My new website!

Leave a comment

It was actually created in July, but hey, it still counts as new – http://www.dyulgerova.info

Advertisements

Log in

Leave a comment

OK guys, when you have you no idea why you couldn’t build a login query remember this!

 

IN THE QUERY YOU MUST NEVER ENCLOSE YOUR WHERE=.$USERNAME. WITH ONLY DOTS! YOU MUST DO IT THIS WAY – WHERE=’$USERNAME’ I KNOW IT SOUNDS WEIRD, BUT I CRASHED MY HEAD AGAINST THE WALL UNTIL I FIGURED IT OUT!

 

BYE

 

How to defend yourself vs an SQL Injection

Leave a comment

Hey guys,

 

Sometimes, I have no idea why just enclosing your variables in your query with the mysql_real_escape_string function doesn’t do the trick. For example, this didn’t work for me!

mysql_query(“INSERT INTO `users` VALUES(”,'”.mysql_real_escape_string($username).”‘,'”.$email.”‘,'”.$password.”‘)”);

 

I tryied and I tryied like a deaf rooster and suddenly it hit me! And I didn’t mean the kitchen door, which I admit was quite scary, but I got the idea!

Here is what I did, I just put the  mysql_real_escape_string function when I was declaring the variable just in front of the $_POST[] assosiative array and it worked! Here is the code.

 

<?php
require(‘mysql.php’);
if(isset($_POST[‘username’]) and isset($_POST[’email’]) and isset($_POST[‘password’])){
if(!empty($_POST[‘username’]) and !empty($_POST[’email’]) and !empty($_POST[‘password’])){;

$username = mysql_real_escape_string($_POST[‘username’]);
$email = $_POST[’email’];
$password = $_POST[‘password’];
echo $username.'<br />’;
echo $email.'<br />’;
echo $password.'<br />’;

mysql_query(“INSERT INTO `users` VALUES(”,'”.mysql_real_escape_string($username).”‘,'”.$email.”‘,'”.$password.”‘)”);

}
}

 

 

 
?>

 

Of course, I will also put the same function in my other varriables in this code because otherwise it would be a complete waste of time, but I just thought of sharing it with you guys so if you get stuck with the, you know what to do.

 

Hugs

Stef

The champion’s spirit

3 Comments

Hello Ladies and Gentlemen,

I have been thinking about how to become a great Go player and to be honest my head was emptier than ever! Then suddenly I came up with an idea. And it was – losing!

Like every other Go player, I hate to lose. I really do, and when I lose I feel nasty. I think that this is the main problem that needs to be solved, and I think that partly I did.

First thing of all when we lose, (I mean games) we feel awful. We feel that we are giftless players and it’d be better to quit playing the sport we currently do. Now I think there are a couple things that needs to be take into an account:

Okay we lost. So what? Has someone died?Did we lost our property and money? Even if the player was much stronger than us, isn’t that a nice thing? After all we knew we would lose, but still gave it a try.That is called courage.

Every time we lose, we get better because we learn something new. Every time we win, we learn nothing because we are too happy to give the game a good evaluation. We usually think that all our moves were awesome. And when we lose, on the countary, we think that all our moves were junk, so we sit and give the game a big thought. Next time we will be much better.

 

Anyways, this is for now.

Yours

Stefany