SitePoint Sponsor

User Tag List

Page 2 of 3 FirstFirst 123 LastLast
Results 26 to 50 of 53
  1. #26
    Sam Evans
    SitePoint Community Guest
    SonomaTek, use this service in conjunction with this script: verticalresponse.com.

  2. #27
    SitePoint Addict AdRock952's Avatar
    Join Date
    Aug 2006
    Posts
    243
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This is a great script.

    Is it easy to prevent SQL injection attacks or is there no need? I don't know anything about Ajax but i want to learn.

    I think check for duplicate email addresses shouldn't be to difficult...just got to check the databse before the insert and if email address exists display an error message

  3. #28
    SitePoint Addict AdRock952's Avatar
    Join Date
    Aug 2006
    Posts
    243
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is there any need to prevent against SQL injection attacks? I have been doing some reading about security and wandered if a malicious user could gain access to my database

  4. #29
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Best way to protect your self against SQL Injection is to use Stored Procedures.


  5. #30
    SitePoint Addict AdRock952's Avatar
    Join Date
    Aug 2006
    Posts
    243
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I have been looking at MySQL injection attacks and found a function on w3schools.


    Would this be good for preventing SQL injection attacks with this form?
    PHP Code:
    <?php
    function check_input($value)
    {
    // Stripslashes
    if (get_magic_quotes_gpc())
      {
      
    $value stripslashes($value);
      }
    // Quote if not a number
    if (!is_numeric($value))
      {
      
    $value "'" mysql_real_escape_string($value) . "'";
      }
    return 
    $value;
    }
    $con mysql_connect("localhost""peter""abc123");
    if (!
    $con)
      {
      die(
    'Could not connect: ' mysql_error());
      }
    // Make a safe SQL
    $user check_input($_POST['user']);
    $pwd check_input($_POST['pwd']);
    $sql "SELECT * FROM users WHERE
    user=
    $user AND password=$pwd";mysql_query($sql);mysql_close($con);
    ?>

  6. #31
    Aswini
    SitePoint Community Guest
    SUPERB EXAMPLE THANKS A TON

  7. #32
    SitePoint Member
    Join Date
    Oct 2007
    Posts
    0
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How about this


    PHP Code:

    $user = mysql_real_escape_string($_POST['user']);
    $pass = mysql_real_escape_string($_POST['pass']);
    $sql = "SELECT * FROM user WHERE username='$user' AND password='$pass'";

    // Or use the quoteSmart() method from PEAR::DB
    $user = $db->quoteSmart($_POST['user']);
    $pass = $db->quoteSmart($_POST['pass']);
    $sql = "SELECT * FROM user WHERE username=$user AND password=$pass";

    /* Note that the quoteSmart() method automatically
    adds quotes around the value when it is needed,
    so you do not need to put them directory into your
    query. */


    Well, I am just sharing my thoughts regarding this matter. Bye for now I am going to fix first a <a href="http://www.discounthonparts.com/honda-axle-assembly/">Honda axle assembly</a> for my car for the next race. I'll visit this site daily and put to bookmark.





  8. #33
    SitePoint Member
    Join Date
    Oct 2007
    Posts
    0
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How about this

    PHP Code:

    $user = mysql_real_escape_string($_POST['user']);
    $pass = mysql_real_escape_string($_POST['pass']);
    $sql = "SELECT * FROM user WHERE username='$user' AND password='$pass'";

    // Or use the quoteSmart() method from PEAR::DB
    $user = $db->quoteSmart($_POST['user']);
    $pass = $db->quoteSmart($_POST['pass']);
    $sql = "SELECT * FROM user WHERE username=$user AND password=$pass";

    /* Note that the quoteSmart() method automatically
    adds quotes around the value when it is needed,
    so you do not need to put them directory into your
    query. */


    Well, I am just sharing my thoughts regarding this matter. Bye for now I am going to fix first a <a href="http://www.discounthonparts.com/honda-axle-assembly/">Honda axle assembly</a> for my car for the next race. I'll visit this site daily.



