In my attempts to protect my database from mySQL injection I have created another problem for myself....
Currently all user inputted strings go through this function;
Code: function cleanQuery($string)
{
if(get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = mysql_real_escape_string($string);
$string = htmlentities($string);
return $string;
}
In the most, its great HOWEVER... there are three fields which I would like the user to be able to enter spaces in. An "About me" field for example, if it is run through the above function the new lines are replaced with a 'r' which i assume is "created" by the mysql_real_escape.
Question;
1) Should i run the function on every user variable?
2) Is there a safe "fix" or something alternative which i can run on the three fields which may require line breaks.
thanks.
quick question
Hi ..i have a questionhow do i set a var so it displays via an echoCode: $logo = '<img src="Images/tvguide/sabc1.jpg">';echo '<div
Call to undefined function mysql_fetch_accoc()
New to php/mysql coding. What's wrong with this sequence, or am I just not seeing to obvious?Getting, "Call to undefined function mysql_fetch_accoc()" at line n, whereline n is referring to
Displaying returned XML in another PHP page
I have an online payment form that will return XML given if a payment is successful or declines. I am using PHP cURL to do this, and it all works from the standpoint of approving or denying
TinyMCE / Ajax Postback Problem
Hiya all,I have a page which loads the TinyMCE editor. On the postback I obviously want to fetch that data again but the value stays empty. Strangely enough, when I disable the "updatepanel" control I
Google voice
I currently have a form in html, but I want it in php so the information is not in the source code.It all works and when you put in the name and number it will call. When you push the call button it
How to use Ajax to verify data on a DB ?
Hello everyone, well i want to know how to check a value if it exists or not on a Data base and capturing this without making postback (no click on a button or other control) ofcourse by using Ajax,
Timer control causing error
I recently decided to add a timer control to an existing page that uses AJAX on my site. As soon as I added the timer control and ran my app, I started getting the following error:Description: An
How to sum these output values
Hi
PHP Code / Script To check weather the given email exists in a domain
Hi,I want to implement the following in my web pagein sign up we will ask to enter user existing email id , so now i need to check weather the entered email currently available are not without sending
text box alphanumeric caracters only
hi all! I have search on google on how to enter in a test box only caracters A-Z,a-z,0-9 using php, but all the solutions are not for me I need, if you can help me to allow a user to insert only those
