Spudinski Posted July 22, 2012 Posted July 22, 2012 This one always gets me ... I'm trying to understand how this works. In your example ... only numbers and letters would match or it would return false. If it is true then it is placed into the variable $X. So if I typed in daviD3, it's true then $X=daviD3. But if I typed in daviD_3, it's false because an underscore was not part of the matching criteria therefore you would get an error message because of this and $X would not contain anything. Am I understanding how this works ... or is that wrong? That is half-correct. preg_match() return the number of times a match was found within the given string. preg_match_all() will return the matches, in an additional array referenced to an extra parameter given[preg_match_all(PCRE, string, matches)]. preg_* are functions for dealing with PCRE, or more commonly known as Perl (compatible) regular expressions. "daviD3" will fail on the expression "[a-z0-9]", as inverted.ignore case is not specified - "/[a-z0-9]/i" will match. A few things to read up on: Wikipedia entry for PCRE: http://en.wikipedia.org/wiki/Perl_Compatible_Regular_Expressions PHP PCRE: http://php.net/manual/en/book.pcre.php Cheat Sheet: https://www.cs.washington.edu/education/courses/190m/12sp/cheat-sheets/php-regex-cheat-sheet.pdf 1 Quote
LearningCoder Posted July 22, 2012 Posted July 22, 2012 theres one like 'money=999999999'; or something for it. Quote
danbulery Posted July 10, 2024 Posted July 10, 2024 (edited) i have the same problem of "$X" and it dont pull all from request, i try it on data of fruits site, and its dont work. Edited July 10, 2024 by danbulery Quote
SwiftGameR Posted July 10, 2024 Posted July 10, 2024 7 hours ago, danbulery said: i have the same problem of "$X" and it dont pull all from request, i try it on data of fruits site, and its dont work. there are few money sql injections that i know of but as of mccodes v2 the pull anything was patched and if you are using a old version of grpg engine there is a money glitch (yes i said glitch instead of sql injection as its cause it due to no security and proper validation.) it lies in the very old stock market due to not secured variable using $_POST variable as u can buy 1 stock and sell unlimited stocks but as far as i know GL is secured never seen any sql injections in the code. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.