| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Comments:
<0> ok
<1> nevermind... I remmeberd: eval()
<0> FlEe : you'll have to work around that regexp to get each of the coords in a flat array
<0> but thaat's a good start
<2> m4lu6, eval is evil ;)
<0> definitely
<3> poncha run it. it's harmless.
<0> in france we burn people that use eval()
<2> m4lu6, i even know what it will do, actually would if i had simplxml ;)
<3> uses simplexml to grab a count of US corpses in iraq, prints. i'm stashing it all over my company's website ;)
<2> m4lu6, i dont eval() stuff before looking at it :)
<0> why using eval by the way ?
<0> isn't try / catch better ?
<2> Torgan__, so he can tempt people running the code :)
<0> devil, temptation... :)
<3> mouhaha
<2> ...the day is over, the work is done, and i'm still sober, which means i'm gone... ;)
<2> hehe
<4> If the webmaster needs to manage a bunch of scripts that rely on other dynamic scripting, how would you execute those scripts ?
<1> when using preg_replace_callback... how do I reference the callback method being a member of an object?
<1> specificly, a member of the current object ($this)
<5> array($obj,'method') I think
<1> ok let me try that
<6> ee99ee, http://http://php.net/callback
<6> err.
<5> heh
<6> http://php.net/callback
<4> Torgan__, do you have a link on try..catch ?
<6> T-Start, http://php.net/exceptions
<7> writeboard is crap
<8> hello
<9> \d+(,\d+)*$
<9> what does that reg ex mean?
<4> Can anyone tell me why eval() would be crap ? Note that if you let random users give some random input that you run in eval(), that's just crappy programming but does not make eval() crap.
<10> one or more digits, followed by zero or more of: comma followed by one or more digits
<10> FlEe: ^
<11> number followed by , and any amount of numbers optionally
<12> FlEe: One or more digits followed by zero or more of: a comma followed by one or more digits, and then the end
<12> Wow, my explanation was almost identical to AcidReign's
<10> FlEe: also it must occur at the end of the subject
<10> Nanobot: hah!
<8> hum..
<9> AcidReign: cool, thanks
<13> [18:08:53] <13> i dont read cookies
<13> [18:09:05] <13> if ( isset($_COOKIE['bbsessionhash']) ) $hash = mysql_real_escape_string(htmlspecialchars($_COOKIE['bbsessionhash']));
<13> [18:09:14] <13> this is working on firefox and opera
<13> [18:09:21] <13> but dont working ie
<9> i have a bunch of links on an HTML page in the format of an Image Map that I need to extract
<9> they are in this format:
<9> <AREA shape=POLY target=_blank alt=Koochiching coords=180,69,219,77,221,87,236,85,257,146,221,152,181,151 href="http://www.brokendomain.com/index.asp?Type=B_BASIC&SEC={168EADF9-DD00-472D-85D9-94E0E90D164C}">;
<9> i need a regex to extract just the link out of this string
<14> something like /\Shref=\".+\"\S/
<14> something like that, its a total guess thoughj
<15> hmmmm
<15> output handler callback gets an empty buffer all the time. HMMM.
<15> does anyone know if output buffering is broken in 5.1.2?
<16> theres alot of things broken in 1.2
<17> mst: Are you sure you're doing it correctly?
<15> the output handler does get called, but it receives an empty buffer and its return value doesn't affect what's sent to the client
<18> are there any php modules for manipulating ini files ?
<9> what would be a regex to find a string that started with a capital letter and ended with a double quote?
<9> eg: New York"
<9> something like: /^[A-Z]/ ??
<17> qbert: read php.net/parse_ini_file
<19> FlEe: #^[A-Z].*"$#
<17> qbert: There's also the PEAR config package
<18> Dangermouse, thx
<9> hoffie: i tried, but didn't work...what's the "." after [A-Z]?
<19> FlEe: http://php.net/preg_match -> pattern syntax, . is a joker char (matches everything except \n, iirc)
<15> Dangermouse: I init it with ob_start('callback_name'), I have a global function callback_name($foo), which does get called, but $foo is empty and the function's return doesn't affect the actual output
<20> deadroot: thanks for the info earlier.
<9> hoffie: i see...still can't get that regex to match say: Fat tuesday"
<9> hoffie: actually, it works except for the last part: "$
<9> that means, the string ends in a quote?
<21> try "+$ maybe
<22> /^[A-Z].*"$/
<22> /^[A-Z].*"$/
<19> FlEe: works for me.
<19> is this the whole string?
