Menu
▾
▴
phpesp-devel
|
From: SourceForge.net <no...@so...> - 2003-08-05 20:32:57
|
Bugs item #783745, was opened at 2003-08-05 20:32 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 Category: SQL Group: v1.6.1 Status: Open Resolution: None Priority: 5 Submitted By: Stephen Lawrence (logart) Assigned to: Nobody/Anonymous (nobody) Summary: single quote breaks "add survey" Initial Comment: If I enter a single quote in either the name, title, subtitle, etc. I get errors from the single quote being in the insert statement. [ Warning, error encountered. [ 1064: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'asdfasdf'', email='', theme='', thanks_page='', thank_head='', ] ] thanks ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 |
|
From: SourceForge.net <no...@so...> - 2003-08-05 22:58:21
|
Bugs item #783745, was opened at 2003-08-05 15:32 Message generated for change (Comment added) made by greggmc You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 Category: SQL Group: v1.6.1 Status: Open Resolution: None Priority: 5 Submitted By: Stephen Lawrence (logart) Assigned to: Nobody/Anonymous (nobody) Summary: single quote breaks "add survey" Initial Comment: If I enter a single quote in either the name, title, subtitle, etc. I get errors from the single quote being in the insert statement. [ Warning, error encountered. [ 1064: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'asdfasdf'', email='', theme='', thanks_page='', thank_head='', ] ] thanks ---------------------------------------------------------------------- >Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 17:58 Message: Logged In: YES user_id=14116 What version of ESP are you using? Are magic quotes turned on or off in php? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 |
|
From: SourceForge.net <no...@so...> - 2003-08-05 23:00:19
|
Bugs item #783745, was opened at 2003-08-05 20:32 Message generated for change (Comment added) made by logart You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 Category: SQL Group: v1.6.1 Status: Open Resolution: None Priority: 5 Submitted By: Stephen Lawrence (logart) Assigned to: Nobody/Anonymous (nobody) Summary: single quote breaks "add survey" Initial Comment: If I enter a single quote in either the name, title, subtitle, etc. I get errors from the single quote being in the insert statement. [ Warning, error encountered. [ 1064: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'asdfasdf'', email='', theme='', thanks_page='', thank_head='', ] ] thanks ---------------------------------------------------------------------- >Comment By: Stephen Lawrence (logart) Date: 2003-08-05 23:00 Message: Logged In: YES user_id=14468 1.6.1 PHP Version 4.3.0 all magic's are off: magic_quotes_gpc Off magic_quotes_runtime Off magic_quotes_sybase Off log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 22:58 Message: Logged In: YES user_id=14116 What version of ESP are you using? Are magic quotes turned on or off in php? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 |
|
From: SourceForge.net <no...@so...> - 2003-08-05 23:15:58
|
Bugs item #783745, was opened at 2003-08-05 15:32 Message generated for change (Comment added) made by greggmc You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 Category: SQL Group: v1.6.1 Status: Open Resolution: None Priority: 5 Submitted By: Stephen Lawrence (logart) Assigned to: Nobody/Anonymous (nobody) Summary: single quote breaks "add survey" Initial Comment: If I enter a single quote in either the name, title, subtitle, etc. I get errors from the single quote being in the insert statement. [ Warning, error encountered. [ 1064: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'asdfasdf'', email='', theme='', thanks_page='', thank_head='', ] ] thanks ---------------------------------------------------------------------- >Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 18:15 Message: Logged In: YES user_id=14116 I can't duplicate here. Can you turn "magic_quotes_gpc" on and try again? This might be a bug with magic_quote handling. ---------------------------------------------------------------------- Comment By: Stephen Lawrence (logart) Date: 2003-08-05 18:00 Message: Logged In: YES user_id=14468 1.6.1 PHP Version 4.3.0 all magic's are off: magic_quotes_gpc Off magic_quotes_runtime Off magic_quotes_sybase Off log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 17:58 Message: Logged In: YES user_id=14116 What version of ESP are you using? Are magic quotes turned on or off in php? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 |
|
From: SourceForge.net <no...@so...> - 2003-08-06 21:19:43
|
