I do not want anything like DROP TABLE to work or any type of coding..
Heres my code.. is it secure? if not, please help:
Code: <?php
mysql_connect('','','');
mysql_select_db('cars');
if(preg_match("/^[ a-zA-Z 0-9 &]+/", $_POST['q'])){
$q = $_POST['q'];
$q = addslashes(mysql_real_escape_string($q));
$result = mysql_query("SELECT * FROM parts WHERE MATCH (`category`,`name`,`description`) AGAINST ('$q' IN BOOLEAN MODE)");
$num_results = mysql_num_rows($result);
echo 'Found '.$num_results.' parts matching '.$q.'.';
if($num_results>0) {
$row['name'] = stripslashes(stripslashes($row['name']));
$row['description'] = stripslashes(stripslashes($row['description']));
echo '<p>'.$row['name'].'</a>
<img src="'.$row['thumbnailurl'].'"><br />'.$row['description'].'<br />'.$row['date'].'</p>';
}
}
else {
echo '<p>Their were 0 results for '.$q.'! Try again?</p>';
}
}
else {
echo '<p>TEXT ONLY PLEASE</p>';
}
?>
date function help
i need help with date functionCode: [Select]<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
How to Handle more than one submit button in single form?
HiI have one PHP file which contains one Form. In this form there are two Submit type Buttons<input type="submit" name="edit" value="save"> <input
for loop without same $i digits?
Hi, Can some guru please advise how can I accomplish this with a simple for loop ? I want to use for loop to echo all number from 000 to 999Quotefor($i=0;$i<1000;$i++){echo "$i";}My
Async WSAConnect failed on XP with error code = 2 ("File not found")
Hi all,
How to disable direct access to a file
Suppose I've 2 Files. 1.php & 2.php I don't want anybody to access 2.php directly from browser. Eg: http://localhost/2.php but I want 2.php show up in 1.php like:Line number On/Off |
weird problem
last time, i did post a topic concerning why my page sometime will load as blank page when using IE. someone has told me that it might be my hosting server problem, too slow...but, now after testing
Curl & sessions PLS HELP
Hello,I have a problem with curl and sessions and i will try to explain the best i could.01. I want to download a file from (http://subdomain.example.com/name-13075.html) with curl.02. The problem is:
Problem with PHP/mySQL login code
Hello,There is an error in my login script and I can't figure out what it is...I believe it might be my "SELECT" statement...Can anyone help me? Code: <?php//define ('SASI Services
php multiple action on submit
I have a form which says:<form enctype='multipart/form-data' method='post' action='process.php' target='_blank'>I need to call process.php on submit or on clicking submit button. Now
i want run some web server under the ip sharer
hello i want run some web server under the ip sharer