  9. #34
    SitePoint Member
    Join Date
    Oct 2007
    Posts
    0
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How about this

    PHP Code:

    $user = mysql_real_escape_string($_POST['user']);
    $pass = mysql_real_escape_string($_POST['pass']);
    $sql = "SELECT * FROM user WHERE username='$user' AND password='$pass'";

    // Or use the quoteSmart() method from PEAR::DB
    $user = $db->quoteSmart($_POST['user']);
    $pass = $db->quoteSmart($_POST['pass']);
    $sql = "SELECT * FROM user WHERE username=$user AND password=$pass";

    /* Note that the quoteSmart() method automatically
    adds quotes around the value when it is needed,
    so you do not need to put them directory into your
    query. */


    Well, I am just sharing my thoughts regarding this matter. Bye for now I am going to fix first a <a href="http://www.discounthonparts.com/honda-axle-assembly/">Honda axle assembly</a> for my car for the next race. I'll visit this site daily.

  10. #35
    SitePoint Member
    Join Date
    Oct 2007
    Posts
    0
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How about this

    PHP Code:

    $user = mysql_real_escape_string($_POST['user']);
    $pass = mysql_real_escape_string($_POST['pass']);
    $sql = "SELECT * FROM user WHERE username='$user' AND password='$pass'";

    // Or use the quoteSmart() method from PEAR::DB
    $user = $db->quoteSmart($_POST['user']);
    $pass = $db->quoteSmart($_POST['pass']);
    $sql = "SELECT * FROM user WHERE username=$user AND password=$pass";

    /* Note that the quoteSmart() method automatically
    adds quotes around the value when it is needed,
    so you do not need to put them directory into your
    query. */

    Well, I am just sharing my thoughts regarding this matter. Bye for now I am going to fix first a Honda axle assembly for my car for the next race. I'll visit this site daily.

  11. #36
    Toto
    SitePoint Community Guest
    '+' is a valid character for e-mail addresses.
    Please, fix your code.

  12. #37
    Tim
    SitePoint Community Guest
    Spectacular. It works great. Thanks!!

  13. #38
    Milos
    SitePoint Community Guest
    HI there,

    well is -> 'address=' + escape($F('address')) in PHP the variable $adress?

    Greetings from Germany

  14. #39
    Pasquale
    SitePoint Community Guest
    Very nice, but could I not use a text link to submit the form? I've tried without success.

    <A href="" onClick="document.forms[0].submit();">Submit</A>

  15. #40
    Aarron Walter
    SitePoint Community Guest
    Pasquala - it's not a good idea to use text links to submit forms as search engine spiders will trigger the form submission when crawling your site. Stick with form elements (button or input type="submit") then use CSS to style it as you like.

  16. #41
    Spencer
    SitePoint Community Guest
    Thanks! I've been looking for this for hours!

  17. #42
    Paul
    SitePoint Community Guest
    The file /inc/storeAddress.php doesn't have the correct opening PHP tag.

    Change <? to <?php

    This caused my script to fail. Maybe other servers are more forgiving but I suspect others will be scratching their heads over this.

  18. #43
    Will
    SitePoint Community Guest
    What about actually using this list? Anyone have any solid recommendations on distributing emails to your users?

  19. #44
    Tom
    SitePoint Community Guest
    This is great and I was using it on every page of my site... but when I replaced the submit button with an image, it all worked perfectly except for the fact that when anything is submitted the index page of my site is automatically loaded. Does anybody know a way around this? Thanks.

  20. #45
    Tom
    SitePoint Community Guest
    Got it sorted now, the answer was staring me in the face...

  21. #46
    Qin
    SitePoint Community Guest
    for beginner like me it's need about 2h
    to understand
    but thank's anyway

  22. #47
    Qin
    SitePoint Community Guest
    maybe it's broken link
    there's no difference content BUILD YOUR MAILING LIST with this :
    AJAX & PHP to Build Mailinglist

  23. #48
    akua
    SitePoint Community Guest
    thats fine, thanks

  24. #49
    GAbster
    SitePoint Community Guest
    Very interested in this one!

    Curious to know if this will also be able to send an automated email to the subscriber.

    thanks!
    Gabster

  25. #50
    rdl
    SitePoint Community Guest
    pretty cool, but...
    where's the form that i send my email messages to all my subscribers?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •