TalkPHP
Home Forums Articles Glossary Awards Register Rules Members Search Today's Posts Mark Forums Read
 
 
 
Account Login
Latest Articles
» The basic usage of PHPTAL, a XML/XHTML template library for PHP
by awuehr on 11-10-2008 in Tips & Tricks
» Vulnerable methods and the areas they are commonly trusted in.
by Village Idiot on 11-04-2008 in Classes & Objects
» Simple way to protect a form from bot
by codefreek on 10-23-2008 in Basic
» The Basics On: How Session Stealing Works
by wiifanatic on 09-12-2008 in Security & Permissions
» How to keep your forms from double posting data
by drewbee on 07-03-2008 in Tips & Tricks
IRC Channel
IRC Speech Bubble Join the friendly bunch on IRC...
(#TalkPHP on Freenode)

...Also available via a web interface.

See this thread for information on the TalkPHP Free Hugs Initiative™. Subject to availability.
Associates
Associates
CSS Tutorials
TalkPHP > Search Forums » Search Results
Showing results 1 to 21 of 21
Search took 0.03 seconds. Search: Posts Made By: Highway of Life
Forum: General 05-23-2008, 09:09 PM
Replies: 9
Views: 846
Posted By Highway of Life
I also use the PHPDoc blocks method of commenting...

I also use the PHPDoc blocks method of commenting code. Using this for functions and class variables primarily.
Normal comments on the rest of the code as people will always need to read the code,...
Forum: General 05-15-2008, 04:05 AM
Replies: 13
Views: 793
Posted By Highway of Life
Those are good suggestions, VI. :-) People...

Those are good suggestions, VI. :-)
People *should* code to make money, I certainly do, but I also love it so much, it’s my hobby as well.
I get my satisfaction by giving back and helping the...
Forum: General 05-14-2008, 11:58 PM
Replies: 4
Views: 1,062
Posted By Highway of Life
You have some SQL Injection vulnerabilities in...

You have some SQL Injection vulnerabilities in that code.
add_slashes() is not a sufficient form of sanitisation. -- You should be using mysql_real_escape_string() for your user input (any...
Forum: General 05-14-2008, 11:49 PM
Replies: 13
Views: 793
Posted By Highway of Life
You might also consider getting involved with an...

You might also consider getting involved with an existing open source project.
There are many out there, and it’s a great way to stay motivated even if you don’t get paid from it.
It’s very difficult...
Forum: General 05-14-2008, 11:41 PM
Replies: 61
Views: 9,894
Posted By Highway of Life
Someone asked me today what the performance...

Someone asked me today what the performance difference would be if they used mysql_real_escape_string() on all of their variable inputs into a database instead of casting to integers for the int...
Forum: General 05-08-2008, 06:51 PM
Replies: 13
Views: 793
Posted By Highway of Life
Sphinx makes a Search plugin that phpBB.com and...

Sphinx makes a Search plugin that phpBB.com and Joomla.org use on their sites. Google searches are good, but they are far from perfect, especially when it relates exactly to the website.
For example,...
Forum: General 05-08-2008, 06:18 PM
Replies: 13
Views: 793
Posted By Highway of Life
I’m not sure if it will help, but who knows,...

I’m not sure if it will help, but who knows, ideas can come from any bit of inspiration. :)
I have a site that contains data on all 50 states of the US, I want to expand the site in such a way that...
Forum: General 05-08-2008, 06:15 PM
Replies: 12
Views: 804
Posted By Highway of Life
Depending on your table, and the data you are...

Depending on your table, and the data you are trying to obtain, you may need a GROUP BY clause, but a COUNT SELECT doesn’t require a GROUP BY in itself.
The data is key, it would depend on what kind...
Forum: General 05-08-2008, 05:51 PM
Replies: 12
Views: 804
Posted By Highway of Life
Ah, pretty much the way you did it... SELECT...

