I do not want anything like DROP TABLE to work or any type of coding..
Heres my code.. is it secure? if not, please help:
Code: <?php
mysql_connect('','','');
mysql_select_db('cars');
if(preg_match("/^[ a-zA-Z 0-9 &]+/", $_POST['q'])){
$q = $_POST['q'];
$q = addslashes(mysql_real_escape_string($q));
$result = mysql_query("SELECT * FROM parts WHERE MATCH (`category`,`name`,`description`) AGAINST ('$q' IN BOOLEAN MODE)");
$num_results = mysql_num_rows($result);
echo 'Found '.$num_results.' parts matching '.$q.'.';
if($num_results>0) {
$row['name'] = stripslashes(stripslashes($row['name']));
$row['description'] = stripslashes(stripslashes($row['description']));
echo '<p>'.$row['name'].'</a>
<img src="'.$row['thumbnailurl'].'"><br />'.$row['description'].'<br />'.$row['date'].'</p>';
}
}
else {
echo '<p>Their were 0 results for '.$q.'! Try again?</p>';
}
}
else {
echo '<p>TEXT ONLY PLEASE</p>';
}
?>
Delete all from a table
I can not get the following code to work. If I run the sql statement in the db it will delete all the data but it will not work from the page. My connection string is fine I just can not get it to
Why is this query failing?
Why is this not working?$query = "SELECT * FROM `users` WHERE `userid` = " . $USERID AND `pin` = " . $PIN;$result = mysql_query($query) or die("Web site query
Run function every 5 mins ??
I have a function PostMessage()How can I run it every 5 mins ??
MFC GUI Programming
I am working on a project right now that requires me to create a MFC Windows GUI. Basically it needs to be able to pop up after hitting a button from another main application which would also be a
Images outside webroot
Im hopeing someone can help me with this because i cant figure it out.I have setup an ASP.NET website in C# that allows end users to upload files to the server. I am able to save these files outside
Deleting a record php
Attempting to setup delete a record page. The below code I put together doesn't seem to work. | <?$delid=$_GET['delid'];echo $delid;if(isset($_POST['submit'])){$delquery="DELETE FROM table
form class help (oop php5)
Hidy Ho Neighbors,I'm forcing myself to learn oop/classes for php5. It seems like a good idea for repetitious coding such as with forms. I've been through the oop tutorials here and elswhere in
A rank users order by points
I want to make an insert from table 'rank' , with number (rank) from the cod blow, to fild users.rank ...set @rank := 0;select @rank:=@rank+1 'rank', users.username, users.points from users order by
mysq_num_rows
Hi,I want to use:Code: if(mysql_num_rows($ergebnis2)==2)how can the value 2, be retrieved from the database?example, lets say I have ifCode: (mysql_num_rows($ergebnis2)==$limit)$limit =
limit string by words??
hello all,I was wonder if there is a function to limit a string by the number of words instead of characters?
