[ZendTo] Re: Duplicated insert

Sergio Rabellino rabellino at di.unito.it
Wed Aug 11 23:15:27 BST 2010 


Jules ha scritto:
> On 09/08/2010 12:48, Sergio Rabellino wrote:
>   
>> In my code-checks i've found that the auth code is inserted twice and 
>> only the latest is used.
>> I suggest to remove in lib/Verify.php the lines from 163 to 168.
>>     
> Where is the other instance?
>   
It's in Verify.php too, line 219, but in another func.

>> A question: there is any reason about the removal of any international 
>> chars from name and organization ?
>>     
> Me being paranoid about people putting nasty characters into databases 
> and HTML.
>   
>> I've adapted my code to write down utf8 strings into mysqldb
>>     
> How do I do that?
>   
First of all the tables must be created/altered to support utf8 chars: I 
did an alter from phpmyadmin setting the collation tu utf8-general-ci 
(case insensitive). Then creating the connection to the db, the first 
sql statement is

DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;

to be sure that client and server share the same charset. (If you are 
paranoid, you can lately check if it's true, asking thru php the current 
charset/collation).
Then the code must be changed, encoding/decoding the strings from/to web 
forms, removing also the regex check for user typing.
If all of this convince you, i can send all the changes (8/10 lines 
somewhere).
As far as i know, utf8 is backward compatible to ascii chars, so no dual 
code is required, and today asking for an utf8 mysql table it's a must 
for many (L)AMP apps.
>> and i do not see any evidence of problem about it: i'm wrong ?
>>     
> I just want to be absolutely doubly sure that people cannot put evil 
> text in it, which is very easy to allow by mistake.
>
>   
I understand, but in italian language (and in many other languages) the 
'special' chars are often used: university-> università ....
> Jules
>
>   
I hope my written english it's enough to be understood.
bye.
-- 
Ing. Sergio Rabellino

Università degli Studi di Torino
Dipartimento di Informatica
ICT Services Director
Tel +39-0116706701  Fax +39-011751603
C.so Svizzera , 185 - 10149 - Torino

<http://www.di.unito.it>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20100812/9dfccc9d/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logo.jpg
Type: image/jpeg
Size: 4167 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20100812/9dfccc9d/attachment.jpg

More information about the ZendTo mailing list