| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
Comments:
<0> It's all legal
<1> it's not a site voting thing right?
<2> I fail to see the point of login in one site to access another on.
<0> Its not a login process
<2> Hmmm... Still strange... I wish you luck.
<3> i've got an array("one"=>array("two"=>array("three"=>"","four"=>array("five","six"=>"HERE")))); << how do i get the path to key "six" ? like array("one","two","four","six"); ?
<4> when is the right time to do the stripslashes, when you're displaying data, adding it to a database?
<3> DogWater: only when adding to database
<1> shouldn't need that very often
<4> if someone's name is O'neil?
<3> DogWater: if you dont want the user to input their own html, do htmlspecialchars
<1> STRIPslashes, note
<4> dont want it to be like o\'neil
<1> the db will return the data is has, not twhat you put in th equery
<5> DogWater: As a rule, in my apps, if I see magic_quotes is on, I stripslashes immediately after receiving the data from the user.
<6> DogWater: It's never the right time to call stripslashes, if you have to, then that means that you've added some unneecessarily somewhere
<7> such a complicated question, really :)
<5> Basically, I write my apps to make sure magic_quotes doesn't affect me.
<5> Because, well, it's crap.
<5> It never makes sense to use magic quotes.
<8> And that's why it's getting nuked in PHP6
<7> makes sense for a newbie who doesn't even think about it
<9> but magic quotes is set by default
<1> ooh, that'll break some things :)
<10> hi all, i am looking at my apache web stats, i want to know where these people came from, geo location, is there a program that lets me do that
<5> johndoe: Yes, a long lamented default in PHP history.
<11> mattmcc: among other things :p
<7> goes from on by default to completely removed... that's hot
<2> I think it is off in the optomized ini.
<9> hate magic quotes
<7> default == php.ini-dist
<12> uhm... is there any advantage using consts intead of variables?
<10> not really related to php programming, but i am sure, someone here must have come accross this problem
<7> silas_: they are not affected by scope, and cannot be altered
<4> Well, I guess i'm confused because when you do mysql_escape_string() it adds ''
<11> silas_: not really.
<13> silas_: aren't consts variables?
<12> but no performance issues, right?
<7> oh :)
<5> DogWater: That's a standard way SQL escapes quotes.
<1> DogWater '' is a valid escape for '
<5> More common than using the backslash, really.
<7> php says only for sybase ;-)
<14> any idea why: system("mysqldump"); produces output but system("mysqldump mydatabase"); won't?
<4> So I really dont need to do mysql_escape_string then?
<7> heh
<2> Not really.
<7> hell yes you do
<7> sorry, got a little excited there
<9> what's the best way to handle magic quotes?
<1> disable them?
<2> johndoe: Turn them off.
<14> I always liked having them
<7> turn them off, but if on, stripslashes... then use your database escaping mechanism such as mysql_real_escape...
<2> [fields]: it teaches sloppy programming.
<14> I remember the days of PHP3 where you had to addslashes() and stripslashes() every freakin' variable in every paragraph of code that interacted with mysql
<9> if (get_magic_quotes_gpc()) {
<9> $_REQUEST['abc'] = stripslashes($_REQUEST['abc']);
<9> $_REQUEST['def'] = stripslashes($_REQUEST['def']);
<9> }
<15> <?php echo "<a href=/gezmods/news/index.php?".SID.">Write News</a><br />"; ?>
<15> can someone tell me why it won't echo the session id in the hyperlink?
<7> RocDaMike: the manual states when SID has no value
<6> if (get_magic_quotes_gpc()) { throw new Exception("Oh no, magic quotes is on, turn off immediately."); }
<2> Is the SID set?
<7> SID is magical
<5> MarkR: Why raise an exception? Just stripslashes() and pretend like magic_quotes wasn't on.
<1> hm I didn't know php had that kind of error handling
<16> question: which function is used to get a character from a string maybe something like 'charAt($index)' is it?
<6> mattmcc: Because, it isn't as easy as you might think - you have to deal with all variables and cases, including arrays
<2> str_str()
<15> hmm..
<7> http://us3.php.net/manual/en/security.magicquotes.php talks about all this quote crap
<6> Also, it makes my code smaller
<1> $string[char]
<15> all i did was session_start() and then tried to use SID
<5> MarkR: Sure it is. We have a convenient collection of all data subject to magic_quotes, $_REQUEST.
<14> xcoyote: substr() or just simply $string[5] == the 6th char in the string
<17> hello, im back..
<15> wont that work? im new to php btw
<16> ok
<7> RocDaMike: the php manual talks about it
<0> walterwo1: how do you autosubmit a form?
<15> ok i'll check it out philip
<9> MarkR, can we turn the maguc quotes OFF from php?
