|
PHP - Replacing Utf8 Codes In Private Use Area
Hello,
I've got a huge database that is filled with text. It is encoded in UTF8 and some of the symbols used (like emoticons) are encoded in the private use area of UTF8 (http://www.fileformat.info/info/unicode/block/private_use_area/utf8test.htm). Now I want to replace those codes of the private use area with the corresponding smilies etcetera. So actually my question is, how do I replace specific UTF8 codes with something else in PHP? Thanks in advance! Similar TutorialsHi, I am trying to update the database with the arabic characters using utf8, when am trying with firefox no problem in updating also i check with database values are in utf8 format. But at the same time working with IE, values are not updating as utf8 format. Looking for answer confused..hope.. Thanks Im using this code Code: [Select] //create message with token gained before $post = array( 'access_token' => $access_token, 'message' => html_entity_decode($description, ENT_QUOTES), 'name' => html_entity_decode(strip_tags($post_title, ENT_QUOTES)), 'caption' => html_entity_decode(strip_tags($post_title, ENT_QUOTES)), 'link' => $_SESSION['blog_base'].'article/'.$post_url.'/', 'description' => html_entity_decode($description, ENT_QUOTES), 'picture' => 'http://www.socialnewsoffice.com/uploads/'.$article_img); to publish information to facebook however when i publish this i get this Code: [Select] Leasing receive another Great Testimonial from�Steve Brennan at�MCM Insurance Group\r\nTo whom it may concern\r\nEarlier this year we to... any ideas? hello i have problem with reading utf-8 text from normal text file with utf8 encoding. I am bulgarian i want to read and write bulgarian text but i cant. $fh = fopen("pics/names.txt", 'r'); $theData = fread($fh, 5); fclose($fh); echo $theData; This is what i use. Iam with windows 7. Pls help me... Hello, Hi everybody !
Am back with the never ending security issues, just that this time it has to do with the character set related security issues. I read the whole day on utf-8 and am still lost on certain aspects related to PHP security.
Consider the simple script below:
<?php
//error_reporting(E_ALL & ~E_NOTICE);
session_start();
if(isset($_POST['login'], $_POST['password']))
{
$login = $_POST['login'];
$password = $_POST['password'];
if(!empty($login) && !empty($password))
{
//echo "Ok";
echo "Welcome ". $login;
echo "<br> You password is.$password ";
}
}
?>
<html>
<body>
<form action="welcome2.php" method="post">
Name: <input type="text" name="login" />
Password: <input type="password" name="password" />
<input type="submit" name="submit"/>
</form>
</body>
</html>
It is not a login script, but assuming that it was one, I would like to know that if UTF-8 was the charset that was selected for this script, then :
1. how could it be exploited to pass a string that would effectively break thorugh this login. It would be great if someone can demonstrate the hack using the above script example.
2. Could the same be thwarted by the use of input filters?
3. I also read that the use of a regex to limit the use of special characters in passwords is not good . So in case the hack can be thwarted by the use of regex and that is a bad idea in the first place what should be done?
There are a few more questions that are on my mind but I would only ask those once I am clear on these that I have just asked.
Thanks all.
