According to an O'Reilly PHP book I have, setting variables_order to "ES" is
safer, but that one will need to create global variables, not rely on them
being created.
Fair enough. But why does setting variables_order to ES cause the following
to break, even though it is what O'Reilly recommends? The "id" variable is
unpopulated. I have PHP 4.3.4 on Linux.
$id = clean($_GET['id'],5);
$result = mysql_query("SELECT * FROM my_table where id = $id",$db);
$myrow = mysql_fetch_array($result);
3  2672 
> $id = clean($_GET['id'],5);
$result = mysql_query("SELECT * FROM my_table where id = $id",$db);
$myrow = mysql_fetch_array($result);
This is what "clean" does, in case that is relevant.
function clean($input, $maxlength)
{
$input = substr($input, 0, $maxlength);
$input = EscapeShellCmd($input);
return ($input);
}
On Tue, 21 Dec 2004 15:29:38 -0500, "Buck Turgidson" <jc***@hotmail.com> wrote: According to an O'Reilly PHP book I have, setting variables_order to "ES" is
safer, but that one will need to create global variables, not rely on them
being created.
Fair enough. But why does setting variables_order to ES cause the following
to break, even though it is what O'Reilly recommends? The "id" variable is
unpopulated. I have PHP 4.3.4 on Linux.
$id = clean($_GET['id'],5);
$result = mysql_query("SELECT * FROM my_table where id = $id",$db);
$myrow = mysql_fetch_array($result);
variables_order has no relation at all with the previous code. It only affects
the deprecated register_globals method of form input, or the $_REQUEST
superglobal.
--
Andy Hassall / <an**@andyh.co.uk> / <http://www.andyh.co.uk>
<http://www.andyhsoftware.co.uk/space> Space: disk usage analysis tool
If $id is unpopulated, your query will be:
SELECT * FROM my_table where id =
which is invalid.
"Buck Turgidson" <jc***@hotmail.com> wrote in message
news:im************@turf.turgidson.com... According to an O'Reilly PHP book I have, setting variables_order to "ES"
is
safer, but that one will need to create global variables, not rely on them
being created.
Fair enough. But why does setting variables_order to ES cause the
following
to break, even though it is what O'Reilly recommends? The "id" variable
is
unpopulated. I have PHP 4.3.4 on Linux.
$id = clean($_GET['id'],5);
$result = mysql_query("SELECT * FROM my_table where id = $id",$db);
$myrow = mysql_fetch_array($result);
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Niyazi |
last post by:
Hi,
We have and IBM AS400 and I belive the reional setting is Turkish. The IBM
Client-Access for Windows that install in our PC (WIN XP SP2) set to Turkish
characters.
Now my PC has English...
|
by: Dixie |
last post by:
Can I set the Format property in a date/time field in code?
Can I set the Input Mask in a date/time field in code?
Can I set the Format of a Yes/No field to Checkbox in code?
I am working on...
|
by: Shravan |
last post by:
Hi,
I have a Windows Forms Custom DataGrid, which is put in a
usercontrol, which on setting DataSource is setting focus
to grid. The call stack for setting the focus is as
follows. This is not...
|
by: junlia |
last post by:
Hi All,
I am working on a project that acts as a bridge. It does some checking with
post xml data, and then redirects the request to an appropriate page.
However, we find that depends on the...
|
by: Dachshund Digital |
last post by:
I know there must be a way to do this... in .NET 2.0?
I have a situation where I know the name of the setting, and want to
pass it into a function, and set or get the corresponding setting.
...
|
by: Ronald S. Cook |
last post by:
In a .NET Windows app, if I set somehting like the title of the form to
"MyApp" at run-time, will that make the app run slightly slower than if I
had set the title at design-time?
Thanks,
Ron
|
by: metaperl |
last post by:
I would like to check the setting of this variable in our MS-SQL 2000
database. Also, is there info on what the default value of this
variable is?
|
by: Andrus |
last post by:
..NET 2 Winforms application.
How to create new setting and set it default value in userSettings section
of app.config file or overwrite existing setting value ?
I found code below in this list...
|
by: PetterL |
last post by:
I have a setting called My.settings.firstrun set to True, set in the setting
manager. When i read this in the first form form_Load in a IF sentence it
always come out as false.
I have tried to...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |
