session_start() should be given at the starting of the file before others
u can include anthing after the session_satrt() functon only
On Fri, 26 Aug 2005, bo wrote:
here is the code for accesscontrol.php which control the access to protected
page, the server gives an error as of
Notice: Unde
here is the code for accesscontrol.php which control the access to protected
page, the server gives an error as of
Notice: Undefined index: uid in E:\www\signup\accesscontrol.php on line 7
Notice: Undefined index: pwd in E:\www\signup\accesscontrol.php on line 8
I tried input username and passw
All versions of ntwdblib.lib has this problem. The problem was introduced
when it was decided to fix another problem haver a char column with value
'aaa ' would be reduced to 'aaa' by the php extension.
I have not tested this issue with the FreeTDS version of this extension
(so far only availabl
I don't think this is an issue with an old vs new ntwdblib.lib. The reason
is because I don't belieeve there is a new ntwdblib.lib. Microsoft has
not made any changes to this library since SQL Server 6.5. Therefore, the
problem lies in the PHP 4.4.0 source code for the mssql extension.
-- bob
O
Estimado veditio,
you wrote:
> I've got a ton of forms that use the $_POST variable to send
> information into the database [...]
> Any suggestions on how to tighten up the form security, or does
> magic_quotes help enough?
I'm not a security expert but after some attacks I have implemented
this
Haha.. what the hell? Ok, I know this is an older copy of the script I wrote
because I know I took out the "All this does is escape the data" comment and I
KNOW I saw the thing about mysql_escape_string() being deprecated... don't
know why it's still in there. Hah
Thanks for pointing that out
NOTE:
http://www.php.net/mysql_escape_string
"Version: 4.3.0
Description: This function became deprecated, do not use this
function. Instead, use mysql_real_escape_string()."
Jordan
On Aug 25, 2005, at 2:15 PM, <[EMAIL PROTECTED]> [EMAIL PROTECTED]> wrote:
Using mysql_escape_string shoul
I'm pretty amateur at this too, but have done a little reading on the subject.
Here's some nuggets to ponder while the real experts write their responses: :)
1. Magic quotes + mysql_escape_string = double escaped stuff. I think the
general opinion is the magic quotes is evil, but I'm sure some
Greetings all:
Using PHP 4.3.xx and MySQL 4.1 (and 3.xxx sometimes).
I've got a ton of forms that use the $_POST variable to send information into
the database, and I'm worried about injection attacks.
My server has magic_quotes enabled, which I thought would handle most things,
but am wonderi
I've found that since PHP 4.3.4 many people had problems with MSSQL
extension.
PHP developers are saying that is problem with MS libraries, and there
is no possibility to fix it in PHP:
http://bugs.php.net/bug.php?id=29292&edit=1
http://bugs.php.net/bug.php?id=26315&edit=1
Right now I'm using P
10 matches
Mail list logo