<23> how is the logic of getting array of this: $rs=$con->query("SELECT ToCa_ID, ToCa_Name FROM tour_category WHERE ToCa_Name!='$temp_tour_category_enabled[$i]'"); The problem is is $temp_tour_category_enabled[$i] is an array :(
<23> i try create like this: http://pastebin.com/732991 but this is not work :(
<23> please give me some tips..
<22> CyberMad: If you enjoy sql injection attacks and not having prepared querrys
<9> hoffie: you're right it does work with just that being the string...my problem is I have:
<23> EvanCarroll oh yeah, btw how to protect it?
<9> New york" coords="32,23"
<22> CyberMad: Use a language that does't ****.
<15> da,mot
<15> I mean damnit
<9> That's the whole string, but I just want to match: New york"
<15> the systems guy decided to reroute the network through another gate, yey
<22> CyberMad: or do something like gpc magic quotes
<15> Dangermouse: you were saying?
<23> EvanCarroll sorry, what do you mean.. please more detail
<22> CyberMad: I mean you should use a real language like Ruby or Perl.
<23> EvanCarroll why php?
<24> EvanCarroll: php is a real language.
<9> hoffie: so the logic would be: match all that starts with a capital letter and ends with a quote and ignore the rest of the string
<17> mst: I wasn't really. I just meant you should check you're doing it correctly before thinking it's broken :P
<22> php is a horrable collection of 4000 functions.
<15> Dangermouse: I am. The callback gets called.
<21> i disagree
<22> thats like saying the yellow pages is a language.
<15> EvanCarroll: I think you misspelled "awesome"
<21> <3 php
<17> mst: Thats great then :)
<5> EvanCarroll - then don't use it. and leave. you're not in #ruby or #perl.
<21> and
<23> so where is the sql injection hole in my script?
<22> I told him the PHP way too..
<15> Dangermouse: except it gets called with an empty buffer and doesn't in any way affect the output. So as far as I'm concerned, it's broken.
<24> EvanCarroll: whether or not you like it is irrelevant to the fact that it is a language.
<22> gpc magic quotes or something
<21> i don't agree with bashing php and convincing people to switch to othe cgi languages in ##php
<24> EvanCarroll: if you came here to troll, you will be ejected.
<17> Stop feeding the trolls ;p
<23> damn.. is he talking about security hole in my script or what??
<5> Dangermouse - but it's fuuuuun
<6> php is crap \o/ :)
<21> Cybermad, yeah its easily remedied tho
<21> much more easily than in ruby or perl
<19> FlEe: then skip the $
<22> hahah
<15> EvanCarroll: a language is not a means to an end, it is a tool that is particularly suited for certain type of tasks. Saying that perl is better or worse than PHP is stupid and people who fail this question at my interviews do not get hired.
<25> is there a function for padding zeros onto a number. I want to display a month '<select'> and have months formatted like '01', '02', ... rather than '1', '2', ...
<21> CyberMad, what db are you using there? pear db?
<23> cythrawl where is the hole in my script.. would you tell me where and how do i fix it?
<24> wilsby: str_pad
<15> wilsby: sprintf can do that
<6> wilsby, sprintf
<19> wilsby: number_format, (s)prinft
<19> *printf
<25> hehe
<15> oh yeah str_pad()
<18> wilsby, , date('m')
<25> thank you everyone
<23> cythrawl mysql
<25> lots of ways to do it then
<25> number_format can't do it ;-) that is all I know
<21> Cybermad wrap any variables cocatenated in a sql query in mysql_real_escape_string()
<26> CyberMad: Use mysql_escape on $temp_tour_category_enabled[$i]
<27> If an XML stream is sent via HTTP POST, does that mean I can do $_POST['XMLKey']? It's a little confusing as there are parents and children in XML.
<18> mst you use perl at your place ?
<23> oh.. ok :)
<15> qbert: for backend maintenance tasks
<15> qbert: Systems uses it a lot. Some of data mining and aggregation is done in perl.
<26> CyberMad: cythrawl probably has the right function name :)
<5> lightbringer - if an XML stream is sent in a POST, you'll have to parse it yourself
<21> for example: "INSERT * INTO table VALUES('".mysql_real_escape_string($var)."')"
<15> qbert: the MTAs use perl mail plugins customized by us
Return to
#php
or
Go to some related
logs:
GLIBCXX 3.4.6
spivak a first course in complex variables
A* algorithm for 8puzzle +python
generic postscript driver for Docucolor 3535
#mysql
#perl
two keyboards linux xorg.conf
#openzaurus
hidden /b/ 4chan
explorer vanishing div
|
|