Bugs item #783745, was opened at 2003-08-05 20:32 Message generated for change (Comment added) made by logart You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 Category: SQL Group: v1.6.1 Status: Open Resolution: None Priority: 5 Submitted By: Stephen Lawrence (logart) Assigned to: Nobody/Anonymous (nobody) Summary: single quote breaks "add survey" Initial Comment: If I enter a single quote in either the name, title, subtitle, etc. I get errors from the single quote being in the insert statement. [ Warning, error encountered. [ 1064: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'asdfasdf'', email='', theme='', thanks_page='', thank_head='', ] ] thanks ---------------------------------------------------------------------- >Comment By: Stephen Lawrence (logart) Date: 2003-08-06 21:19 Message: Logged In: YES user_id=14468 I added a .htaccess file with: php_flag magic_quotes_gpc On and it is working, but I thought the program was designed to work with or without magic quotes? log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 23:15 Message: Logged In: YES user_id=14116 I can't duplicate here. Can you turn "magic_quotes_gpc" on and try again? This might be a bug with magic_quote handling. ---------------------------------------------------------------------- Comment By: Stephen Lawrence (logart) Date: 2003-08-05 23:00 Message: Logged In: YES user_id=14468 1.6.1 PHP Version 4.3.0 all magic's are off: magic_quotes_gpc Off magic_quotes_runtime Off magic_quotes_sybase Off log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 22:58 Message: Logged In: YES user_id=14116 What version of ESP are you using? Are magic quotes turned on or off in php? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 |
|
From: flobee <fl...@gm...> - 2003-08-13 16:56:50
|
hello all is it possible that there is a little miss-configuration on the authentification!? i got some reports from some authors (designer accouns) having problems staying loggend in. while checking the loginsystem (manage_auth()) i see some "if" statments which will never act: like: // see if ACL is cached -> the "password" is never placed in the the session! , as "session array" but not sticked in the session! is the password forgotten to stick it in or do passwords have notthing to do in the session cookie? im not sure about it i think at least it can be sticked in when having an own server , right!? else using the $server[PHP_AUTH_PW....!? another secure request is that there should be a "time limit" on the login procedure. my ISP gave me the information that most hack attacts start which the brutefoce on htaccess files. so with php its more simple!? and if you have no log mecanism you don´t know what people exactly do when you see alot of requests on your admin file like - http:// user : password @ sub . server . tld / phpesp / myfile.php or does the authentification do only work on webbrowsers? kind regards flobee |
|
From: SourceForge.net <no...@so...> - 2003-08-07 13:55:00
|
Bugs item #783745, was opened at 2003-08-05 15:32 Message generated for change (Comment added) made by greggmc You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 Category: SQL Group: v1.6.1 Status: Open Resolution: None Priority: 5 Submitted By: Stephen Lawrence (logart) Assigned to: Nobody/Anonymous (nobody) Summary: single quote breaks "add survey" Initial Comment: If I enter a single quote in either the name, title, subtitle, etc. I get errors from the single quote being in the insert statement. [ Warning, error encountered. [ 1064: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'asdfasdf'', email='', theme='', thanks_page='', thank_head='', ] ] thanks ---------------------------------------------------------------------- >Comment By: Matthew Gregg (greggmc) Date: 2003-08-07 08:54 Message: Logged In: YES user_id=14116 It is designed to handle magic quotes on or off. This looks like a bug with that handling, that we need to fix. ---------------------------------------------------------------------- Comment By: Stephen Lawrence (logart) Date: 2003-08-06 16:19 Message: Logged In: YES user_id=14468 I added a .htaccess file with: php_flag magic_quotes_gpc On and it is working, but I thought the program was designed to work with or without magic quotes? log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 18:15 Message: Logged In: YES user_id=14116 I can't duplicate here. Can you turn "magic_quotes_gpc" on and try again? This might be a bug with magic_quote handling. ---------------------------------------------------------------------- Comment By: Stephen Lawrence (logart) Date: 2003-08-05 18:00 Message: Logged In: YES user_id=14468 1.6.1 PHP Version 4.3.0 all magic's are off: magic_quotes_gpc Off magic_quotes_runtime Off magic_quotes_sybase Off log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 17:58 Message: Logged In: YES user_id=14116 What version of ESP are you using? Are magic quotes turned on or off in php? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 |
|
From: SourceForge.net <no...@so...> - 2003-08-07 14:30:57
|
