Current location: Hot Scripts Forums » Programming Languages » PHP » newbie question duplicating record


newbie question duplicating record

Reply
Page 2 of 2 1 2
 
LinkBack Thread Tools Display Modes
  #11 (permalink)  
Old 12-03-08, 09:03 PM
genabit genabit is offline
Newbie Coder
  
Join Date: Nov 2008
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
I'm new to this could you expound on your reference to filtering? I dont want the server to be hacked, but we do require a user to be logged in to perform the job duplication. What would you recommend for adding a filter?




Quote:
Originally Posted by End User View Post
Code:
if(isset($_GET['job_copy'])){ // copy the job

$qac = "select jobid from jobs order by jobid desc";
	       $rac = mysql_query($qac) or die(mysql_error(Error2));
	       $ac = mysql_fetch_array($rac);
	       $newjobid = $ac[0] + 1;
		   
$old_jobid = $_GET['old_jobid'];
Please be aware that this code, specifically the unfiltered GET statements, is a recipe for disaster. As it stands, a malicious user could pass in a SQL statement (or other code) that would compromise your server completely. There isn't anything they couldn't do once they had control. And your biggest fear isn't an individual user, it's bots that scan the web for forms and then start "fuzzing" the forms automatically, looking for exploits and vulnerabilities. This happens all the time and I can just about guarantee you that your site will be hacked before long if you ran that code as shown.
Reply With Quote
  #12 (permalink)  
Old 12-03-08, 09:22 PM
genabit genabit is offline
Newbie Coder
  
Join Date: Nov 2008
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
unfiltered get statements
does the
Code:
 include_once "accesscontrol.php";
which restricts posters to being logged in and being authorized to post a job qualify as a filter?
Reply With Quote
  #13 (permalink)  
Old 12-03-08, 10:19 PM
End User's Avatar
End User End User is offline
Level II Curmudgeon
  
Join Date: Dec 2004
Posts: 3,027
Thanks: 14
Thanked 35 Times in 33 Posts
Quote:
Originally Posted by genabit View Post
does the
Code:
 include_once "accesscontrol.php";
which restricts posters to being logged in and being authorized to post a job qualify as a filter?
Well, no, not really. By filtering I mean to screen out malicious input strings or characters and/or preventing SQL injection.
__________________
I don't live on the edge, but sometimes I go there to visit.
-------------------------------------------------------------------------
Sanitize Your Data | Oracle Date & Substring Functions | Code Snippet Library | [url=http://www.codmb.com/Call Of Duty[/url]
Reply With Quote
  #14 (permalink)  
Old 05-12-10, 03:28 AM
nenupharvn nenupharvn is offline
New Member
  
Join Date: May 2010
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Advertising job descriptions
These are many positions of Advertising department. It can include:

1. Advertising officer
2. Advertising assistant manager
3. Advertising associate
4. Advertising clerk
5. Advertising manager
6. Advertising executive
7. Advertising coordinator
8. Advertising assistant
9. Advertising supervisor
10. Advertising specialist
11. Advertising director


Based on the above positions can help you to set up Advertising dept, design job descriptions, Advertising interview questions.

I hope that this comment can help some info for our communities.

Rgs
Reply With Quote
Reply
Page 2 of 2 1 2

Bookmarks

« slideshow last 5 pictures fullscreen from directory autorefresh | bread crumb trail suggestion »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
General newbie code question Shelby PHP 4 01-14-08 11:00 PM
Hello Another newbie, with a question WannabeCoder New Members & Introductions 0 10-15-06 10:05 PM
Hi - newbie with specific question Seamoose New Members & Introductions 0 04-01-06 07:08 PM
newbie HTML question mrlocom HTML/XHTML/XML 8 04-11-05 12:07 PM
NEWBIE QUESTION: Forms - Assigning Values to Variables jenf JavaScript 1 07-23-04 03:36 PM


All times are GMT -5. The time now is 08:24 AM.
vBulletin® Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.