I am using a regex with /iumsU modifiers. On some servers this crashes PHP and I need to turn UTF8 off thus the modifier becoming /imsU I am wondering how can I detect the requirements for /u to work normally so I can dynamically adjust my regex? Cheers In attachment is the code I generated from Flex Builder: My issue is that the UTF8 (coding of the MySQL database) isn't correctly interpreted, the solution is to use : $stmt = mysqli_prepare($this->connection, "SET NAMES UTF8;"); But I don't know how to enter it in this syntax? It is I think the: $stmt = mysqli_prepare($this->connection, "SELECT * from $this->tablename"); that has to be modified, but how? Really searching a long time on the correct syntax, but without any result... Please help, thanks a lot Wimmerke im setting up a php and jQuery pm system and have run into a problem. When a user clicks on a message in the left column the right column is supposed to be populated with the message contents, however the content stays the same whichever message is clicked. Code: (php) [Select] <?php $query = $link->query("SELECT * FROM ".TBL_PREFIX."messages WHERE m_sent_to = '$user_name'") or die(print_link_error()); $row = $query->fetchAll(); foreach($row as $key => $value) { $_message_list .= '<dl class="message_row" id="row-'.$row[$key]['m_mid'].'">'; $_message_list .= '<dd class="message_author">'.profile_link($row[$key]['m_author']).'</dd>'; $_message_list .= '<dd class="message_date">'.asf_date($row[$key]['m_date_sent'], 'short').'</dd>'; $_message_list .= '<dd class="message_checkbox"><input type="checkbox" id="checkbox-'.$row[$key]['m_mid'].'" /></dd>'; $_message_list .= '<dd class="message_subject">'.$row[$key]['m_subject'].'</dd>'; $_message_list .= '</dl>'; $template->message_content = $row[$key]['m_content']; } ?> and the jQuery Code: (js) [Select] <script type="text/javascript"> $j = jQuery.noConflict(); $j(document).ready(function(){ $j('dl.message_row').click(function(){ $j('li.message').html('<?php echo $this->message_content; ?>'); }); }); </script> The content display is always the content of the last message. Hi folks, I had a working, editable profile but it wasn't visible to other users. So I'm trying to make that conversion now. Here's the current 'myprofile' code: <?php session_start(); include('config.php'); include('date.php'); $id = $_GET['id']; $sql = mysql_query("SELECT * FROM members WHERE id = '$id' LIMIT 1"); $check = mysql_num_rows($sql); $check = mysql_query($sql_user_verify) or die('Cannot Execute:'. mysql_error()); if ($check > 1) { echo "No one matches that id number!"; exit(); } if($check == 1) { while($row = mysql_fetch_array($sql)) { $user = $id; echo "<h2>Profile</h2> <table>"; $row = mysql_fetch_array($sql); echo "<tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name: </th><td>".$row['callname']."</td></tr> <tr><th>Email: </th><td>".$row['email']."</td></tr> <tr><th>Password: </th><td><input type='password' value='".$row['password']."' disabled='true' /></td></tr> <tr><th>Registered: </th><td>".$row['registered']."</td></tr> <tr><th>Last Login: </th><td>".$row['lastlogin']."</td></tr>"; echo "</table><br />"; } if($id = $_SESSION['id']) { echo "<h2>Profile</h2> <form method='post' action='editprofile.php'> <table>"; $row = mysql_fetch_array($sql); echo "<tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name: </th><td>".$row['callname']."</td></tr> <tr><th>Email: </th><td>".$row['email']."</td></tr> <tr><th>Password: </th><td><input type='password' value='".$row['password']."' disabled='true' /></td></tr> <tr><th>Registered: </th><td>".$row['registered']."</td></tr> <tr><th>Last Login: </th><td>".$row['lastlogin']."</td></tr>"; echo "</table><br /> <input type='submit' value='edit profile' /> </form>"; } } else { die (); } ?> <?php include('footer.php'); ?> Here's the link to the user's own profile: <a href=myprofile.php?id='.$id.'>Profile</a> And here's the edit profile link, which works fine: <?php include('config.php'); include('date.php'); if(isset($_POST['btnedit'])){ $callname = $_POST['callname']; $email = $_POST['email']; $password = $_POST['password']; $sql = mysql_query( "UPDATE users SET callname='".