Featured post

c# - Usage of Server Side Controls in MVC Frame work -

-
i using asp.net 4.0 , mvc 2.0 web application. project requiremrnt have use server side control in application not possibl in noraml case. ideally want use adrotator control , datalist control. i saw few samples , references in codepleax mvc controllib howwver found less useful. can tell how utilize theese controls in asp.net application along mvc. note: please provide functionalities related adrotator , datalist controls not equivalent functionalities thanks in advace. mvc pages not use normal .net solution makes use of normal .net components impossible. a normal .net page use event driven solution call different methods service side mvc use actions , view completly different way handle things. also, mvc not use viewstate normal .net controlls require. found article discussing mixing of normal .net , mvc.
3 comments

variables - Php script, query ran from value thats passed in -

-

i pretty new @ php, quick note android application calling script, not having users make script lol. there series of checkboxs , when check off ones appends script string builder. trying run query based on value of variable being passed in. this,

   mssql_query("update userdata set browsescript = '".$_request['sqlscript']."'  userdata.username = '".$_request['username']."'");

and says .$_request[''] can grab values pass in.

but time .$_request[''] whole script, want this

mssql_query($_request['sqlscript']);

and thats want run query thats in value, query correct, not return value, think may have type of syntax error or something, said new php. help. not posting whole code because running ok, cant query run. need assistance mssql_query part again.

first of there huge security flaw in doing. should sanitalize , escape variables use in queries example using mysql_real_escape_string or prepared statements.

since importing whole script query, quotes not escaped. need put these functions before variables:

mysql_real_escape_string($_request['your_var']);

using $_request in instead of proper $_get or $_post vulnerable.


Comments

Post a Comment

Popular posts from this blog

c# - Usage of Server Side Controls in MVC Frame work -

-
i using asp.net 4.0 , mvc 2.0 web application. project requiremrnt have use server side control in application not possibl in noraml case. ideally want use adrotator control , datalist control. i saw few samples , references in codepleax mvc controllib howwver found less useful. can tell how utilize theese controls in asp.net application along mvc. note: please provide functionalities related adrotator , datalist controls not equivalent functionalities thanks in advace. mvc pages not use normal .net solution makes use of normal .net components impossible. a normal .net page use event driven solution call different methods service side mvc use actions , view completly different way handle things. also, mvc not use viewstate normal .net controlls require. found article discussing mixing of normal .net , mvc.
Read more

cocoa - Nesting arrays into NSDictionary object (Objective-C) -

-
i define tasks using nsdictionary, i'd save in plist file (i didn't have luck core data far), got stuck @ 2 points: -- when using initwithobjectsandkeys: can change data type number or boolean, using nsdate's numberwithint: , numberwithbool: methods, respectively. can't seem find method change type date though. couldn't find in documentation. -- second problem ran nested arrays. how can add them dictionary? i have uploaded picture here of trying achieve. thank in advance! do mean nsnumber 's +numberwithint: , +numberwithbool: methods, not nsdate ? it's nsnumber defines methods. to convert number date, depends on number is. if it's unix timestamp, [nsdate datewithtimeintervalsince1970:thetimestampinseconds] . as adding nsarray objects dictionary: [yourdictionary setobject:yourarray forkey:@"somekey"]; you'll have post code if need more question isn't clear.
Read more

ios - Very simple iPhone App crashes on UILabel settext -

-
i have simple application. have button , label in ib. have ibaction onclick calls settext on label. there's outlet label. connected in ib. crashes app first time in simulator. when launch again, sets text. crashes again next time. crashes on actual device. should simple, i'm not sure i'm doing wrong. thanks. in .h file : #import <uikit/uikit.h> @interface untitledviewcontroller : uiviewcontroller { iboutlet uilabel *label; iboutlet uibutton *button; } @property (nonatomic, retain) uilabel *label; -(ibaction) onclick1: (id) sender; @end and in .m: - (ibaction) onclick1: (id) sender { //[label settext:@"hello world!"]; label.text = @"hello world!"; //[button settitle:@"clicked" forstate:uicontrolstatenormal]; } sorry, i'm new site. how crash log , stack? thanks. edit : while answer technically correct, doesn't answer question @ :( sorry < warning - guess > if you're
Read more