Hi, I have a flash app that lets users create a diagram with objects.
This data that makes up this diagram is spat out via a URL string I want to stick into a mysql database.
I am curious what I should do to it, if anything before it it is entered into the database.
I have been using strip_tags and sprintf on variables entered into mysql statements from othe input.
Is it the same procedure for this? use a regex to allow only '=, %, &' and no other symbols?
Or is addslashes to it good enough?
Thanks
James MacLeod
Small example...
item5Depth=%2D16384&item5Color=16711680&item5Alpha=100&item5Frame=10&item5Yscale=100&item5Xscale=100&item5Y=127&item5X=238&item5ItemClip=standing&item5Type=Player&item4Depth=%2D16384&item4Color=16711680&item4Alpha=100&item4Frame=5&item4Yscale=100&item4Xscale=100&item4Y=125&item4X=334&item4ItemClip=standing&item4Type=Player&item3Depth=%2D16384&item3Y=129&item3X=140&item3Text=What%20happened%3F&item3Type=Label&item2Type=Undefined&item1Type=Undefined&item0Depth=%2D16384&item0Y=161&item0X=327&item0Text=Wow%20a%20Label&item0Type=Label&thirdThird=undefined&secondThird=undefined&firstThird=undefined&fieldLines=true&fieldGridScale=78%2E8289103177057&fieldGrid=false&fieldScale=100&fieldY=%2D7&fieldX=11&dataLoaded=true&totalItems=6
dealing with a giant URL string
Moderator: General Moderators
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US