dcsimg
www.webdeveloper.com
Page 1 of 2 12 LastLast
Results 1 to 15 of 22

Thread: Is this small bit of code correct...

  1. #1
    Join Date
    Jun 2007
    Posts
    4

    Is this small bit of code correct...

    Is this small bit of code correct. I'm trying to add mysql_real_escape_string to all my queries. Is what i have below enough to stop SQL injections and other threats. Have i used it correctly

    PHP Code:
    $username mysql_real_escape_string($_POST['username']);
    $check mysql_query("SELECT username FROM accounts WHERE username = '$username'")
    or die(
    mysql_error());
    $check2 mysql_num_rows($check); 
    Also, can you take a small look at the code i have below

    PHP Code:
    //retrieve form data in a variable
    $firstname  mysql_real_escape_string($_POST['firstname']);
    $lastname      mysql_real_escape_string($_POST['lastname']);
    $username     mysql_real_escape_string($_POST['username']);
    $password      mysql_real_escape_string($_POST['password']);

    ////// How to i add mysql_real_escape_string to the code below//////
    $DOB         date("Y-m-d"mktime(0,0,0,$_POST['DOBmm'],$_POST['DOBdd'],$_POST['DOByyyy'])); // keep the DOB as one 
    Also, do i need to add stripslashes anywhere in my code, sorry i am new to the security of PHP
    Last edited by jack_23; 06-24-2007 at 02:06 PM.

  2. #2
    Join Date
    Jun 2006
    Location
    Down at the bottom of the garden
    Posts
    1,239
    Check the post I made here

    You should use typecasting on the values you are passing to mktime();

  3. #3
    Join Date
    Dec 2006
    Location
    Escaz˙ (Costa Rica) and Mallorca (Spain)
    Posts
    3,234
    Use a function to check things out and take necessary action depending on the state of your server version and settings.
    PHP Code:
    <?php
    function sqlPrep($pSTR="") {
      
    $retSTR get_magic_quotes_gpc() ? stripslashes(trim($pSTR)) : trim($pSTR);
      IF (
    function_exists("mysql_real_escape_string") AND mysql_ping()) :
        
    $retSTR mysql_real_escape_string($pSTR);
      ELSEIF (
    function_exists("mysql_escape_string")) :
        
    $retSTR mysql_escape_string($pSTR);
      ELSE :
        
    $retSTR addslashes($pSTR);
      ENDIF;
      return 
    $retSTR;
    }
    ?>

  4. #4
    Join Date
    Jun 2006
    Location
    Down at the bottom of the garden
    Posts
    1,239
    Quote Originally Posted by NightShift58
    Use a function to check things out and take necessary action depending on the state of your server version and settings.
    PHP Code:
    <?php
    function sqlPrep($pSTR="") {
      
    $retSTR get_magic_quotes_gpc() ? stripslashes(trim($pSTR)) : trim($pSTR);
      IF (
    function_exists("mysql_real_escape_string") AND mysql_ping()) :
        
    $retSTR mysql_real_escape_string($pSTR);
      ELSEIF (
    function_exists("mysql_escape_string")) :
        
    $retSTR mysql_escape_string($pSTR);
      ELSE :
        
    $retSTR addslashes($pSTR);
      ENDIF;
      return 
    $retSTR;
    }
    ?>
    He is back!! \o/

    Where you been buddy?

  5. #5
    Join Date
    Dec 2006
    Location
    Escaz˙ (Costa Rica) and Mallorca (Spain)
    Posts
    3,234
    Was out of the loop, doing real work, sort of...

  6. #6
    Join Date
    Jun 2006
    Location
    Down at the bottom of the garden
    Posts
    1,239
    Good to know your ok mate.

  7. #7
    Join Date
    Dec 2006
    Location
    Escaz˙ (Costa Rica) and Mallorca (Spain)
    Posts
    3,234
    Rainy season is beginning to show its ugly face - otherwise everything good on this side of the world.

  8. #8
    Join Date
    Jan 2005
    Location
    Alicante (Spain)
    Posts
    7,742
    Quote Originally Posted by NightShift58
    everything good on this side of the world.
    Which side?

  9. #9
    Join Date
    Jun 2006
    Location
    Down at the bottom of the garden
    Posts
    1,239
    The dark side

  10. #10
    Join Date
    Dec 2006
    Location
    Escaz˙ (Costa Rica) and Mallorca (Spain)
    Posts
    3,234
    Quote Originally Posted by bokeh
    Which side?
    Quote Originally Posted by MrCoder
    the dark side

    My side, the dark side...

    But I should be in Mallorca again in the next 15 days. Finally sold that darned restaurant...

  11. #11
    Join Date
    Jun 2006
    Location
    Down at the bottom of the garden
    Posts
    1,239
    You owned a restaurant?

  12. #12
    Join Date
    Dec 2006
    Location
    Escaz˙ (Costa Rica) and Mallorca (Spain)
    Posts
    3,234
    In the bad old days, four of them... Just down to one, which will hopefully be a goner soon. After that, no more, never again.

  13. #13
    Join Date
    Jun 2006
    Location
    Down at the bottom of the garden
    Posts
    1,239
    Stress?

  14. #14
    Join Date
    Dec 2006
    Location
    Escaz˙ (Costa Rica) and Mallorca (Spain)
    Posts
    3,234
    The first one opened at 07:30 a.m. and the last one closed at 03:30 a.m.
    Wife, kids, 2 other companies.

    Stress? What's that?

  15. #15
    Join Date
    Jun 2006
    Location
    Down at the bottom of the garden
    Posts
    1,239
    And you still found time to post on here :O

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles