TornEnvironment - V13 - Completely from scratch - SQL - C# - Stable

[Emily]

Or use prepared statements and you dont have to worry about SQL Injections.

Read previous posts, I already stated I use prepared statements, just want to filter as much as possible, for 100% protection.

 

[Quackster]

Or you can use RedBean and don't have to worry about any excess code and injections.

 

[Clawed]

mysql_real_escape_string is a function to filter variables.

I know this, i aint dumb.

But if MySQL is depreciated, then in later versions mysql_real_escape_string() won't work.

 

[Emily]

I know this, i aint dumb.

But if MySQL is depreciated, then in later versions mysql_real_escape_string() won't work.

I never pointed out you're dumb.

I know, I just thought somebody told me to use mysql_real_escape_string except of what I used, or I must've dreamt it, but I also said I will update it.

 

[Emily]

Just decided something. Will still keep the idea's of the social network in mind, programming now while recording, so you can actually watch video of me programming, I will also do some live-streams in the future.

You must be registered to see links

That's first part, if you subscribe, you'll get the newest updates when I upload them.

 

[AWA]

What about the emu itself?

 

[Joopie]

Funny how you think a Author name can be 100 chars....

0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Yheey, lets waste storage memory =D

 

[Emily]

Funny how you think a Author name can be 100 chars....

0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Yheey, lets waste storage memory =D

I kinda always use the same default: 100 for varchar, 1 for tinyint, 11 for int, but ofc will change.

@AWA:

I take a little break as C# becomes boring after a while :blush:

 

[Monsma]

It also says: "Use mysqli_real_escape_string when using MySQLi or PDO:quote when using PDO" when you want to secure inputs[/COLOR]

PDO::quote is has not the same output as a real_escape_string if people use PDO and like to use a real_escape_string use in this way 'addslashes'

 

[Joopie]

PDO::quote is has not the same output as a real_escape_string if people use PDO and like to use a real_escape_string use in this way 'addslashes'

Tell PHP.net about your findings.

 

[Chapo]

Just decided something. Will still keep the idea's of the social network in mind, programming now while recording, so you can actually watch video of me programming, I will also do some live-streams in the future.

You must be registered to see links

That's first part, if you subscribe, you'll get the newest updates when I upload them.

Funny, maybe cool to check again your codes, cuz some things are badddddddddddd!

REMOVED

Also don't understand the mysql_real_escape_string because it must be $lawllawl->real_escape_string, right???

 

[Nathandj]

Funny, maybe cool to check again your codes, cuz some things are badddddddddddd!

REMOVED

Also don't understand the mysql_real_escape_string because it must be $lawllawl->real_escape_string, right???

Thats MySQLi

$mysqli->real_escape_string(x)

MySQL have a separate function: mysql_real_escape_string

 

[Clawed]

None of you have noticed hes using pdo, also you can use mysqli_real_escape_string("mysqli_connection", $str);

 

[Hejula]

Or you can all just let him get on with it. It's fine giving suggestions but when 100 people are saying the same thing I think he understands.

 

[Emily]

To all people who said I'm "using mysql", I know I forgot there was a function for PDO/MySQLi, I already changed it..

@Ryan:

I redirect to home.php, what's wrong with that? Except of telling: "Hey I'm Ryan you suck you are bad" tell me things that are useful, like you could better do this etc, I hate people flaming but not helping.

For now I'll ignore everything about the mysql_real_escape_string poop.

 

[Joopie]

To all people who said I'm "using mysql", I know I forgot there was a function for PDO/MySQLi, I already changed it..

@Ryan:

I redirect to home.php, what's wrong with that? Except of telling: "Hey I'm Ryan you suck you are bad" tell me things that are useful, like you could better do this etc, I hate people flaming but not helping.

For now I'll ignore everything about the mysql_real_escape_string poop.

His point is that the code keeps running even when you set the "Location" header. In some cases this can be bad.

In most cases there is no point of executing the rest of the script and that's why "we" exit the script after setting the "Location" header.

 

[Emily]

His point is that the code keeps running even when you set the "Location" header. In some cases this can be bad.

In most cases there is no point of executing the rest of the script and that's why "we" exit the script after setting the "Location" header.

Okay, that's something that helps me, you're way more helpful than Ryan.

 

[Quackster]

Funny, maybe cool to check again your codes, cuz some things are badddddddddddd!

REMOVED

Also don't understand the mysql_real_escape_string because it must be $lawllawl->real_escape_string, right???

Please tell me you have better things to do than criticize Josh!

 

[m.tiago]

i'm have the old and complete habbo layout in my PC.

 

[James]

Just a reminder, don't quit