a_bertrand Posted April 19, 2011 Posted April 19, 2011 why not simply use the function "mysql_real_escape_string" which would ALWAYS work? Instead of something which may not work.... 1 Quote
Diesl Posted April 19, 2011 Posted April 19, 2011 To add on, You are only filtering for given character values in your string. While you maybe eliminating character values that are used in an SQL injection, what a_bertrand said is much more efficient and clean. Also, since I see that you are using this in some sort of message query, you are going to strip possible characters that the user would use normally in the chat, such as a question mark, period, etc. That is not ideal at all. Quote
rulerofzu Posted April 19, 2011 Posted April 19, 2011 $atsakymas=mysql_real_escape_string($_POST['atsakymas']); will suffice Quote
galdikas Posted April 19, 2011 Posted April 19, 2011 (edited) Labas... Ok i know ths is is offtopic.. but how do you send message for someone on this site?? Cant find link anywhere (I just want to PM the starter, so thought it would be appropiate to post it here lol) And on topic: I wouldn't use Lithuanian in your code.. ;) English is more universal.. and what if your game ever becomes big an popular, and you will want to hire a non-Lithuanian dev?? Edited April 19, 2011 by galdikas Quote
Djkanna Posted April 19, 2011 Posted April 19, 2011 The member needs to have PM's turned on in their settings before you can message them. Quote
galdikas Posted April 20, 2011 Posted April 20, 2011 Its the guys that do it for hobbie that ussually create anything worth a damn ;) Add me on skype= Eketgolt :) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.