Re: Grep Again (was: MySQL UPDATE)
This WebDNA talk-list message is from 2007
It keeps the original formatting.
numero = 68871
interpreted = N
texte = Got it!I forgot to wrap my pattern in parens:[grep search=([\'"])&replace=\\1]\'"[/grep]On 4/25/07 8:00 AM, "Clint Davis"
wrote:> Thanks Marc. To clarify, I'm trying to replicate the> mysql_real_escape_string() function from PHP5. I have the following grep> statement, but it won't put the backslash in front of the pattern.> > This: [grep search=[\'"]&replace=\\1]\'"[/grep]> > Should return this: \\\'\"> > But, I'm getting this: \\\> > Ideas?> > > On 4/24/07 5:15 PM, "Marc Thompson" wrote:> >> Clint,>> As a rule, before writing any user entered data into a database, I>> cleanse it. Here's an example:>> [replace db=mydb.db&eqSKUdatarq=[cart]][formvariables>> name=_&exact=F][getchars start=2][name][/getchars]=[Grep>> search=[^,-.%@_A-Za-z0-9>> ]&replace=][url][value][/url][/Grep]&[/formvariables][/replace]>> >> Here's what I use to clean up form variables passed to a page:>> [formvariables]>> [text][name]=[Grep search=[^,-.%@_A-Za-z0-9>> ]&replace=][value][/Grep][/text]>> [/formvariables]>> >> Notice the line wrap immediately following the 0-9. That is a space.>> >> HTH,>> Marc>> >> Clint Davis wrote:>> >>> I need to use WebDNA to update a MySQL table. Does anyone have some words of>>> advice (or code preferably) to "cleanse" the user input before executing the>>> SQL UPDATE statement?-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Got it!I forgot to wrap my pattern in parens:[grep search=([\'"])&replace=\\1]\'"[/grep]On 4/25/07 8:00 AM, "Clint Davis" wrote:> Thanks Marc. To clarify, I'm trying to replicate the> mysql_real_escape_string() function from PHP5. I have the following grep> statement, but it won't put the backslash in front of the pattern.> > This: [grep search=[\'"]&replace=\\1]\'"[/grep]> > Should return this: \\\'\"> > But, I'm getting this: \\\> > Ideas?> > > On 4/24/07 5:15 PM, "Marc Thompson" wrote:> >> Clint,>> As a rule, before writing any user entered data into a database, I>> cleanse it. Here's an example:>> [replace db=mydb.db&eqSKUdatarq=[cart]][formvariables>> name=_&exact=F][getchars start=2][name][/getchars]=[Grep>> search=[^,-.%@_A-Za-z0-9>> ]&replace=][url][value][/url][/Grep]&[/formvariables][/replace]>> >> Here's what I use to clean up form variables passed to a page:>> [formvariables]>> [text][name]=[Grep search=[^,-.%@_A-Za-z0-9>> ]&replace=][value][/Grep][/text]>> [/formvariables]>> >> Notice the line wrap immediately following the 0-9. That is a space.>> >> HTH,>> Marc>> >> Clint Davis wrote:>> >>> I need to use WebDNA to update a MySQL table. Does anyone have some words of>>> advice (or code preferably) to "cleanse" the user input before executing the>>> SQL UPDATE statement?-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Clint Davis
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
New Guestbook Source (1997)
WebCatalog/Mac 2.1b2 New Features (1997)
[/application] error? (1997)
Add to a field (1998)
followup to ws3 vs ws2.1 speed (1998)
corrupted jpgs (2003)
WebTen? (1997)
Dumb Question about Docs (1997)
HTML text cannot be copied to clipboard? (1999)
Trouble with formula.db + more explanation (1997)
filemaker - orderfile (1997)
[WebDNA] Post-Parse Script to remove extra returns. (2009)
Shipping Costs Not Updating When Adding Items (1997)
browser info.txt and SSL (1997)
WebCat for Site Search? (1997)
Problems with [Search] param - Mac Plugin b15 (1997)
normal users.db calls ... (1998)
Banner Ads (2000)
pretty Urgent: Crash after addlineitem (2001)
Where is f2? (1997)