My PHP Video Tutorials

well since I don't know the syntax, the actual code was a bit over my head cuz you went pretty fast... but I can just go back and pause to look at it, so that's not a problem

basically had more trouble understanding the general setup of the whole thing... i think i just need to read up a bit, np
 
Good tutorials there but it looks like login.php is vulnerable to SQL injection.

As it is only a basic tutorial, I didn't do much with security. However, mysql_escape_strings will pretty much eliminate SQL injection, by escaping any illegal characters. If you wanted to take it a bit further, you could use some regex to custom filter the data before you do any queries.
 
what do I need to download? I found some things that said 30-day trial, which made me ask that question.
 
As it is only a basic tutorial, I didn't do much with security. However, mysql_escape_strings will pretty much eliminate SQL injection, by escaping any illegal characters. If you wanted to take it a bit further, you could use some regex to custom filter the data before you do any queries.

i did a quick search and found the following thread. The posters say mysql_real_escape_strings is more secure.

I'm wondering if it would be possible to run subqueries. i think you need parathenses.

PHP Code - Help Needed - Dev Shed


edit - here's a read for ya

Reviewing Code for SQL Injection - OWASP
 
what do I need to download? I found some things that said 30-day trial, which made me ask that question.

http://www.techist.com/forums/f11/guide-installing-apache-php-mysql-phpmyadmin-windows-200591/

Here you go.

@ office_politics:

mysql_real_escape_string doesn't make a difference for the standard latin1 character set. Its only difference is that it escapes for more character sets.

Also, by subqueries, do you mean multiple queries? You need to use PHP's mysqli for that.
 
Back
Top Bottom