$callname."', email='".$email."', password='".$password."' WHERE id='".$_SESSION['id']."'" ); if($sql){ echo "<script>alert('profile updated');window.location='myprofile.php'</script>"; }else{ echo "<script>alert('updating profile failed!');</script>"; } } $sql = mysql_query( "SELECT * FROM users WHERE id='".$_SESSION['id']."'" ); $row = mysql_fetch_array($sql); $userfinal = $_SESSION['id']; $user = $userfinal; echo "<h2>Edit profile</h2> <form method='post'> <table><tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name:</th><td><input type='text' name='callname' value='".$row['callname']."'/></td></tr> <tr><th>Email:</th><td><input type='text' name='email' value='".$row['email']."'/></td></tr> <tr><th>Password:</th><td><input type='password' name='password' value='".$row['password']."'/></td></tr> <tr><th>Registered:</th><td>".$row['registered']."</td></tr> <tr><th>Last Login:</th><td>".$row['lastlogin']."</td></tr> </table><br /> <input type='submit' name='btnedit' value='update' /> </form>"; ?> <?php include('footer.php'); ?> It fails, it says the query was empty, even though there are user accounts created and information is being stored (as it worked fine before I tried editing the code to make it public. What am I doing wrong? im trying to make a private message system now when i send a message it works fine but when i open the message at the other end i get a blank message. now i think the problem is with $messageid = $_GET['messages'] when i echo $messageid i get nothing, if i use the print_r($_GET) it returns Array ( [messageid] => 12 ). thanks Code: [Select] <?php session_start(); $myusername=$_SESSION['myusername']; require "database.php"; $messageid = $_GET['messages']; $message = mysql_query("SELECT * FROM messages WHERE message_id = '$messageid' AND to_user = '$myusername'"); $message=mysql_fetch_assoc($message); echo "$message"; echo "<h1>Title: ".$message['message_title']."</h1><br><br>"; echo "<h3>From: ".$message['from_user']."<br><br></h3>"; echo "<h3>Message: <br>".$message['message_contents']."<br></h3>"; echo '<form name="backfrm" method="post" action="inbox.php">'; echo '<input type="submit" value="Back to Inbox">'; echo '</form>'; ?> Hi everyone. Getting my head back into PHP after a long time away, so pardon the newbie question! I would like to create a simple website that is private to me and a few select people. The intention is to be able to share pictures or files. (Sort of my like my own personal dropbox.) Looking to put up some Holiday photos, so this needs to be a quick endeavor. I was thinking of creating a php page that is a log in page. No database, but f the user enters the correct username and password then I could reveal photos or maybe links to other pages. How does that sound? I have done .htaccess files in the past, but they sorta look crude and might scare non-technical people away. Thoughts?
Hi i created a website where you cam view ip webcams via php. I want to make it so people can make the camera private and public. I made two fields in mysql called "Username" and "Puborprivate" I tried to make the "Puborprivate" have two numbers "0" would be private and "1" would be public. How could I do this? My site is cwuforum.com/live/ Dear all , i am trying the following : i have a class named ACCOUNT with many properties in .some of these properties are array , it is like this : Code: [Select] class ACCOUNT { PRIVATE $DB_LINK; PRIVATE $COMP; PRIVATE $BRANCH; PRIVATE $CURRENCY; PRIVATE $GL; PRIVATE $CIF; PRIVATE $SL; PRIVATE $EXIST; PRIVATE $STATUS; private $ACCOUNT_NAME=ARRAY("LA"=>'',"LE"=>'',"SA"=>'',"SE"=>''); private $ACCOUNT_BALANCE =ARRAY('FC_YTD','CV_YTD','CV_BAL','YTD_BAL','BLOCKED_CV','BLOCKED_FC'); private $CY_NAME=ARRAY("LA"=>'',"LE"=>'',"SA"=>'',"SE"=>''); private $ACCOUNT_NAME_USR=ARRAY("LA"=>'',"LE"=>'',"SA"=>'',"SE"=>''); private $LEDGER_NAME= ARRAY("LA"=>'',"LE"=>''); i have created the following method to call any property [code] FUNCTION GET_SPECIFEC_ATT($ATT,$LANG) { $ATT=$ATT."