My PHP Video Tutorials - Page 2 - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Programming
Click Here to Login
Reply
 
Thread Tools Display Modes
 
Old 03-09-2009, 02:27 PM   #11 (permalink)
Bake a Pretty Cake!
 
Spit-wad's Avatar
 
Join Date: Jun 2008
Posts: 904
Default Re: My PHP Video Tutorials

well since I don't know the syntax, the actual code was a bit over my head cuz you went pretty fast... but I can just go back and pause to look at it, so that's not a problem

basically had more trouble understanding the general setup of the whole thing... i think i just need to read up a bit, np
__________________

__________________
Spit-wad is offline   Reply With Quote
Old 03-09-2009, 03:08 PM   #12 (permalink)
Techie Beyond Description
 
veg1992's Avatar
 
Join Date: Dec 2006
Posts: 19,993
Default Re: My PHP Video Tutorials

I subscribed to this.. I need this
__________________

__________________
I do not accept help requests and/or deleted threads/complaints by PM, Profile or IM/Email. Just ask on the forums! Also, I do have Lockerz invites if you want them, feel free to PM me your email if you want one :0

If I help you, or you just like what I said, rep me by clicking the
or under my avatar; it helps me know that my advice actually helped you.


.. But things don't go according to plan! My Actual Rig, 2009:
veg1992 is offline   Reply With Quote
Old 03-09-2009, 07:03 PM   #13 (permalink)
Seg Fault'n
 
Join Date: Jul 2005
Location: The dried husk where America came from
Posts: 5,801
Default Re: My PHP Video Tutorials

Good tutorials there but it looks like login.php is vulnerable to SQL injection.
__________________


There are in order of increasing severity: lies, darn lies, statistics, and computer benchmarks. - diskinfo man page
"Get your money and let's go to court!" - Craig Mudie, MS
kmote is offline   Reply With Quote
Old 03-09-2009, 10:32 PM   #14 (permalink)
Wizard Techie
 
CrazeD's Avatar
 
Join Date: Feb 2006
Location: Maine
Posts: 3,736
Send a message via AIM to CrazeD Send a message via MSN to CrazeD
Default Re: My PHP Video Tutorials

Quote:
Originally Posted by kmote View Post
Good tutorials there but it looks like login.php is vulnerable to SQL injection.
As it is only a basic tutorial, I didn't do much with security. However, mysql_escape_strings will pretty much eliminate SQL injection, by escaping any illegal characters. If you wanted to take it a bit further, you could use some regex to custom filter the data before you do any queries.
__________________

Intel Q9400 | Gigabyte EP45-UD3P | G.Skill 2x2GB DDR2 1000 | XFX HD5870

Need website help? PM me!
CrazeD is offline   Reply With Quote
Old 03-10-2009, 09:07 AM   #15 (permalink)
Seg Fault'n
 
Join Date: Jul 2005
Location: The dried husk where America came from
Posts: 5,801
Default Re: My PHP Video Tutorials

I just checked again and actually I now think you are safe with what you have. I should think then type lol.
__________________


There are in order of increasing severity: lies, darn lies, statistics, and computer benchmarks. - diskinfo man page
"Get your money and let's go to court!" - Craig Mudie, MS
kmote is offline   Reply With Quote
Old 03-10-2009, 06:26 PM   #16 (permalink)
Bake a Pretty Cake!
 
Spit-wad's Avatar
 
Join Date: Jun 2008
Posts: 904
Default Re: My PHP Video Tutorials

Do you have to pay for the MySQL stuff?
__________________
Spit-wad is offline   Reply With Quote
Old 03-10-2009, 06:56 PM   #17 (permalink)
Seg Fault'n
 
Join Date: Jul 2005
Location: The dried husk where America came from
Posts: 5,801
Default Re: My PHP Video Tutorials

Nope, nor do you have to pay for apache or PHP.
__________________


There are in order of increasing severity: lies, darn lies, statistics, and computer benchmarks. - diskinfo man page
"Get your money and let's go to court!" - Craig Mudie, MS
kmote is offline   Reply With Quote
Old 03-10-2009, 07:20 PM   #18 (permalink)
Bake a Pretty Cake!
 
Spit-wad's Avatar
 
Join Date: Jun 2008
Posts: 904
Default Re: My PHP Video Tutorials

what do I need to download? I found some things that said 30-day trial, which made me ask that question.
__________________
Spit-wad is offline   Reply With Quote
Old 03-10-2009, 10:08 PM   #19 (permalink)
It's all just 1s and 0s
 
office politics's Avatar
 
Join Date: Jan 2004
Location: in the lab
Posts: 6,555
Send a message via MSN to office politics
Default Re: My PHP Video Tutorials

Quote:
Originally Posted by CrazeD View Post
As it is only a basic tutorial, I didn't do much with security. However, mysql_escape_strings will pretty much eliminate SQL injection, by escaping any illegal characters. If you wanted to take it a bit further, you could use some regex to custom filter the data before you do any queries.
i did a quick search and found the following thread. The posters say mysql_real_escape_strings is more secure.

I'm wondering if it would be possible to run subqueries. i think you need parathenses.

PHP Code - Help Needed - Dev Shed


edit - here's a read for ya

Reviewing Code for SQL Injection - OWASP
office politics is offline   Reply With Quote
Old 03-10-2009, 10:25 PM   #20 (permalink)
Wizard Techie
 
CrazeD's Avatar
 
Join Date: Feb 2006
Location: Maine
Posts: 3,736
Send a message via AIM to CrazeD Send a message via MSN to CrazeD
Default Re: My PHP Video Tutorials

Quote:
Originally Posted by Spit-wad View Post
what do I need to download? I found some things that said 30-day trial, which made me ask that question.
A Guide to Installing Apache, PHP, MySQL, and PHPMyAdmin on Windows

Here you go.

@ office_politics:

mysql_real_escape_string doesn't make a difference for the standard latin1 character set. Its only difference is that it escapes for more character sets.

Also, by subqueries, do you mean multiple queries? You need to use PHP's mysqli for that.
__________________

__________________

Intel Q9400 | Gigabyte EP45-UD3P | G.Skill 2x2GB DDR2 1000 | XFX HD5870

Need website help? PM me!
CrazeD is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hello TF Guys, Gals, and Members -- WE ARE MOVING Larry Forum Admin, Announcements & Feedback 35 08-18-2008 04:15 AM



Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 03:52 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.