Grep Again (was: MySQL UPDATE)

This WebDNA talk-list message is from

2007


It keeps the original formatting.
numero = 68870
interpreted = N
texte = Thanks Marc. To clarify, I'm trying to replicate the mysql_real_escape_string() function from PHP5. I have the following grep statement, but it won't put the backslash in front of the pattern. This: [grep search=[\'"]&replace=\\1]\'"[/grep] Should return this: \\\'\" But, I'm getting this: \\\ Ideas? On 4/24/07 5:15 PM, "Marc Thompson" wrote: > Clint, > As a rule, before writing any user entered data into a database, I > cleanse it. Here's an example: > [replace db=mydb.db&eqSKUdatarq=[cart]][formvariables > name=_&exact=F][getchars start=2][name][/getchars]=[Grep > search=[^,-.%@_A-Za-z0-9 > ]&replace=][url][value][/url][/Grep]&[/formvariables][/replace] > > Here's what I use to clean up form variables passed to a page: > [formvariables] > [text][name]=[Grep search=[^,-.%@_A-Za-z0-9 > ]&replace=][value][/Grep][/text] > [/formvariables] > > Notice the line wrap immediately following the 0-9. That is a space. > > HTH, > Marc > > Clint Davis wrote: > >> I need to use WebDNA to update a MySQL table. Does anyone have some words of >> advice (or code preferably) to "cleanse" the user input before executing the >> SQL UPDATE statement? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Grep Again (was: MySQL UPDATE) ( Clint Davis 2007)
  2. Grep Again (was: MySQL UPDATE) ( Clint Davis 2007)
Thanks Marc. To clarify, I'm trying to replicate the mysql_real_escape_string() function from PHP5. I have the following grep statement, but it won't put the backslash in front of the pattern. This: [grep search=[\'"]&replace=\\1]\'"[/grep] Should return this: \\\'\" But, I'm getting this: \\\ Ideas? On 4/24/07 5:15 PM, "Marc Thompson" wrote: > Clint, > As a rule, before writing any user entered data into a database, I > cleanse it. Here's an example: > [replace db=mydb.db&eqSKUdatarq=[cart]][formvariables > name=_&exact=F][getchars start=2][name][/getchars]=[Grep > search=[^,-.%@_A-Za-z0-9 > ]&replace=][url][value][/url][/Grep]&[/formvariables][/replace] > > Here's what I use to clean up form variables passed to a page: > [formvariables] > [text][name]=[Grep search=[^,-.%@_A-Za-z0-9 > ]&replace=][value][/Grep][/text] > [/formvariables] > > Notice the line wrap immediately following the 0-9. That is a space. > > HTH, > Marc > > Clint Davis wrote: > >> I need to use WebDNA to update a MySQL table. Does anyone have some words of >> advice (or code preferably) to "cleanse" the user input before executing the >> SQL UPDATE statement? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Clint Davis

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

MacAuthorize hub, no modal password dialog? (1997) WebCatalog/WebMerchant Manuals Available (1998) Web Catalog 2 demo (1997) Browser Reloads and AddlineItem (1997) I give up!! (1997) WebCat2b15MacPlugIn - [authenticate] not [protect] (1997) [format 40s]text[/format] doesn't work (1997) PCS Frames (1997) More questions about serial number dishing (1997) RE: too many nested [xxx] (1997) Running 2 two WebCatalog.acgi's (1996) [WebDNA] anyway to speed up tcpconnect? (2008) Forcing a NEWCART (1997) Help: how do I process results of a multiple select list (wastest) (2002) PCS Frames-Default page is solution! (1997) RE: type 2 errors with ssl server (1997) Invoice in another window (1998) WebCommerce: Folder organization ? (1997) Email Set-Up? (1997) [WebDNA] client request (2010)