Ah, pretty much the way you did it...
SELECT column1, column2, column3
FROM table_name WHERE column4 = 'some value';
Multiple table queries would need aliases:
SELECT a.column1, a.column2, b.field1,...
Forum: General 05-08-2008, 05:03 PM
Replies: 12
Views: 804
Posted By Highway of Life
Not sure I understand the question. :|

Not sure I understand the question. :|
Forum: General 05-08-2008, 04:47 PM
Replies: 12
Views: 804
Posted By Highway of Life
Have you run benchmarks against them? how do you...

Have you run benchmarks against them? how do you know?
Running them side-by-side, you may not notice a difference, in-fact, you probably won't.
They may slow down by 0.01 seconds, which may seem...
Forum: General 05-07-2008, 05:31 PM
Replies: 12
Views: 804
Posted By Highway of Life
Anything within the $_COOKIE array can easily be...

Anything within the $_COOKIE array can easily be spoofed and become an SQL Injection, it is still user input, so you would need to sanitise the variable before inserting it into your SQL...
Forum: General 05-07-2008, 06:09 AM
Replies: 3
Views: 659
Posted By Highway of Life
Ah, excellent. User IP. :) -- you can validate on...

Ah, excellent.
User IP. :) -- you can validate on the xx.xx.xx only match if you wish, for example some users might have a dynamic IP.
or xx.xx if your security does not have to be that tight, but...
Forum: General 05-07-2008, 05:50 AM
Replies: 3
Views: 659
Posted By Highway of Life
You should be using...

You should be using session_regenerate_id(true);
That will destroy your old sessions.

And yes, session_regenerate_id() is a good method to use, you shouldn’t notice any decrease in execution or...
Forum: General 05-07-2008, 01:28 AM
Replies: 61
Views: 9,894
Posted By Highway of Life
Village Idiot, I don’t think any of us really...

Village Idiot,

I don’t think any of us really care how you create your own code or how you use it. -- Because we don’t use your code.
What we do care about is that you’re telling people that...
Forum: General 05-04-2008, 04:07 AM
Replies: 61
Views: 9,894
Posted By Highway of Life
An SQL injection can occur within any portion of...

An SQL injection can occur within any portion of any SQL Query.
Inserts, Deletes, Updates, and Selects any query that contains user-input is susceptible to SQL Injection.
Even undefined variables in...
Forum: General 05-03-2008, 08:48 PM
Replies: 61
Views: 9,894
Posted By Highway of Life
You know what, It’s poor sport to attack users...

You know what, It’s poor sport to attack users when you lose an argument. You don’t need to put words in my mouth.

I could never teach someone who is not willing to learn or improve their knowledge...
Forum: General 05-03-2008, 06:08 PM
Replies: 61
Views: 9,894
Posted By Highway of Life
Since your code sample is hidden behind 10 SQL...

Since your code sample is hidden behind 10 SQL errors, I am unable to look at it.

You seemed to have missed every point in my post.
Forum: General 05-03-2008, 05:17 AM
Replies: 61
Views: 9,894
Posted By Highway of Life
PHP is a language that is very open to different...

PHP is a language that is very open to different types of coding.
Many good, many bad. There are always multiple ways of doing something in PHP, that’s one reason it is such a great...
Forum: General 05-02-2008, 08:05 PM
Replies: 61
Views: 9,894
Posted By Highway of Life
Claims and or examples are not necessary to...

Claims and or examples are not necessary to demonstrate basic and correct programming concepts.

That said, I’ll give a very basic example of proper usage and why type casting it of utmost importance...
Forum: General 05-02-2008, 05:41 PM
Replies: 61
Views: 9,894
Posted By Highway of Life
Type casting is extremely important in any...

Type casting is extremely important in any programming language, and PHP is no exception.

Although type casting is an often-missed tool when a PHP developer is trying to ensure data integrity.
Type...
Showing results 1 to 21 of 21

 

All times are GMT. The time now is 06:56 PM.

 
     
Contact Us - TalkPHP - PHP Community - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0
Inactive Reminders By Icora Web Design