On Sun, Nov 30, 2008 at 11:48 AM, Fred Silsbee wrote:
> problem solved...used a session:
[...]
> any harm in this?
Session hijacking is possible, though you can take steps to minimize the risk.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.ph
On Thu, Nov 27, 2008 at 5:02 PM, Ron Piggott <[EMAIL PROTECTED]> wrote:
> I am wondering how my PHP script may access the value of value of
> $_POST['submit']. At present echo $_POST['submit']; doesn't give me a
> value. Consequently all queries to the mySQL database fail.
Ron, is your AJAX requ
On Thu, Nov 27, 2008 at 11:19 AM, Bastien Koert <[EMAIL PROTECTED]> wrote:
> 2. It is possible to use the application to handle the keys instead of the
> database, it involves more work around key checking / validation before
> creating or updating records, but it can be done if the INNODB table ty
-- Forwarded message --
From: Fergus Gibson <[EMAIL PROTECTED]>
Date: Fri, Nov 28, 2008 at 12:47 AM
Subject: Re: Fwd: Fwd: [PHP-DB] MySQLi connections
To: "J. Hill" <[EMAIL PROTECTED]>
On Wed, Nov 26, 2008 at 9:38 PM, J. Hill <[EMAIL PROTECTED]> wro
On Wed, Nov 26, 2008 at 1:45 PM, Chris <[EMAIL PROTECTED]> wrote:
>> It's bad if you ever want to use something other than mysqli! Imagine
>> your company switching to another database server. You'd have to
>> rewrite code in hundreds of functions!
[...]
> You're going to have a lot more problems
-- Forwarded message --
From: Fergus Gibson <[EMAIL PROTECTED]>
Date: Wed, Nov 26, 2008 at 11:55 AM
Subject: Re: Fwd: [PHP-DB] MySQLi connections
To: "J. Hill" <[EMAIL PROTECTED]>
On Tue, Nov 25, 2008 at 3:12 PM, J. Hill <[EMAIL PROTECTED]> wrote:
>
-- Forwarded message --
From: Fergus Gibson <[EMAIL PROTECTED]>
Date: Wed, Nov 26, 2008 at 11:50 AM
Subject: Re: [PHP-DB] MySQLi not closing connections
To: Jonathan Langevin <[EMAIL PROTECTED]>
On Wed, Nov 26, 2008 at 10:36 AM, Jonathan Langevin
<[EMAIL PROTECT
-- Forwarded message --
From: Fergus Gibson <[EMAIL PROTECTED]>
Date: Wed, Nov 26, 2008 at 11:34 AM
Subject: Re: Fwd: [PHP-DB] MySQLi not closing connections
To: Chris <[EMAIL PROTECTED]>
On Tue, Nov 25, 2008 at 1:39 PM, Chris <[EMAIL PROTECTED]> wrote:
On Tue, Nov 25, 2008 at 10:27 AM, Jack Mays <[EMAIL PROTECTED]> wrote:
> I'm not sure why the connections are staying open, but I would suggest using
> mysqli_real_connect with the flag to timout connections.
[...]
> If this is way off base, let me know.
Jack, I think Jon shouldn't implement this
Darn it. Didn't change the e-mail recipient to be the list.
-- Forwarded message --
From: Fergus Gibson <[EMAIL PROTECTED]>
Date: Tue, Nov 25, 2008 at 12:02 PM
Subject: Re: [PHP-DB] MySQLi not closing connections
To: Jonathan Langevin <[EMAIL PROTECTED]>
On
On Wed, Nov 19, 2008 at 5:55 AM, Alice Wei <[EMAIL PROTECTED]> wrote:
> I am inquiring on this list to see if it is possible to create a script that
> takes multiple update statements without my having to write one "SQL"
> statement for each of the updates.
I'm not sure I understand your questi
On Mon, Nov 17, 2008 at 9:15 AM, Abah Joseph <[EMAIL PROTECTED]> wrote:
> The question came to my mind is, How did large website like Yahoo handle
> such data? Sure. Yahoo users may be more than 20 millions users or so.
Very large data sets are often partitioned in some way so that a given
lookup
On Mon, Nov 10, 2008 at 8:49 AM, mignon hunter <[EMAIL PROTECTED]> wrote:
> One other question. Our current site is written in jsp with Oracle. I'd like
> to use PHP. Do you have any thoughts on this?
Your post, mignon, was pretty clearly directed to Christopher, but I
hope neither of you will be
On Sun, Nov 9, 2008 at 11:58 AM, TG <[EMAIL PROTECTED]> wrote:
> Shared hosting is fine.. I don't mind a little "slow" every now and then.
> For what this customer needs, a full dedicated server is total overkill.
>
> But the big problem here is that if you exceed a certain amount of CPU and/or
> s
On Wed, Nov 5, 2008 at 2:17 PM, Chris <[EMAIL PROTECTED]> wrote:
> Too many customers on the same server imo. 600 hits a day is nothing and if
> it takes 7 secs to update one column, that's just plain ridiculous.
I agree with this consensus, and I agree that it's not clear how you
would "prove" th
On Fri, Nov 7, 2008 at 3:39 PM, Christopher Jones
<[EMAIL PROTECTED]> wrote:
>
> mignon hunter wrote:
>> I'm am trying to find some definitive best practises on database
>> connections with php on both mysql and oracle.
Most security issues come back to a simple concept. Assume anything
in your s
On Sun, Oct 19, 2008 at 5:38 PM, <[EMAIL PROTECTED]> wrote:
[...]
> First method is slower but more secure. Second is speediest but it can
> have more failures because are session vars or cookies. It depends of
> your control errors and also the visits profile.
I'm not sure what you're trying to
2008/10/10 Post-No-Reply TUDBC <[EMAIL PROTECTED]>:
> By using TUDBC (http://www.tudbc.org), you can call stored procedures
> easily.
Your post was an excellent answer to the question, "How do I call
stored procedures easily with TUDBC?" Unfortunately, that is not what
the original poster asked.
Every time I post I get this e-mail:
"Halo [EMAIL PROTECTED],
Kami mengirim email ini untuk menyampaikan bahwa grup yang Anda coba
hubungi (donkomo) tidak ada atau Anda tidak memiliki izin untuk mengirim
pesan ke grup itu. Ada beberapa kemungkinan mengapa hal ini terjadi:
[etc.]"
I have no i
Jason Pruim wrote:
I plan to wrap the $_POST's into something to protect against some
issues like that. But this was a proof of concept for the boss so it
just needed to be up quickly to see if it was something we wanted to go
ahead with :)
Well, no worries about that then. We're just lookin
YVES SUCAET wrote:
> One suggestion: you may want put mysql_real_escape_string() wrappers
around
> all those $_POST[] fields to prevent SQL hijacking of your site.
[...]
>mysqli_query($link, $sql) or die("Could not update..." .
Yves, he's using mysqli, not mysql. You should not mix those f
Hi, Jason. Do you realize this code is wide open for an SQL injection
attack? The problem could easily be addressed by using a prepared query
instead. For more details, check the mysqli documentation.
Jason Pruim wrote:
The problem is when I am attempting to update some of the info, it
era
Mad Unix wrote:
Any help concerning installing PDFLib on PHP5.x APACHE2.x. with RHEL4
http://www.php.net/manual/en/pdf.setup.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
23 matches
Mail list logo
