|
PHP - Is It Illegal...
Yeah I know one of those questions
Like you guys are lawyers on standby or something.
I just wanted to discuss the idea of creating a website mock up for a business that exists but you researched and they don't have a website yet.
I guess how, is the next question in terms of getting their prices of products... but mainly what I was going to do was following along Google Map's street view and screenshot their business logos which are visible to the public eye.
Then create a mock up of a website to show them on a tablet.
What do you guys think?
Similar TutorialsI am writing a script that downloads stock data and graphs the prices using libchart charting library. After downloading data to array $prices, I use the following line to add a new data point to my chart:
$serie1->addPoint(new Point($prices[$i]['date'], $prices[$i]['price']);
$prices contains both date and price keys. However, this throws off illegal string offset error for both keys. I have checked with isset, both variables contain values. I have also tried typecasting, date with (string) and price with (float), but these threw off new errors.
What could be causing the illegal string offset error? Is there a way to silence it?
Edited by codingcasually, 01 November 2014 - 03:55 AM. Hi Guys, This should be a simple one. I am looking for the best way to ensure that any illegal characters are removed from an input. I have a user registration form and login page. What I want to do is prevent against sql injection and therefore should be limiting the characters that can be entered. For example I want a username to include only letters and numbers so I ideally want to strip out any white space, illegal characters such as " ' ( ) etc... My issue with this is with the password, I would ideally like the user to be able to put as complex a password as they would like, so how would i prevent against illegal characters in this instance?? Cheers Hi guys, why am i getting this error: Illegal string offset 'user_id' but when echo $value it brings the correct output. Thanks
$user_id = 5;
$user_name = "obodo";
$_SESSION['test'] = array('user_id' => $user_id, 'user_name' => $user_name);
foreach( $_SESSION['test'] as $value )
{
echo $value['user_id']; //give error
/* echo $value //works */
}
Hi all, I'm working on this site which I'll soon ask the guys in the testing forum to have a peek at. It's essentially an online community that was a uni project that has spiraled and grown exponetially. I've spent many many hours in front of books and tutorals etc to put it together and as far as scripting goes, it seems to be fine. The problem i'm having...The tut's that I read / watched were using eregi_replace to protect text fields and this is now unsuported. I want my site to be as secure as it can be, within reason. I've tried using preg_replace instead and have searched for the syntax but i keep getting strang results. I'm working on the "bio" field at the moment and then when that works I can move on and a-ply the same idea to the other fields. This si what I have and what I've changed. if ($_POST['parse_var'] == "bio"){ $bio_body = $_POST['bio_body']; //$bio_body = str_replace("'", "'", $bio_body); (WAS TESTING THIS BUT NO JOY) //$bio_body = str_replace("`", "'", $bio_body); $bio_body = mysql_real_escape_string($bio_body); $bio_body = nl2br(htmlspecialchars($bio_body)); $bio = $_POST['bio']; $bio = eregi_replace("'", "'", $bio); (This works but is not as secure) $bio = eregi_replace("`", "'", $bio); $bio = mysql_real_escape_string($bio); $bio = nl2br(htmlspecialchars($_POST['bio'])); $sqlUpdate = mysql_query("UPDATE members SET bio='$bio' WHERE id='$id'"); and so on....} When I change it to str_replace if I type in don't the whole word is deleted. when I type in preg I get an error. Can someone please give me the correct code / syntax for getting the result I want. I just want to make sure that every single field that has a user input is protected against any malicious attacks. Thanks. Hey I wasn't able to add/edit some text to the mysql database because of some character how can i bypass them should i use the mysql_real_escape_string() ? if yes how do i make it work with the code i got? thaks <?php include "../configdb.php"; $id = $_GET['id']; if(isset($_POST['submit'])) { //global variables $name = $_POST['name']; $footer = $_POST['footer']; //run the query which adds the data gathered from the form into the database $result = mysql_query("UPDATE pages SET name='$name', footer='$footer' WHERE id='$id' ",$connect); echo "<b>Your Page have been edited successfully"; // echo "<meta http-equiv=Refresh content=2;url=index.php>"; } elseif($id) { $result = mysql_query("SELECT * FROM pages WHERE id='$id' ",$connect); while($row = mysql_fetch_assoc($result)) { ?> <h3>::Edit Page</h3> <form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>?id=<?php echo $row['id']?>"> <input type="hidden" name="id" value="<?php echo $row['id']?>"> <textarea name="name"><?php echo $row['name']?></textarea> <input name="footer" size="40" maxlength="255" value="<?php echo $row['footer']?>"> <input type="submit" name="submit" value="Submit"> <?php } } ?> |
|||||||