Slice's Profile User Rating: -----

Reputation: 242 Stalwart
Group:
Active Members
Active Posts:
704 (0.33 per day)
Joined:
24-November 08
Profile Views:
18,992
Last Active:
User is offline Yesterday, 04:35 AM
Currently:
Offline

Previous Fields

Country:
GB
OS Preference:
Linux
Favorite Browser:
FireFox
Favorite Processor:
Intel
Favorite Gaming Platform:
XBox
Your Car:
Who Cares
Dream Kudos:
0

Latest Visitors

Icon   Slice has not set their status

Posts I've Made

  1. In Topic: Whats the most usefull linux command in your opinion

    Posted 21 Aug 2014

    Ping.
  2. In Topic: NFL Fantasy Football 2014

    Posted 21 Aug 2014

    I'm up for it again this year if we get enough people.
  3. In Topic: Codeigniter's $this->db works in a controller and not in

    Posted 8 Aug 2014

    View Postastonecipher, on 30 July 2014 - 02:21 AM, said:

    It seems like I'm pushing the product now but,

    I'm evaluating Zends new IDE Zend Studio. And so far it is amazing with what it offers, native mobile development, built in composer integration, as well as Ant, PHPUnit, and a host of other things. It's extended eclipse making it already familiar. The actual product is not free, but for what you get it is an awesome IDE.


    Have you tried the 30 day free trial? I went with it as we started a Zend project at work but fell back to netbeans before the 30 days was up. Considering it was specifically designed to run with zend, the "Create Zend Module" function would always throw an error when trying to use it with a remote server, yet the netbeans plugin for doing it worked ok. (When I say ok; the plugin can't auto fill your controller/model info but it only takes 5 minutes to do that anyway. It just generally creates the folder structure for you.)
  4. In Topic: Thoughts on a 'Level Design' contest?

    Posted 8 Aug 2014

    I'd definitely get involved with this one, just for the learning aspect, not so much for the winning. I've been saying for a while that I wanted to learn how to do more complex things with blender and this would give me a target to aim at when building something.
  5. In Topic: Odd little issue when submitting form to update page information.

    Posted 30 Jul 2014

    View PostDoxramosPS, on 30 July 2014 - 04:48 PM, said:

    (I'll be changing that to prepared Statements. Going to go through my entire code and redo it.) Other than that though I would think it would be better to put an
    if(isset($_GET['id'])) {
                 	$this->query="SELECT * FROM pages WHERE id=" . $_POST['id'] . "";
    }
    else if(isset($_POST['id'])) {
                   $this->query="SELECT * FROM pages WHERE id=" . $_GET['id'] . "";
    }
    else {
                    printf("You cannot directly access this page.");
    }
    
    


    This code would still throw the error. I think you're going for:

    if(isset($_GET['id'])) {
                 	$this->query="SELECT * FROM pages WHERE id=" . $_GET['id'] . "";
    }
    else if(isset($_POST['id'])) {
                   $this->query="SELECT * FROM pages WHERE id=" . $_POST['id'] . "";
    }
    else {
                    printf("You cannot directly access this page.");
    }
    
    


    But this is still wide open to abuse, especially the $_GET. With being on display in the URL, this is the first thing an attacker would look to abuse and attempt an sql injection.

My Information

Member Title:
sudo pacman -S moneyz
Age:
24 years old
Birthday:
November 6, 1989
Gender:
Location:
Manchester
Interests:
web design and development

Contact Information

E-mail:
Click here to e-mail me
Website URL:
Website URL  http://ryandone.co.uk
Twitter:
ryandone89

Friends

Comments

Page 1 of 1
  1. Photo

    Slice Icon

    30 Jul 2012 - 09:45
    Do I need to collect my cash reward in person? ;)
  2. Photo

    modi123_1 Icon

    30 Jul 2012 - 09:09
    Oh.. someone got a new award!
Page 1 of 1