Search Amazon.com:
Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware / Software Crap > The Cavern of COBOL > <?PHP questions that don\\'t need their own thread ?>
  • Post
  • Reply
tef
May 30, 2004

X -> YF + XF + Y
Y -> XF - YF - X
XF


 As bad as it may sound, if you are only trying to extract text with a certain pattern, it might be easier to use a regular expression rather than a xml parser.

I.e /<mytag>([^<]*)<\\/mytag>/

tef fucked around with this message at Apr 1, 2008 around 12:24

# ¿ Mar 28, 2008 11:21
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 21, 2013 08:36
  • Quote
tef
May 30, 2004

X -> YF + XF + Y
Y -> XF - YF - X
XF


 Also, if you wish to keep a copy of the sanitsed html, you can use a cache like memcached

# ¿ Apr 5, 2008 10:04
  • Quote
tef
May 30, 2004

X -> YF + XF + Y
Y -> XF - YF - X
XF


 the xpath is /ref/@href.

Edit: No it isn't - oops.

tef fucked around with this message at Jul 5, 2008 around 07:26

# ¿ Jul 5, 2008 00:14
  • Quote
tef
May 30, 2004

X -> YF + XF + Y
Y -> XF - YF - X
XF

electric_vaseline posted:

However, if you really want to stick with that. It would just be a matter of parsing the session data and then
php:
<?
mail($my_business_email$subject$mail_body$header);
?>
...getting the info from the session or cookies though would require intimate knowledge of how the shopping cart works though.

Escaping the data too - although unlikely, there is the possibility of header injection in php if the adress or subject can be controlled by the user.

# ¿ Aug 30, 2008 11:40
  • Quote
tef
May 30, 2004

X -> YF + XF + Y
Y -> XF - YF - X
XF

Hammerite posted:

Would you mind telling me why not?

Yes, the problem is that in the following code, you make the assumption that magic quotes perform the same function as mysqli_real_escape_string().

Hammerite posted:

php:
<?
if ( !get_magic_quotes_gpc() ) { $UserInput mysqli_real_escape_string($cxn,$UserInput); }?>

If you read the php manual you will find that:

What are Magic Quotes posted:

When on, all ' (single-quote), " (double quote), \ (backslash) and NULL characters are escaped with a backslash automatically. This is identical to what addslashes() does.

But for mysqli_real_escape_string, it escapes the following values: "NUL (ASCII 0), \n, \r, \, ', ", and Control-Z", and takes account of the connection locale.

Additionally, "If magic_quotes_sybase is on, a single-quote is escaped with a single-quote instead of a backslash if magic_quotes_gpc or magic_quotes_runtime are enabled".

In summary: you should not do that because it does not do the same thing. If you insist in using mysqli_real_escape_string, I would imagine something like this would suffice:

php:
<?
if ( get_magic_quotes_gpc() ) {
    $foo mysqli_real_escape_string($cxn,stripslashes($foo))
} else {
    $foo mysqli_real_escape_string($cxn,$foo);
}?>

tef fucked around with this message at Jan 21, 2009 around 02:15

# ¿ Jan 21, 2009 01:43
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 21, 2013 08:36
  • Quote
tef
May 30, 2004

X -> YF + XF + Y
Y -> XF - YF - X
XF


 Yes, the other way around

# ¿ Jan 21, 2009 02:15
  • Quote
  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
The Something Awful Forums > Discussion > Serious Hardware / Software Crap > The Cavern of COBOL > <?PHP questions that don\\'t need their own thread ?>