IRC Logs

Network: freenode Channel: #php

	Enter your search terms Submit search form
	Web www.irclog.org

[17:00]<z2juxxxxavxfjg>FernandoM > htmlentities ?
[17:00]<z2juxxxxavxfjg>I'm not sure, but that may be clues
[17:00]<cyzzzg>woah underscore overload there
[17:00]<fgzgrgmjm>but strip_tags will prevent javascript things too?
[17:01]<cyzzzg>Ruby flashback :\
[17:01]<sfddjvxd>just use htmlspecialchars();
[17:01]<z2juxxxxavxfjg>FernandoM > what's the point ? you want to allow them Javascript ?????
[17:01]<fgzgrgmjm>no
[17:01]<z2juxxxxavxfjg>so no prob
[17:01]<z2juxxxxavxfjg>you just strip_tags on the string provided by user input
[17:02]<z2juxxxxavxfjg>NOT on your code
[17:02]<sfddjvxd>but strop tags will take stuff from thier comments that isnt a real tag and is intentional
[17:02]<sfddjvxd>like think of if someone types a rant and does </rant>
[17:02]<z2juxxxxavxfjg>hum
[17:03]<z2juxxxxavxfjg>would depends of the exact way strip_tags work
[17:03]<z2juxxxxavxfjg>and for that, I'm certain of nothing
[17:03]<cyzzzg>htmlspecialchars should do fine
[17:03]<sfddjvxd>well i think they would tokenise the strings and remove everything that looks taggish rather than removing known tags and update the function all the time
[17:04]<sfddjvxd>besides strip_tags wouldnt work with xhtml/xml if it worked like that
[17:04]<l0wygmrx>real men use regex's
[17:05]<wjlllrws>no, real men chew regex for breakfast
[17:05]<l0wygmrx>mmm regex and grits
[17:05]<wjlllrws>lol
[17:06]<fgzgrgmjm>slimothy: i should do something like this? -> http://erxz.com/pb/2276
[17:06]<ryddygxrgssjg>Wolfpaws, real men drink n00bs for breakfast while reading SF, or wait was that newbies? tsk tsk, slapping myself for that one
[17:06]<ezzfja>hi *
[17:06]<sfddjvxd>i cant click that, i have a bandwidth limit and im over it :(
[17:06]<sfddjvxd>realmen don't use irc
[17:06]<fgzgrgmjm>hmmm ok :P
[17:07]<sfddjvxd>i use ghetto internet
[17:07]<fgzgrgmjm>it's something like htmlentities(mysql_real_escape_string($users_comment))
[17:07]<sfddjvxd>do it the other way round
[17:07]<ryddygxrgssjg>slimothy, the only gal you gonna tag here is yourself :O
[17:08]<mzcjgsvrgvygn>dillweeder
[17:08]<sfddjvxd>i'll live
[17:08]<sfddjvxd>:p
[17:09]<npcaa>hi can somebody tell me what iam doing wrong in my constructor of my class. Am i using try and catch wrongly?
[17:09]<cyzzzg>yes
[17:10]<npcaa>http://rafb.net/paste/results/K8tUMH47.html
[17:10]<cyzzzg>why do you have 3 catches
[17:10]<wjlllrws>o.O
[17:10]<ddr9ww>Hey guys hows it going, i am getting this PHP error - I am running it through WAMP5 and wanting to know why it is happening - Here is the Pastebin link to the error - http://pastebin.ca/94776
[17:11]<npcaa>dont know i whas trying Ciaran
[17:11]<cyzzzg>It's going very well thank you how are you Mma411
[17:11]<cyzzzg>efkoj: you only need one
[17:11]<npcaa>k
[17:11]<rrdrdr>Mma411 - great, now my eyes are bleeding
[17:11]<cyzzzg>DAMNIT I WAS JUST ABOUT TO SAY THAT
[17:12]<rrdrdr>:D
[17:12]<rrdrdr>besides, I see no error
[17:12]<cyzzzg>likewise
[17:12]<cyzzzg>but then I couldn't look for long
[17:12]<wjlllrws>enygma: is it safe to look? :)
[17:12]<wjlllrws>AAARGH! Mah eyes!
[17:12]<rrdrdr>toldjaso
[17:13]<ddr9ww>anyone ?
[17:13]<rrdrdr>Mma411 - um, there is no error message there
[17:13]<rrdrdr>it's just (badly formatted) code
