Re: Grep Again (was: MySQL UPDATE)

This WebDNA talk-list message is from

2007


It keeps the original formatting.
numero = 68871
interpreted = N
texte = Got it! I forgot to wrap my pattern in parens: [grep search=([\'"])&replace=\\1]\'"[/grep] On 4/25/07 8:00 AM, "Clint Davis" wrote: > Thanks Marc. To clarify, I'm trying to replicate the > mysql_real_escape_string() function from PHP5. I have the following grep > statement, but it won't put the backslash in front of the pattern. > > This: [grep search=[\'"]&replace=\\1]\'"[/grep] > > Should return this: \\\'\" > > But, I'm getting this: \\\ > > Ideas? > > > On 4/24/07 5:15 PM, "Marc Thompson" wrote: > >> Clint, >> As a rule, before writing any user entered data into a database, I >> cleanse it. Here's an example: >> [replace db=mydb.db&eqSKUdatarq=[cart]][formvariables >> name=_&exact=F][getchars start=2][name][/getchars]=[Grep >> search=[^,-.%@_A-Za-z0-9 >> ]&replace=][url][value][/url][/Grep]&[/formvariables][/replace] >> >> Here's what I use to clean up form variables passed to a page: >> [formvariables] >> [text][name]=[Grep search=[^,-.%@_A-Za-z0-9 >> ]&replace=][value][/Grep][/text] >> [/formvariables] >> >> Notice the line wrap immediately following the 0-9. That is a space. >> >> HTH, >> Marc >> >> Clint Davis wrote: >> >>> I need to use WebDNA to update a MySQL table. Does anyone have some words of >>> advice (or code preferably) to "cleanse" the user input before executing the >>> SQL UPDATE statement? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Grep Again (was: MySQL UPDATE) ( Clint Davis 2007)
  2. Grep Again (was: MySQL UPDATE) ( Clint Davis 2007)
Got it! I forgot to wrap my pattern in parens: [grep search=([\'"])&replace=\\1]\'"[/grep] On 4/25/07 8:00 AM, "Clint Davis" wrote: > Thanks Marc. To clarify, I'm trying to replicate the > mysql_real_escape_string() function from PHP5. I have the following grep > statement, but it won't put the backslash in front of the pattern. > > This: [grep search=[\'"]&replace=\\1]\'"[/grep] > > Should return this: \\\'\" > > But, I'm getting this: \\\ > > Ideas? > > > On 4/24/07 5:15 PM, "Marc Thompson" wrote: > >> Clint, >> As a rule, before writing any user entered data into a database, I >> cleanse it. Here's an example: >> [replace db=mydb.db&eqSKUdatarq=[cart]][formvariables >> name=_&exact=F][getchars start=2][name][/getchars]=[Grep >> search=[^,-.%@_A-Za-z0-9 >> ]&replace=][url][value][/url][/Grep]&[/formvariables][/replace] >> >> Here's what I use to clean up form variables passed to a page: >> [formvariables] >> [text][name]=[Grep search=[^,-.%@_A-Za-z0-9 >> ]&replace=][value][/Grep][/text] >> [/formvariables] >> >> Notice the line wrap immediately following the 0-9. That is a space. >> >> HTH, >> Marc >> >> Clint Davis wrote: >> >>> I need to use WebDNA to update a MySQL table. Does anyone have some words of >>> advice (or code preferably) to "cleanse" the user input before executing the >>> SQL UPDATE statement? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Clint Davis

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

New Guestbook Source (1997) WebCatalog/Mac 2.1b2 New Features (1997) [/application] error? (1997) Add to a field (1998) followup to ws3 vs ws2.1 speed (1998) corrupted jpgs (2003) WebTen? (1997) Dumb Question about Docs (1997) HTML text cannot be copied to clipboard? (1999) Trouble with formula.db + more explanation (1997) filemaker - orderfile (1997) [WebDNA] Post-Parse Script to remove extra returns. (2009) Shipping Costs Not Updating When Adding Items (1997) browser info.txt and SSL (1997) WebCat for Site Search? (1997) Problems with [Search] param - Mac Plugin b15 (1997) normal users.db calls ... (1998) Banner Ads (2000) pretty Urgent: Crash after addlineitem (2001) Where is f2? (1997)