¡@
php Programming Glossary: sometableWarning: mysql_result() expects parameter 1 to be resource, boolean given [duplicate] http://stackoverflow.com/questions/11423106/warning-mysql-result-expects-parameter-1-to-be-resource-boolean-given call. For example result mysql_query SELECT somecol FROM sometable if result Handle error here Now process the result You should..
Examples of vulnerable PHP code? http://stackoverflow.com/questions/1783137/examples-of-vulnerable-php-code injection is easy var _POST 'var' mysql_query SELECT FROM sometable WHERE id var This is easily solved by var mysql_real_escape_string..
http://stackoverflow.com/questions/1901457/php-warning-mysql-fetch-assoc are used as follows id 1234 query 'SELECT name genre FROM sometable WHERE id ' . id query is a string with the MySQL query resource.. to mysql_query id null query 'SELECT name genre FROM sometable WHERE id ' . id res mysql_query query res FALSE because the.. FALSE because the query was invalid SELECT name genre FROM sometable WHERE id is not a valid query mysql_fetch_assoc res Warning..
http://stackoverflow.com/questions/37791/how-do-you-manage-sql-queries but you get the idea... results db GetResults SELECT FROM sometable WHERE iUser userid if results Do something I am looking into..
How to escape strings in SQL Server using PHP? http://stackoverflow.com/questions/574805/how-to-escape-strings-in-sql-server-using-php unpacked unpack 'H hex' data mssql_query ' INSERT INTO sometable somecolumn VALUES 0x' . unpacked 'hex' . ' ' Abstracted that.. return '0x' . unpacked 'hex' mssql_query ' INSERT INTO sometable somecolumn VALUES ' . mssql_escape somevalue . ' ' mysql_error..
|