['L$LANG']"; ECHO $this->$ATT; } but i am getting the below error : Notice: Undefined property: ACCOUNT::$BRANCH_NAME['LA'] in D:\wamp\www\EBANK\account.class on line 186 if i used this : Code: [Select] echo $this->BRANCH_NAME['LA']; it is working fine . and the method is working fine i can iam trying to call property which is NOT an array. Can you please help me in what iam doing wrong ? Thanks in advance Hello, i have a private message system nearly done , the only thing that i cant get to work is the Trash messages that a user has... so the user can delete messages either from the inbox/sent/friends box ... then each message row gets update with pm_sender_is_deleted='1' or pm_reciever_is_deleted='1' , depends if the message was deleted in the inbox or sent box respectively. Here is my db structure on the first table: pm_id int(11) pm_msg_id int(11) pm_sender_id varchar(30) pm_reciever_id varchar(30 pm_sender_isSpam tinyint(1) pm_sender_isRead tinyint(1) pm_sender_is_deleted tinyint(1) pm_sender_is_removed tinyint(1) pm_reciever_isSpam tinyint(1) pm_reciever_isRead tinyint(1) pm_reciever_is_deleted tinyint(1) pm_reciever_is_removed tinyint(1) here is the second: usermessages_id int(11) usermessages_msg_id int(11) usermessages_sender_id varchar(30) usermessages_reciever_id varchar(30) usermessages_subject varchar(300) usermessages_content usermessages_created_at datetime usermessages_canReply tinyint(1) When a user decides to delete a message i update the _is_deleted as i said above successfully. It seems that i cant get the a correct SQL code to display the mesages that i have deleted... These 3 queries tells how many msgs are in the trash for each user: //get messages that i have sent to myself $get_same = mysql_query("SELECT * FROM glr_pm_data WHERE pm_sender_id='$email' && pm_reciever_id='$email' && pm_sender_is_deleted='1' && pm_reciever_is_deleted='1' && pm_sender_is_removed='0' && pm_reciever_is_removed='0'"); $same = mysql_num_rows($get_same); //get messages that i have recieved $get_rec = mysql_query("SELECT * FROM glr_pm_data WHERE pm_reciever_id='$email' && pm_reciever_is_deleted='1' && pm_sender_id!='$email' && pm_reciever_is_removed='0'"); $new = mysql_num_rows($get_rec); //get messages that i have sent to others and NOT to myself $get_snd = mysql_query("SELECT * FROM glr_pm_data WHERE pm_sender_id='$email' && pm_sender_is_deleted='1' && pm_sender_is_removed='0' && pm_reciever_id!='$email'"); a query i have tried to display the trash messages is: $query = "SELECT * FROM glr_pm_data INNER JOIN glr_usermessages ON glr_pm_data.pm_msg_id=glr_usermessages.usermessages_msg_id && (pm_sender_id='$email' && pm_reciever_id='$email' && pm_sender_is_deleted='1' && pm_sender_is_removed='0' && pm_reciever_is_deleted='1' && pm_reciever_is_removed='0') || (pm_reciever_id='$email' && pm_sender_id!='$email' && pm_reciever_is_deleted='1' && pm_reciever_is_removed='0') || (pm_sender_id='$email' && pm_reciever_id!='$email' && pm_sender_is_deleted='1' && pm_sender_is_removed='0') ORDER BY glr_pm_data.pm_id DESC $limit"; So if anyone can help me out create a correct query to display the trash messages i would appreciate.. Hello World ! i got this script of PM system on my website where 2 or 3 users can send PM to each other it work ok but it
<?php
header : PM (unread count)
$msgs_count = GetUnreadMessagesCount($session_user["id"]);
and got this in the Index header : PM <span>( <?=$msgs_count;?> )</span>
/* Hello World ! i got a website where 2 or 3 users can create and send PM everything work good but have this bug . */
Example message thread#id1 Sender: A send the message to B & C ok now B & C got PM (1)
B make reply to this PM and C the same now the bug is userA will have PM(2) like he have 2unread messages
but is different reply in the same message so need to count only (1) by Thread not reply ok if A read it and send new reply now B & C will have PM (3)
i hope someone can help me with this code thank you !
