2010/8/27 Jan G.B. ro0ot.w...@googlemail.com:
But make sure the other code which we don't see
- does not outpot any _POST / _GET / _REQUEST / _COOKIE variables
without encoding the contents (f.e. htmlspecialchars), or
- does not send and user supplied data without scaping the sb-related
2010/8/25 Paul M Foster pa...@quillandmouse.com:
On Wed, Aug 25, 2010 at 01:05:12PM -0400, David Mehler wrote:
Hello,
Thanks to all who answered my quotes question. I've got another one.
I've got several combo boxes that are sticky, below is an example of
one and the function. Now i'd like
At 3:59 PM +0100 8/25/10, Ashley Sheridan wrote:
2.4 seconds doesn't seem so bad on 10 million iterations, but yes, it
does show that you should avoid it if it's really not necessary. Most
often I'll use that sort of syntax if I do something like this:
$greeting = Hello $name, not seen you
Hello,
I've got two questions. I'm having to redo my form. Can you tell me
the difference if any between these two lines of code? This is for
output filtering.
textarea name=description ?php echo htmlout($description); ?/textarea
textarea name=description?php echo htmlout($description); ?
On Wed, 2010-08-25 at 10:24 -0400, David Mehler wrote:
Hello,
I've got two questions. I'm having to redo my form. Can you tell me
the difference if any between these two lines of code? This is for
output filtering.
textarea name=description ?php echo htmlout($description);
?/textarea
From: David Mehler
I've got two questions. I'm having to redo my form. Can you tell me
the difference if any between these two lines of code? This is for
output filtering.
textarea name=description ?php echo htmlout($description);
?/textarea
textarea name=description?php echo
Speed difference is substantial:
### Test 1:
$message1 = asdf werqwe;
for ($i=0; $i1000; $i++) {
$message2 = $message1;
}
### Takes 1,1 seconds (on machine tested)
### Test2:
$message1 = asdf werqwe;
for ($i=0; $i1000; $i++) {
$message2 = $message1;
}
### Takes 2,4 seconds (on
On Wed, 2010-08-25 at 16:48 +0200, Bostjan Skufca wrote:
Speed difference is substantial:
### Test 1:
$message1 = asdf werqwe;
for ($i=0; $i1000; $i++) {
$message2 = $message1;
}
### Takes 1,1 seconds (on machine tested)
### Test2:
$message1 = asdf werqwe;
for ($i=0;
function html($text)
{
return htmlentities($text, ENT_QUOTES, 'UTF-8');
}
function htmlout($text)
{
return html($text);
}
Possibly irrelevant, and definitely not related to your questions, but
is it just me or is htmlout() a useless function? Why not just call
html()
2010/8/25 Marc Guay marc.g...@gmail.com:
function html($text)
{
return htmlentities($text, ENT_QUOTES, 'UTF-8');
}
function htmlout($text)
{
return html($text);
}
Possibly irrelevant, and definitely not related to your questions, but
is it just me or is htmlout() a
Hello,
Thanks to all who answered my quotes question. I've got another one.
I've got several combo boxes that are sticky, below is an example of
one and the function. Now i'd like to tighten it up by ensuring that
an external user can't inject values other than value1 or value2 in to
the script.
On Wed, Aug 25, 2010 at 01:05:12PM -0400, David Mehler wrote:
Hello,
Thanks to all who answered my quotes question. I've got another one.
I've got several combo boxes that are sticky, below is an example of
one and the function. Now i'd like to tighten it up by ensuring that
an external user
12 matches
Mail list logo