<6> mattmcc: Yes, but you have to do a recursive iteration over it. And doing this on $_REQUEST won't affect the others (unless i'm mistaken)
<2> RocDaMike: try session_id();
<14> vooloo: huh? with javascript? onload="document.form.submit();"
<6> johndoe: No, unfortunately you can't turn magic_quotes_gpc off
<9> that's the problem
<5> MarkR: It's a fairly painless operation. And it allows my apps to run on hosts where disabling magic_quotes isn't an option.
<17> i've got a quick question.. i've got my page setup but i cant seem to get href to work.. how would i make a link in this line... >> echo("<tr><td>$artist</td><td>$title</td><td><a href="$download">$download</a></td><td>$preview</td><td>$letter</td><td>$date</td></tr>\n");
<6> But you can detect if it's on, and instruct the site owner to disable it
<2> document.formnamehere.submit(), i believe.
<0> [fields]: but to an external form?
<18> Ecko2056: You have quote problems
<11> MarkR: Or you can just strip slashes and move on with a working application...
<19> !+g8
<6> mattmcc: THat's fine if you're happy. I don't allow my apps to run on hosts where disabling magic_quotes isn't an option :)
<20> Guideline #8) SQL Q's: #sql, #mysql or #postgresql. Apache Q's: #apache. Linux Q's: Either #yourdistro, #linuxhelp or #linpeople. HTML/CSS/JavaScript Q's: #web. Just because some other channel is 'dead' does NOT mean you can ask here.
<5> I'd say easily 75% of my clients in the last five years were hosted somewhere where they weren't allowed to disable it.
<5> I'd rather write my way around magic_quotes than tell them I can't help them.
<17> wow im dumb.. i just saw that
<6> Lateralus: No, if you use stripslashes, you'll get intentional slashes removed
<11> MarkR: That's foolish.
<17> gotta use ' instead
<21> hello
<11> MarkR: eh? No you won't.
<5> MarkR: No. Magic_quotes will have escaped them.
<17> thanks Tresnar_ ;)
<9> most of the hosting doesn't care
<6> Magic quotes is not the only part of php config that my apps are dependent on
<0> walterwo1: oh using that I wont need to use document.location then
<22> is there any way to call functions in echo's "here document" type syntax? like echo <<< EOT .. functioncall($foo) .. EOT;
<15> walterwo1: thanks it worked ;)
<21> is there a way to have multiple constructors in a php4 cl***?
<5> eleusis: No. PHP's approach is to allow functions to take optional arguments.
<7> SID: Constant containing either the session name and session ID in the form of "name=ID" or empty string if session ID was set in an appropriate session cookie.
<21> righto
<2> Vooloo yes, sorry wrong code before.
<7> http://us3.php.net/manual/en/security.magicquotes.disabling.php
<2> RocDaMike: Your welcome.
<7> that example should also deal with $_REQUEST
<18> baldurk: You might be able to get some mileage out of using { } inside there.
<14> any idea why: system("mysqldump"); produces output but system("mysqldump mydatabase"); won't?
<18> Ex: {$my_object->function()}
<6> I don't like to maintain an app with lots of different environments to run in, therefore I'd much prefer just to force them to be correct, then if I ever accidentally install with the wrong setup, it will fail fast, rather than causing problems later
<5> Nobody _likes_ doing it. But I'd rather take the money then tell them their hosting ****s too much for me.
<9> agreed to MarkR
<2> I think you are right MarkR, sort of.
<5> Especially given how commonplace it is, in the case of magic_quotes.
<2> I will make someting work for a customer, for a price, if they ask.
<22> Tresnar: thanks
<6> Ultimately, hosting is very, very cheap, compared to development, so they can jolly well get decent hosting if they want my (IMHO decent) app to work
<7> including extra code to for example mimick magic_quotes_gpc = off is not difficult
<18> At best, it's "Try it and see if it works". I am *sure*, but it seems like the only thing that could work :P
<6> Nevertheless, it's extra code to maintain, and I don't like that
<5> MarkR: Or they can say "Hmm. This developer is requiring us to uproot our website and possibly other services. This other one isn't."
<18> err.. am not *sure* :p
<11> MarkR: if you're too ignorant to write around magic_quotes, you're "app" isn't decent. It's useless.
<23> Has anyone in here ever installed ffmpeg-php ??
<19> ew.
<11> Noel4DMB: why on earth would we?
<6> I'm not too ignorant, I'm too stubborn :)
<2> That is a bit extream, lateralus.
<11> walterwo1: I'm sure you mean "extreme." And it's not, it's the truth.
<23> Lateralus: because it's a good program for creating thumbnails from video?
<9> lol
Return to
#php
or
Go to some related
logs:
wlan0+wth0+gentoo
#bind
emarge command not found
striping quotes from a string perl
ubuntu apt-get base aclocal
wine-esd ubuntu
moustanfii
#perl
String value expected instead of reference
speaketh englisheth
|
|