[ZendTo] Re: Duplicated insert

Sergio Rabellino rabellino at di.unito.it
Wed Aug 11 23:15:27 BST 2010

Jules ha scritto:
> On 09/08/2010 12:48, Sergio Rabellino wrote:
>> In my code-checks i've found that the auth code is inserted twice and 
>> only the latest is used.
>> I suggest to remove in lib/Verify.php the lines from 163 to 168.
> Where is the other instance?
It's in Verify.php too, line 219, but in another func.

>> A question: there is any reason about the removal of any international 
>> chars from name and organization ?
> Me being paranoid about people putting nasty characters into databases 
> and HTML.
>> I've adapted my code to write down utf8 strings into mysqldb
> How do I do that?
First of all the tables must be created/altered to support utf8 chars: I 
did an alter from phpmyadmin setting the collation tu utf8-general-ci 
(case insensitive). Then creating the connection to the db, the first 
sql statement is


to be sure that client and server share the same charset. (If you are 
paranoid, you can lately check if it's true, asking thru php the current 
Then the code must be changed, encoding/decoding the strings from/to web 
forms, removing also the regex check for user typing.
If all of this convince you, i can send all the changes (8/10 lines 
As far as i know, utf8 is backward compatible to ascii chars, so no dual 
code is required, and today asking for an utf8 mysql table it's a must 
for many (L)AMP apps.
>> and i do not see any evidence of problem about it: i'm wrong ?
> I just want to be absolutely doubly sure that people cannot put evil 
> text in it, which is very easy to allow by mistake.
I understand, but in italian language (and in many other languages) the 
'special' chars are often used: university-> università ....
> Jules
I hope my written english it's enough to be understood.
Ing. Sergio Rabellino

Università degli Studi di Torino
Dipartimento di Informatica
ICT Services Director
Tel +39-0116706701  Fax +39-011751603
C.so Svizzera , 185 - 10149 - Torino


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20100812/9dfccc9d/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logo.jpg
Type: image/jpeg
Size: 4167 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20100812/9dfccc9d/attachment.jpg 

More information about the ZendTo mailing list