Tycoon Talk
Become a Big fish!
The number 1 forum for online business!
Post topics, ask questions, share your knowledge.
Tycoon Talk is part of Freelancer.com - find skilled workers online at a fraction of the cost.

PHP Forum


You are currently viewing our PHP Forum as a guest. Please register to participate.
Login


Tycoon Talk > Web Development and Programming Support > PHP Forum > database driven issue

Freelance Jobs

Reply
database driven issue
Old 05-10-2010, 10:27 PM database driven issue
Junior Talker

Posts: 4
Name: Brett Adams
Trades: 0
Talkupation: threehatsman is on a distinguished road
On a site of mine, http://www.wheelandtireoutfitters.com/, I have an issue where I sort by state, but I have to use quotes in the url... http://www.wheelandtireoutfitters.co...9;GA'.html .... is there a way i can make this work without using quotes in my php...below is my code.

PHP Code:
$query_sitelist "SELECT * FROM listings WHERE state_id=" $state_id " ORDER BY name"
can anyone help me with this issue, it would be very appreciated.

Thanks,
Brett Adams
threehatsman is offline
Reply With Quote
View Public Profile
 
 
Register now for full access!
Old 05-10-2010, 11:06 PM Re: database driven issue
NullPointer's Avatar
Will Code for Food

Latest Blog Post:
Start Services Using a Batch File
Posts: 2,815
Name: Matt
Location: Irvine, CA
Trades: 0
Talkupation: NullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant future
Strings must be quoted in SQL:
PHP Code:
$query_sitelist "SELECT * FROM listings WHERE state_id='" $state_id "' ORDER BY name"
__________________

Please login or register to view this content. Registration is FREE
|
Please login or register to view this content. Registration is FREE
|
Please login or register to view this content. Registration is FREE
|
Please login or register to view this content. Registration is FREE
NullPointer is online now
Reply With Quote
View Public Profile Visit NullPointer's homepage!
 
Old 05-10-2010, 11:09 PM Re: database driven issue
Junior Talker

Posts: 4
Name: Brett Adams
Trades: 0
Talkupation: threehatsman is on a distinguished road
thanks, i knew it was something simple

ba
threehatsman is offline
Reply With Quote
View Public Profile
 
Old 05-11-2010, 04:49 AM Re: database driven issue
badams's Avatar
Skilled Talker

Latest Blog Post:
Dum Skype Firefox plugin
Posts: 69
Name: Barry Adams
Location: London
Trades: 0
Talkupation: badams will become famous soon enough
Remember to check that any user input doesn't have quote in it, otherwise people can
send strings like "'; delete * from listings " and ruin your database remotely
__________________

Please login or register to view this content. Registration is FREE
@
Please login or register to view this content. Registration is FREE
(320+ Subjects)
badams is offline
Reply With Quote
View Public Profile Visit badams's homepage!
 
Old 05-11-2010, 01:13 PM Re: database driven issue
Junior Talker

Posts: 4
Name: Brett Adams
Trades: 0
Talkupation: threehatsman is on a distinguished road
how would i go about preventing that?
threehatsman is offline
Reply With Quote
View Public Profile
 
Old 05-11-2010, 01:19 PM Re: database driven issue
NullPointer's Avatar
Will Code for Food

Latest Blog Post:
Start Services Using a Batch File
Posts: 2,815
Name: Matt
Location: Irvine, CA
Trades: 0
Talkupation: NullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant futureNullPointer has a brilliant future
http://us2.php.net/manual/en/functio...ape-string.php
__________________

Please login or register to view this content. Registration is FREE
|
Please login or register to view this content. Registration is FREE
|
Please login or register to view this content. Registration is FREE
|
Please login or register to view this content. Registration is FREE
NullPointer is online now
Reply With Quote
View Public Profile Visit NullPointer's homepage!
 
Old 05-11-2010, 01:20 PM Re: database driven issue
Junior Talker

Posts: 4
Name: Brett Adams
Trades: 0
Talkupation: threehatsman is on a distinguished road
Thank you, I will go over that and implement it.
threehatsman is offline
Reply With Quote
View Public Profile
 
Reply     « Reply to database driven issue
 
Previous Thread | Next Thread Tycoon Talk > Web Development and Programming Support > PHP Forum > database driven issue

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML



Page generated in 0.24601 seconds with 12 queries