| |
by: Reply Via Newsgroup Thanks |
last post by:
Folks,
This questions is directed towards PHP/MySQL folk and relates to escaping
hooks, apostraphe's and other characters that can create a security hole
when writing to databases/files. I've been reading
http://ca2.php.net/manual/en/function.get-magic-quotes-gpc.php and just need
to confirm a couple of things:
If I have magic_quotes_gpc on, and I use addslashes() - Does this in effect
cause me to take security one step forward, and...
|
by: Dave Moore |
last post by:
Hi All,
Can anybody point me to a FAQ or similar that describes what all this
stuff is about please?. I'm interfacing with a MySQL database if that's
relavent. I've read a couple of books which refer to stripslahes and
'escaping' but nothing really explains what these terms are and why these
are used. Why is 'escaping' (whatever that is) used?. What the hell is a
magic quote?. How is it different from a non-magic one?.
Regards,
Dave
|
by: Ian Rastall |
last post by:
Sorry for the double question. I'm having a terrible time figuring out
how to escape apostrophes in my mySQL database. Perhaps they have to
be escaped in the PHP, using mysql_real_escape_string?
This is the code:
http://www.gongfamily.net/code.txt
The page in question is:
|
by: Lisa |
last post by:
I need to apply the HTML formatting tags and the French accented
characters in a XML document. The XML is generated from a database
that has HTML tags and French accented characters in the records.
I have specified <xsl:output method="html"/> and
encoding="iso-8859-1".
When I apply the xsl:value-of and set the disable-output-escaping to
"yes", the HTML formatting tags are displayed correctly, but the
French accented characters are...
|
by: agarwalpiyush |
last post by:
Hello,
I am going nuts with trying to get the following to work:
This is what I intend to do: I have a line in /etc/syslog.conf which I
need to delete based on ip-address provided to me in a variable.
Forgetting that variable part for now .. this is what i want in the
grep command:
grep -suob "\*\.\* *...@172.23.62.12"
|
| |
by: Jon |
last post by:
Hi,
I used XslCompiledTransform with the following Xsl file. The <xsl:text
disable-output-escaping="yes"does not work when using XslCompiledTransform
to do the trnasform (namely the output contain < not <), while it works when
using MSXML2 to do the transform. Does anyone have the same problem and how
to make the escape work? Thanks.
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
|
by: Taras_96 |
last post by:
Hi everyone,
I'm having a bit of trouble understanding the purpose of escaping
nulls, and the use of addcslashes.
Firstly, the manual states that:
"Strictly speaking, MySQL requires only that backslash and the quote
character used to quote the string in the query be escaped. This
function quotes the other characters to make them easier to read in
|
by: wannymahoots |
last post by:
optparse seems to be escaping control characters that I pass as
arguments on the command line. Is this a bug? Am I missing
something? Can this be prevented, or worked around?
This behaviour doesn't occur with non-control characters.
For example, if this program (called test.py):
from optparse import OptionParser
parser = OptionParser()
parser.add_option("-d", dest="delimiter", action="store")
|
by: Fred |
last post by:
if I use mysql_real_escape_string on all INSERT or UPDATE queries, then would
a stored procedure provide any extra protection?
the user has to be granted UPDATE and/or INSERT privileges anyway.
Also, I've just noticed this from the manual: "mysql_real_escape_string()
calls MySQL's library function mysql_real_escape_string".
So for every occasion that I call php's mysql_real_escape_string(), that
results in traffic over the socket (or...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
| |
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
|
