bladewolf2010 Posted June 5, 2010 Share Posted June 5, 2010 Fatal error: Call to undefined function mysql_safe() in /home/rainofhe/public_html/jailbust.php on line 22 This function mysql_safe() thing pops up alot :/ how do i fix? Quote Link to comment Share on other sites More sharing options...
Dillion & Amanda 4 Lif Posted June 5, 2010 Share Posted June 5, 2010 I haven't seen anything regarding mysql_safe() anywhere until now. Are you sure your not using a function called mysql_safe()? Quote Link to comment Share on other sites More sharing options...
sniko Posted June 5, 2010 Share Posted June 5, 2010 Your using the function mysql_safe in your code and you havent made it a function. Quote Link to comment Share on other sites More sharing options...
bladewolf2010 Posted June 5, 2010 Author Share Posted June 5, 2010 What would the function be then :/ Quote Link to comment Share on other sites More sharing options...
Dominion Posted June 5, 2010 Share Posted June 5, 2010 well how are you using it in the code? the one that comes with v2 but is called mysql_escape you may want that? Quote Link to comment Share on other sites More sharing options...
Brad Posted June 5, 2010 Share Posted June 5, 2010 Yeah mysql_escape or u will have to change it all but i dont have v2. but still make mods for it Quote Link to comment Share on other sites More sharing options...
Dillion & Amanda 4 Lif Posted June 5, 2010 Share Posted June 5, 2010 Yeah mysql_escape or u will have to change it all but i dont have v2. but still make mods for it Your mods are not really even mods, no offense. and i believe the proper MC term is $db->escape Quote Link to comment Share on other sites More sharing options...
Danny696 Posted June 5, 2010 Share Posted June 5, 2010 For god sake its $db->escape Quote Link to comment Share on other sites More sharing options...
Dominion Posted June 5, 2010 Share Posted June 5, 2010 thats mres via the class file v2 has a function called mysql_escape thats in the global_func.php file function mysql_escape($str) { return str_replace("'","''",$str); } Quote Link to comment Share on other sites More sharing options...
Brad Posted June 5, 2010 Share Posted June 5, 2010 oh yeah i using lite so i keep doing that lol Quote Link to comment Share on other sites More sharing options...
Dillion & Amanda 4 Lif Posted June 5, 2010 Share Posted June 5, 2010 The most up-to-date version is mysql_real_escape_string anyway. People seem to use the easy way out. Quote Link to comment Share on other sites More sharing options...
Brad Posted June 5, 2010 Share Posted June 5, 2010 Lol and about my mods yeah there not really mods but im not a that good coder yet i want to get better Quote Link to comment Share on other sites More sharing options...
Djkanna Posted June 5, 2010 Share Posted June 5, 2010 The only thing I can think mysql_safe could be is mysql_close or mysql_free_result :S Now how about showing us how your using it? The most up-to-date version is mysql_real_escape_string anyway. People seem to use the easy way out. Nothing about mysql_* is up-to-date.. Ps: $db->escape() is just mysql_real_escape_string() with a shorter name.. Quote Link to comment Share on other sites More sharing options...
Dominion Posted June 5, 2010 Share Posted June 5, 2010 @snake no mysql_real_escape_sting is a php function a self made function that comes with and is used in mccodes v2 is mysql_escape (also in v1/lite i think) the class folder defines $db->escape as mysql_real_escape_string if you hold v2 look in the global_func file for it its not a good function and i do not use it however it is there and is used inside the base v2 script i fail to see how its an easy way out if its already being used inside v2? also yes please post the line/page its being used in please Quote Link to comment Share on other sites More sharing options...
bladewolf2010 Posted June 5, 2010 Author Share Posted June 5, 2010 $_GET['ID']=mysql_safe($_GET['ID']); Thats for iteminfo.php Quote Link to comment Share on other sites More sharing options...
Dillion & Amanda 4 Lif Posted June 5, 2010 Share Posted June 5, 2010 function mysql_escape($str) { return str_replace("'","''",$str); } Based on that all it does is add a quote after the one quote. it isnt escaping anything Quote Link to comment Share on other sites More sharing options...
Dominion Posted June 5, 2010 Share Posted June 5, 2010 not sure whats its ment to be now... $_GET['ID'] = abs(intval($_GET['ID'])); makes sure its a number i assume thats what your checking @snake it takes out the ' before saving to the database Quote Link to comment Share on other sites More sharing options...
Dillion & Amanda 4 Lif Posted June 5, 2010 Share Posted June 5, 2010 not sure whats its ment to be now... $_GET['ID'] = abs(intval($_GET['ID'])); makes sure its a number i assume thats what your checking I believe $_GET['ID']+=0; works as well. Quote Link to comment Share on other sites More sharing options...
Djkanna Posted June 5, 2010 Share Posted June 5, 2010 function mysql_safe($var) { if(!filter_var($var, FILTER_VALIDATE_INT)) { return false; } else { return abs(filter_var($var, FILTER_SANITIZE_NUMBER_INT)); } Quote Link to comment Share on other sites More sharing options...
Dominion Posted June 5, 2010 Share Posted June 5, 2010 its not used on my copy anymore however it is there since theres no point in taking it out (well the 0.000000001 sec on the speed) Quote Link to comment Share on other sites More sharing options...
bladewolf2010 Posted June 5, 2010 Author Share Posted June 5, 2010 Thanks DJ :) One more thing Does this even help secure Quote Link to comment Share on other sites More sharing options...
Djkanna Posted June 5, 2010 Share Posted June 5, 2010 It just makes sure whatever is passed in is a number :) Quote Link to comment Share on other sites More sharing options...
bladewolf2010 Posted June 5, 2010 Author Share Posted June 5, 2010 oh otay thank you :) Quote Link to comment Share on other sites More sharing options...
Djkanna Posted June 5, 2010 Share Posted June 5, 2010 :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.