[17:13]<wjlllrws>Ahhh... Much better
[17:13]<wjlllrws>s/badly/hirrible
[17:13]<sfddjvxd>heh hirrible
[17:13]<wjlllrws>s/hirrible/obnoxiously
[17:13]<cyzzzg>Mma411 that is hirribly formatted code
[17:14]<wdrrvs>Is there any particular reason to use $HTTP_GET_VARS and $HTTP_POST_VARS instead of $_REQUEST?
[17:14]<sfddjvxd>sounds like something inspector clueso would say
[17:14]<rrdrdr>use $_GET and $_POST silly
[17:14]<wdrrvs>indeed
[17:14]<rrdrdr>then you know where it's coming from
[17:14]<wdrrvs>I'm refactoring some code
[17:14]<rrdrdr>so?
[17:14]<wdrrvs>This is what my predecessor did http://zerovektor.com/pastebin/pastebin.php?show=255
[17:15]<wdrrvs>I'm trying to work out whether he did it for a reason...
[17:15]<rrdrdr>oh good lord
[17:15]<rrdrdr>they globaled the superglobals
[17:15]<sfddjvxd>but to answer your question _REQUEST is fine if you don't have two different variables with the same name, ie one is set in the URL and another set with POST or a COOKIE
[17:15]<cyzzzg>lol
[17:15]<ddr9ww>okay, $arr["username"] is the main error it is giving me, does that mean that its a problem with wamp5 how it runs - because usually sites in the database are done like this database_user and through wamp its just username would that be why? am i doing something wrong ?
[17:16]<vyvjjevye>okay, $arr["username"] is the main error it is giving me, does that mean that its a problem with wamp5 how it runs - because usually sites in the database are done like this database_user and through wamp its just username would that be why? am i doing something wrong ?
[17:16]<cyzzzg>$arr["username"] is not an error
[17:17]<ddr9ww>sorry
[17:17]<ddr9ww>i am on a few servers someone said to join this chan..
[17:17]<ddr9ww>that was under my other nick.
[17:17]<ddr9ww>soz guys
[17:17]<wjlllrws>enygma: $HTTP_*_VARS aren't superglobals, silly :)
[17:17]<wdrrvs>indeed
[17:17]<wdrrvs>lol
[17:18]<wdrrvs>I replaced it with a params($param) function that returns $_REQUEST[$param]
[17:18]<wjlllrws>mkay...
[17:18]<sfddjvxd>how would that work if the param was an array
[17:19]<sfddjvxd>and you wanted to access a single element from that array
[17:19]<wdrrvs>good question...
[17:19]<wdrrvs>it's not an issue atm
[17:19]<ddr9ww>i am running my site through WAMP5 - and i need to put my username in the secrets.php file, now usually when i set it up on a dedicated server it names the user name mysite_username but with wamp5 all it says is "username" so is that correct or am i doing something wrong
[17:19]<wdrrvs>params("array")[element] wouldn't work?
[17:20]<sfddjvxd>it would see the [] as a string and not evaluate it for php purposes
[17:21]<wjlllrws>wycats: no it won't since PHP can't do that.
[17:21]<2gzgmx>hi, if i have an error can i get the line number of the error as varliable back?
[17:21]<wjlllrws>__LINE__
[17:21]<sfddjvxd>so if you did param(string) it would get $_REQUEST['string'] and param('an_array[0]') would get $_REQUEST['an_array[0]'] instead of the intended $_REQUEST['an_array'][0]
[17:22]<ezzfja>when I submit form with input type=file and I click submit, on page target I can use $_FILES for obtain the temporary file. I can know the temporary file name before the conclusion of the submit?

Back to #php
Or go to some related logs:
#gentoo
#gentoo
#netbsd
#gentoo
#gentoo