this is message_tbl for database
<?php
$tbl_messages_fields = array(
"id" => "INTEGER PRIMARY KEY AUTO_INCREMENT",
"threadId" => "INT(11)",
"type" => "VARCHAR(4)",
"heldById" => "INT",
"fromId" => "INT",
"toId" => "VARCHAR(32)",
"isRead" => "INT(1) $d0",
"isStarred" => "INT(1) $d0",
"isDeleted" => "INT(1) $d0",
"subject" => "VARCHAR(150)",
"message" => "VARCHAR(10000)",
"timestamp" => "INT(12)");
SetupTable('tbl_messages', $tbl_messages_fields);
function UpdateMessageField($conditions, $field, $value){
global $dbPrep;
$add = array();
foreach($conditions as $key=>$val){
$add[] = "`$key`=:$key";
}
$add = implode(" AND ", $add);
$sql = "UPDATE `tbl_messages` SET $field=:$field WHERE $add";
$query = $dbPrep->prepare($sql);
$data = array_merge($conditions, array("$field"=>$value));
$query->execute($data);
}
function GetMessagesQuery($data = array(), $complexConditions = "", $extra = ""){
$dbPrep = GetDatabaseConnection();
$sql = "SELECT * FROM `tbl_messages` ";
$add = " ";
foreach($data as $key=>$value){
$add.= "AND `$key`=:$key ";
}
$add = ($add != " ") ? "WHERE" . substr($add, 4, strlen($add)) : $add;
$sql.= $add." ".$complexConditions." ".$extra;
$query = $dbPrep->prepare($sql);
$query->execute($data);
return GetRows($query);
}
function GetThreadQuery($conditions = array(), $complexConditions = "", $extra = ""){
global $dbPrep;
$add = array();
foreach($conditions as $key=>$val){
$add[] = "`$key`=:$key";
}
$add = implode(" AND ", $add);
$sql = "SELECT a.*, b.username AS fromUsername, b.type AS fromType FROM `tbl_messages` AS a ";
$sql .= "INNER JOIN `tbl_users` AS b ON a.fromId=b.id ";
$sql .= "WHERE $add ORDER BY timestamp ASC";
#echo $sql;
$query = $dbPrep->prepare($sql);
$query->execute($conditions);
return GetRows($query);
}
$p_NewMessage = $dbPrep->prepare("INSERT INTO `tbl_messages` (type, threadId, heldById, fromId, toId, subject, message, timestamp) VALUES (:type, :threadId, :heldById, :fromId, :toId, :subject, :message, :timestamp);");
$sql = "SELECT a.*, b.type as fromType FROM `tbl_messages` AS a ";
$sql .= "INNER JOIN `tbl_users` AS b ON a.fromId=b.id ";
$sql .= "WHERE threadId=:id AND heldById=:heldById AND isDeleted=0 ORDER BY timestamp ASC";
$p_GetSingleMessage = $dbPrep->prepare($sql);
function UnDeleteThread($threadId, $heldById){
global $dbPrep;
$p_UnDeleteThread = $dbPrep->prepare("UPDATE `tbl_messages` SET isDeleted=0,isRead=0 WHERE threadId=:threadId AND heldById=:heldById");
$p_UnDeleteThread->execute(array("threadId"=>$threadId, "heldById"=>$heldById));
}
function GetRecipients($sessId, $fromId, $toId){
$allParties = $sessId . "," . $fromId . "," . $toId;
$arr = array_unique(explode(",", $allParties));
if (($key = array_search($sessId, $arr)) !== false) {
unset($arr[$key]);
}
return implode (",", $arr);
}
function GetRecipientName($id){
global $dbPrep;
$sql = "SELECT username FROM `tbl_users` WHERE id=:id";
$query = $dbPrep->prepare($sql);
$query->execute(array("id"=>$id));
$row = $query->fetch( PDO::FETCH_ASSOC );
return $row["username"];
}
function GetRecipientNames($recipients){
$all = explode(",", $recipients);
$val = array();
foreach ($all as $a){
$val[] = GetRecipientName($a);
}
return $val;
}
$p_GetUnreadMessagesCount = $dbPrep->prepare("SELECT COUNT(*) FROM `tbl_messages` WHERE isRead=0 AND heldById=:heldById AND type='recv'");
$unreadMsgsCount = -1;
function GetUnreadMessagesCount($uid){
global $unreadMsgsCount;
global $p_GetUnreadMessagesCount;
if($unreadMsgsCount == -1){
$p_GetUnreadMessagesCount->execute(array("heldById"=>$uid));
$unreadMsgsCount = $p_GetUnreadMessagesCount->fetch( PDO::FETCH_ASSOC );
$unreadMsgsCount = $unreadMsgsCount["COUNT(*)"];
}
return $unreadMsgsCount;
}
function GetNewThreadId(){
global $dbPrep;
$threadId = 1;
$p_GetLatestThreadId = $dbPrep->prepare("SELECT MAX(threadId) FROM `tbl_messages`");
$p_GetLatestThreadId->execute();
$latestThreadId = $p_GetLatestThreadId->fetch( PDO::FETCH_ASSOC );
if($latestThreadId){
$threadId = $latestThreadId["MAX(threadId)"]+1;
