I do not want anything like DROP TABLE to work or any type of coding..
Heres my code.. is it secure? if not, please help:
Code: <?php
mysql_connect('','','');
mysql_select_db('cars');
if(preg_match("/^[ a-zA-Z 0-9 &]+/", $_POST['q'])){
$q = $_POST['q'];
$q = addslashes(mysql_real_escape_string($q));
$result = mysql_query("SELECT * FROM parts WHERE MATCH (`category`,`name`,`description`) AGAINST ('$q' IN BOOLEAN MODE)");
$num_results = mysql_num_rows($result);
echo 'Found '.$num_results.' parts matching '.$q.'.';
if($num_results>0) {
$row['name'] = stripslashes(stripslashes($row['name']));
$row['description'] = stripslashes(stripslashes($row['description']));
echo '<p>'.$row['name'].'</a>
<img src="'.$row['thumbnailurl'].'"><br />'.$row['description'].'<br />'.$row['date'].'</p>';
}
}
else {
echo '<p>Their were 0 results for '.$q.'! Try again?</p>';
}
}
else {
echo '<p>TEXT ONLY PLEASE</p>';
}
?>
session variables not working anymore
hello,i use sessions to handle authentication within my site. my host has been changing a lot of settings in the server recently for "security purposes". and the technicians are pretty much
PHP mail() returns true but doesn't work
First off I apologize if this is a newbie question, and I generally don't like asking questions that have already been asked 1,000,000 times, but I've searched far and wide and cannot find a solution
b+ tree
Hi can every body help me about b+ tree ?(insert & delete)
True way to see if action was successful?
If this is a good way to see if action was successful to continue:Code: function changeGameState($GameId) { mysql_query("UPDATE challenges SET status=status+1 WHERE id='$GameId'");
Update Database
Hi All,I have a problem with this:Code: [Select]<?phpsession_start();include('../common/dbconnect.php');$stock_id = $_GET['stock_id'];$query='SELECT * FROM users_stocks WHERE user_id ="' .
pspell
using pspell, is it possible to get words that would be best in the current phrase?For example take this phrase: who is the fastest pwrson in the world?The word person was misspelled as the person
problem with php mysql query
Hi guy's...I'm totally lost here..because don't have any idea how to make a query for grab record using BETWEEN startdate and enddate since existing record are stored using this format
Pass sql into pl/sql and create RMAN duplicate script.
Hi,
Required to login help
I'm trying to set up my site so users have to be logged into the forum to access the site.I've been working with this bit of codeCode: [Select]<?phpwriteLog();if
What makes a script your own?
If someone finds a login script online, and changes some variable names around and some other minor adjustments. Is that considered there own script? What would define a script as being yours? I
