At 4:01 PM -0400 9/11/07, Jason Pruim wrote:
Son of a Bitch... Soon as I closed that down at line 265 the search
now isn't redirecting to edit.php Do you debug by hand? Or do
you have something that helps you to do that? I've been tearing my
hair out for hours trying to find that and I coul
On 9/11/07, brian <[EMAIL PROTECTED]> wrote:
> e: (my personal opinion) Using echo() to spit out HTML will lead to
> *much* heartache and gnashing of teeth. Put a closing PHP tag ("?>") in
> there and let the parser spit out the markup without echo().
i think this is quite opposite. i prefer echo'
Jay Blanchard wrote:
So Jason you learned three valuable lessons today.
a. plan your code (use paper and pencil or something like it)
b. always account for security
c. comment properly
I'll add two more:
d: Check the source that your script outputs. Send it to the W3C
validator (WebDevelop
[snip]
Son of a Bitch... Soon as I closed that down at line 265 the search
now isn't redirecting to edit.php Do you debug by hand? Or do you
have something that helps you to do that? I've been tearing my hair
out for hours trying to find that and I couldn't see it...
[/snip]
Debugged by
On Sep 11, 2007, at 4:02 PM, Jay Blanchard wrote:
[snip]
I took a look and now I can't get my eyes to stop bleeding. The
horror,
the horror! Mixed PHP/HTML is yucky :)
[/snip]
8^{)}
Undoubtedly things could be organized better. Jason did you just sit
down and code or did you walk it throug
On Sep 11, 2007, at 3:59 PM, Jay Blanchard wrote:
[snip]
Edit is the
ONLY reference to edit.php in the entire code of that page.
[/snip]
No it isn't. edit.php shows up a couple of times, not the least of
which
is row 218;
echo "";
Do you know where the closing form tag is for this? Line
[snip]
I took a look and now I can't get my eyes to stop bleeding. The horror,
the horror! Mixed PHP/HTML is yucky :)
[/snip]
8^{)}
Undoubtedly things could be organized better. Jason did you just sit
down and code or did you walk it through with paper and pencil (or
notepad even)?
--
PHP Genera
On Sep 11, 2007, at 3:58 PM, Robert Cummings wrote:
On Tue, 2007-09-11 at 15:42 -0400, Jason Pruim wrote:
It redirects before any output of $search is visible.
I put it up as a .txt file at: raoset.com/oldb/index.txt for anyone
who wants to see the code...
I took a look and now I can't get m
[snip]
> Edit is the
> ONLY reference to edit.php in the entire code of that page.
[/snip]
No it isn't. edit.php shows up a couple of times, not the least of which
is row 218;
echo "";
Do you know where the closing form tag is for this? Line 288. If you
look at your source with the search form i
On Tue, 2007-09-11 at 15:42 -0400, Jason Pruim wrote:
> It redirects before any output of $search is visible.
> I put it up as a .txt file at: raoset.com/oldb/index.txt for anyone
> who wants to see the code...
I took a look and now I can't get my eyes to stop bleeding. The horror,
the horror! M
On Tue, 2007-09-11 at 15:42 -0400, Jason Pruim wrote:
>
> Total length is 293 lines.
>
> It redirects before any output of $search is visible.
> I put it up as a .txt file at: raoset.com/oldb/index.txt for anyone
> who wants to see the code...
>
> I know it repeats it's self, but I couldn't fig
[snip]
Total length is 293 lines.
It redirects before any output of $search is visible.
I put it up as a .txt file at: raoset.com/oldb/index.txt for anyone
who wants to see the code...
I know it repeats it's self, but I couldn't figure out how to get it
to log in and stay logged in right with
On Tue, 2007-09-11 at 15:20 -0400, Jason Pruim wrote:
>
> echo "Export to Excel A>LogoutAdd
> Record";
> echo "Total Records: $num_rows";
While you're trying to clean up your security approach you might also
spend a little time cleaning up your HTML. Your lack of a consistent
discipline for tag
On Sep 11, 2007, at 3:37 PM, Jay Blanchard wrote:
[snip]
Correct. PHP_SELF refers to index.php which is the page that the
search is happening on. a few lines above that there is a reference
to edit.php and here is the code for it:
Sorry for the long cut/paste, but I thought it was important to
[snip]
Correct. PHP_SELF refers to index.php which is the page that the
search is happening on. a few lines above that there is a reference
to edit.php and here is the code for it:
Sorry for the long cut/paste, but I thought it was important to try
and provide it in context, and the line whe
On Sep 11, 2007, at 2:59 PM, Stut wrote:
Jason Pruim wrote:
On Sep 11, 2007, at 2:10 PM, Stut wrote:
Jason Pruim wrote:
On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote:
Also read http://en.wikipedia.org/wiki/SQL_injection
I have read about SQL injection, and I will be scrubbing the
data b
On Sep 11, 2007, at 2:57 PM, Jay Blanchard wrote:
There is no redirection to edit.php? You're calling PHP_SELF so it
should not go anywhere else. Is there any mention of edit.php in the
code?