Bugs item #783745, was opened at 2003-08-05 20:32 Message generated for change (Comment added) made by logart You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 Category: SQL Group: v1.6.1 Status: Open Resolution: None Priority: 5 Submitted By: Stephen Lawrence (logart) Assigned to: Nobody/Anonymous (nobody) Summary: single quote breaks "add survey" Initial Comment: If I enter a single quote in either the name, title, subtitle, etc. I get errors from the single quote being in the insert statement. [ Warning, error encountered. [ 1064: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'asdfasdf'', email='', theme='', thanks_page='', thank_head='', ] ] thanks ---------------------------------------------------------------------- >Comment By: Stephen Lawrence (logart) Date: 2003-08-07 14:30 Message: Logged In: YES user_id=14468 I spent some time trying to figure out why the _addslashes call does not function properly. I just could not quite put my finger on it. I ended up just changing the _add/_strip to use the normal add/strip functions and that worked, but I would like to see it fixed permanently. Thanks. log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-07 13:54 Message: Logged In: YES user_id=14116 It is designed to handle magic quotes on or off. This looks like a bug with that handling, that we need to fix. ---------------------------------------------------------------------- Comment By: Stephen Lawrence (logart) Date: 2003-08-06 21:19 Message: Logged In: YES user_id=14468 I added a .htaccess file with: php_flag magic_quotes_gpc On and it is working, but I thought the program was designed to work with or without magic quotes? log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 23:15 Message: Logged In: YES user_id=14116 I can't duplicate here. Can you turn "magic_quotes_gpc" on and try again? This might be a bug with magic_quote handling. ---------------------------------------------------------------------- Comment By: Stephen Lawrence (logart) Date: 2003-08-05 23:00 Message: Logged In: YES user_id=14468 1.6.1 PHP Version 4.3.0 all magic's are off: magic_quotes_gpc Off magic_quotes_runtime Off magic_quotes_sybase Off log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 22:58 Message: Logged In: YES user_id=14116 What version of ESP are you using? Are magic quotes turned on or off in php? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 |
|
From: SourceForge.net <no...@so...> - 2004-02-21 23:18:45
|
Bugs item #783745, was opened at 2003-08-05 15:32 Message generated for change (Comment added) made by greggmc You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 Category: SQL Group: v1.6.1 >Status: Closed Resolution: None Priority: 5 Submitted By: Stephen Lawrence (logart) Assigned to: Nobody/Anonymous (nobody) Summary: single quote breaks "add survey" Initial Comment: If I enter a single quote in either the name, title, subtitle, etc. I get errors from the single quote being in the insert statement. [ Warning, error encountered. [ 1064: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'asdfasdf'', email='', theme='', thanks_page='', thank_head='', ] ] thanks ---------------------------------------------------------------------- >Comment By: Matthew Gregg (greggmc) Date: 2004-02-21 18:10 Message: Logged In: YES user_id=14116 Cannot duplicate in current CVS. ---------------------------------------------------------------------- Comment By: Stephen Lawrence (logart) Date: 2003-08-07 09:30 Message: Logged In: YES user_id=14468 I spent some time trying to figure out why the _addslashes call does not function properly. I just could not quite put my finger on it. I ended up just changing the _add/_strip to use the normal add/strip functions and that worked, but I would like to see it fixed permanently. Thanks. log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-07 08:54 Message: Logged In: YES user_id=14116 It is designed to handle magic quotes on or off. This looks like a bug with that handling, that we need to fix. ---------------------------------------------------------------------- Comment By: Stephen Lawrence (logart) Date: 2003-08-06 16:19 Message: Logged In: YES user_id=14468 I added a .htaccess file with: php_flag magic_quotes_gpc On and it is working, but I thought the program was designed to work with or without magic quotes? log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 18:15 Message: Logged In: YES user_id=14116 I can't duplicate here. Can you turn "magic_quotes_gpc" on and try again? This might be a bug with magic_quote handling. ---------------------------------------------------------------------- Comment By: Stephen Lawrence (logart) Date: 2003-08-05 18:00 Message: Logged In: YES user_id=14468 1.6.1 PHP Version 4.3.0 all magic's are off: magic_quotes_gpc Off magic_quotes_runtime Off magic_quotes_sybase Off log ---------------------------------------------------------------------- Comment By: Matthew Gregg (greggmc) Date: 2003-08-05 17:58 Message: Logged In: YES user_id=14116 What version of ESP are you using? Are magic quotes turned on or off in php? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=783745&group_id=8956 |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X