}
return $threadId;
}
?>
if(isset($_REQUEST["mark_read"])){
if(isset($_REQUEST["message_all_toggle"]))
foreach($_REQUEST["message_all"] as $m)
SetNotificationRead($m, $session_user["id"], 1);
elseif(isset($_REQUEST["message"]))
foreach($_REQUEST["message"] as $m)
SetNotificationRead($m, $session_user["id"], 1);
else
foreach($_REQUEST["message_all"] as $m)
SetNotificationRead($m, $session_user["id"], 1);
}
if(isset($_REQUEST["mark_unread"])){
if(isset($_REQUEST["message_all_toggle"]))
foreach($_REQUEST["message_all"] as $m)
SetNotificationRead($m, $session_user["id"], 0);
elseif(isset($_REQUEST["message"]))
foreach($_REQUEST["message"] as $m)
SetNotificationRead($m, $session_user["id"], 0);
else
foreach($_REQUEST["message_all"] as $m)
SetNotificationRead($m, $session_user["id"], 0);
}
if(isset($_REQUEST["delete"])){
if(isset($_REQUEST["message_all_toggle"]))
foreach($_REQUEST["message_all"] as $m)
RemoveNotificationById($m, $session_user["id"]);
elseif(isset($_REQUEST["message"]))
foreach($_REQUEST["message"] as $m)
RemoveNotificationById($m, $session_user["id"]);
}
} else {
if(isset($_REQUEST["delete"])){
if(is_numeric($_REQUEST["delete"])){
UpdateMessageField(array("threadId"=>$_REQUEST["delete"], "heldById"=>$session_user["id"]), "isStarred", 0);
UpdateMessageField(array("threadId"=>$_REQUEST["delete"], "heldById"=>$session_user["id"]), "isDeleted", 1);
UpdateMessageField(array("threadId"=>$_REQUEST["delete"], "heldById"=>$session_user["id"]), "isRead", 1);
}elseif(isset($_REQUEST["message_all_toggle"])){
$messages = $_REQUEST["message_all"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isStarred", 0);
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isDeleted", 1);
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isRead", 1);
}
}elseif(isset($_REQUEST["message"])){
$messages = $_REQUEST["message"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isStarred", 0);
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isDeleted", 1);
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isRead", 1);
}
}
}
if(isset($_REQUEST["messagestar"])){
if(isset($_REQUEST["message_all_toggle"])){
$messages = $_REQUEST["message_all"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isStarred", 1);
}
}elseif(isset($_REQUEST["message"])){
$messages = $_REQUEST["message"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isStarred", 1);
}
}
}
if(isset($_REQUEST["deletestarred"])){
if(isset($_REQUEST["message_all_toggle"])){
$messages = $_REQUEST["message_all"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isStarred", 0);
}
}elseif(isset($_REQUEST["message"])){
$messages = $_REQUEST["message"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isStarred", 0);
}
}
}
if(isset($_REQUEST["mark_unread"])){
if(isset($_REQUEST["message_all_toggle"])){
$messages = $_REQUEST["message_all"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isRead", 0);
}
}elseif(isset($_REQUEST["message"])){
$messages = $_REQUEST["message"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isRead", 0);
}
}
}
if(isset($_REQUEST["mark_read"])){
if(isset($_REQUEST["message_all_toggle"])){
$messages = $_REQUEST["message_all"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isRead", 1);
}
}elseif(isset($_REQUEST["message"])){
$messages = $_REQUEST["message"];
foreach($messages as $m){
UpdateMessageField(array("threadId"=>$m, "heldById"=>$session_user["id"]), "isRead", 1);
}
}
}
}
$details = isset($_REQUEST["details"])?$_REQUEST["details"]:0;
$session_user = GetUserById($session_user["id"]);
Hey all, I'm sure this is a really basic question but I'd like a definite answer. I've been watching a tutorial and seeing some site references regarding connecting to a sql database using php. Since it contains a password to the database, my question is, how secure is this page on a webserver, or does it not even matter since the code is so specific to the website and the database it is connecting to.
Thank you in advance. |
|||||||