want to know if the record inserted is duplicate or not. How can I do this ??
Two fgetcsv related questions ;D
First of im trying to get a file from a merchants server but the directory is protected, I know the user and pass obviously but im wondering how i can pass the login details through to the script
login from external site
Hi my new experience begins, Now what i am trying to do is i make three pages, login.php logout.php index.php . Now if i will not give correct detail i can not see the index.php ,all working perfect
reading partial code from external site
Hi,I am trying to write a script for my website to get an article from an external website. The external website has the article in a set of tags <roottag> &
