Page 2 of 3

Posted: Fri Aug 19, 2005 8:28 am
by raghavan20
few functions behaviors: :roll:

Code: Select all

$str1 = "234324";
$str2 = "sdf23dsf";
echo gettype($str1)."<br />".gettype($str2)."<br />";//returns both as string
echo gettype(intval($str1))."<br />".gettype(intval($str2))."<br />";//returns both as integer
echo is_numeric($str1)."<br />".is_numeric($str2)."<br />";//returns 1 for the first one

Posted: Fri Aug 19, 2005 9:06 am
by sleazyfrank
patrikG wrote:
Unless it covers object oriented programming in good detail, I don't think any beginner's PHP book is worth looking at. I usually recommend Harry Fuecks "PHP Anthology".

Yup. And I used to work in Horsham for a couple of months some time ago... We always went to the Malt & Shovel :)
You're kidding? The guys name is Fuecks?! The Malt & Shovel - Springfield Road? Near the cross roads?

cheers frank

Posted: Fri Aug 19, 2005 9:09 am
by patrikG
To all but the first question: yes ;)

Malt & Shovel was a bit too pricy on Hoegaarden...

Posted: Fri Aug 19, 2005 9:39 am
by timvw
Cheers... Belgians sure know how to make beer ;)

Image

Posted: Fri Aug 19, 2005 9:42 am
by patrikG
yup! But they either sell it to expensively or the UK government (as usual) slaps 400% import duty on it... Being asked close to 3 squid for a pint is daylight robbery. But alas, every now and then, I nice pint of Hoegaarden... <slurp>

I never saw the fascination for that bitter stuff

Posted: Fri Aug 19, 2005 9:57 am
by AnarKy
I never saw the fascination for that bitter stuff,
Can handle it though… just hate the taste…

Posted: Mon Aug 22, 2005 8:12 am
by sleazyfrank
Hi all - I'm trying to use this:

function filterBadWords($string){
return preg_replace("/[drop|insert|delete|;|--]/", "", $string);
}

to remove any illegal or unwanted words and characters. I'm trying to put up some lines of defence against sql injection. But I'm getting this error:

Warning: Compilation failed: range out of order in character class at offset 23 in /mydirectory/bookcourse.php on line 290

Erm... any ideas what this means?

thanks

frank

Posted: Mon Aug 22, 2005 8:26 am
by feyd
remove the square brackets, those are used as a character class; i.e. anything inside is considered an unordered list of acceptable characters for the match. The error is due to your usage of --, the minus symbol is a metacharacter in character classes.

Posted: Mon Aug 22, 2005 8:42 am
by sleazyfrank
feyd wrote: The error is due to your usage of --, the minus symbol is a metacharacter in character classes.
Hi - cheers for that - I'm only on week 2 of php so learning lots as I go; but I've read that -- is used in sql injection attacks?
I'm also using
function filterAlphanumeric($string){
return preg_replace("/[^a-zA-Z0-9]/", "", $string);
}
so will that take care of the dreaded --?

thanks for helping a php noob!

frank

Posted: Mon Aug 22, 2005 8:44 am
by feyd
yes, it will.

Posted: Mon Aug 22, 2005 8:46 am
by patrikG
but only if you start using

Code: Select all

tags around your code, sleazyfrank.

Posted: Mon Aug 22, 2005 8:55 am
by sleazyfrank
Erm... I use <?php ?> unless that's an inbuilt php dev joke? :oops:

frank

Posted: Mon Aug 22, 2005 8:59 am
by patrikG
You posted
function filterAlphanumeric($string){
return preg_replace("/[^a-zA-Z0-9]/", "", $string);
}
If you surround this with

Code: Select all

 [/php ]-tags (without the spaces in the brackets)

you will end up with code-highlighting

[syntax=php]function filterAlphanumeric($string){
return preg_replace("/[^a-zA-Z0-9]/", "", $string);
}[/syntax]

I am sleazyfrank - easily confused....

Posted: Mon Aug 22, 2005 9:03 am
by sleazyfrank
D'oh. But I gotta tell ya, I'm loving php and mysql a billion times better than asp and micro$oft sql serv. It's very actionscript-esque in it's approach.

Code: Select all

Here's how I should have done it!
frank

Posted: Mon Aug 22, 2005 9:04 am
by patrikG

Code: Select all

Yup