Correct. PHP_SELF refers to index.php which is the page that the
search is happening on. a few l
[snip]
The problem is there's not... At least there's not supposed to be.
The end result that I want is for the search results to end up on the
same page if possible... edit.php is a script I use for editing records.
Maybe I should just do it on a separate page... It might be easier
for disp
Jason Pruim wrote:
On Sep 11, 2007, at 2:10 PM, Stut wrote:
Jason Pruim wrote:
On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote:
Also read http://en.wikipedia.org/wiki/SQL_injection
I have read about SQL injection, and I will be scrubbing the data
before searching but the search is only avai
On 9/11/07, Jason Pruim <[EMAIL PROTECTED]> wrote:
> echo $qstring; produces: SELECT * FROM current WHERE FName like '%%'
> or LName like '%%' or Add1 like '%%' or Add2 like '%%' or City like '%
> %' or State like '%%' or Zip like '%%' or XCode like '%%' Which is
> correct except for it being empt
On Sep 11, 2007, at 2:32 PM, Jay Blanchard wrote:
[snip]
echo $qstring; produces: SELECT * FROM current WHERE FName like '%%'
or LName like '%%' or Add1 like '%%' or Add2 like '%%' or City like '%
%' or State like '%%' or Zip like '%%' or XCode like '%%' Which is
correct except for it being emp
[snip]
echo $qstring; produces: SELECT * FROM current WHERE FName like '%%'
or LName like '%%' or Add1 like '%%' or Add2 like '%%' or City like '%
%' or State like '%%' or Zip like '%%' or XCode like '%%' Which is
correct except for it being empty.
I tried to echo $search, but since it redire
On Sep 11, 2007, at 1:58 PM, Jay Blanchard wrote:
[snip]
I fixed that but the problem still remains... When I preform the
search I get redirected from index.php to edit.php and can't see
where that would happen.
[/snip]
echo $qstring;
$search is not NULL because $search is equal to $_GET["sea
On Sep 11, 2007, at 2:10 PM, Stut wrote:
Jason Pruim wrote:
On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote:
Also read http://en.wikipedia.org/wiki/SQL_injection
I have read about SQL injection, and I will be scrubbing the data
before searching but the search is only available after logging
Jason Pruim wrote:
On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote:
Also read http://en.wikipedia.org/wiki/SQL_injection
I have read about SQL injection, and I will be scrubbing the data before
searching but the search is only available after logging into the
system. No one who isn't logge
[snip]
I fixed that but the problem still remains... When I preform the
search I get redirected from index.php to edit.php and can't see
where that would happen.
[/snip]
echo $qstring;
$search is not NULL because $search is equal to $_GET["search"]. $search
may be empty though.
--
PHP Genera
On Sep 11, 2007, at 1:22 PM, Instruct ICC wrote:
From: Jason Pruim <[EMAIL PROTECTED]>
Here is the relevant code (I think...)
$search = $_GET["search"];
$self = $_SERVER['PHP_SELF'];
$qstring = "SELECT * FROM current WHERE FName like '%$qstring%'
or LName like '%$qstring%' or Add1 like '%$q
From: Jason Pruim <[EMAIL PROTECTED]>
Here is the relevant code (I think...)
$search = $_GET["search"];
$self = $_SERVER['PHP_SELF'];
$qstring = "SELECT * FROM current WHERE FName like '%$qstring%' or LName
like '%$qstring%' or Add1 like '%$qstring%' or Add2 like '% $qstring%' or
City like '%$
Hi Everyone :)
I am attempting to add the ability to search a online database, and I
thought that I have the code right, but apparently it's not...
Here's the problem, when I type jason in the search box and hit go
it brings me to edit.php?search=jason which displays nothing since
edit.p
29 matches
Mail list logo
