[FX.php List] This is doing my head in...
Steve Winter
steve at bluecrocodile.co.nz
Mon Nov 26 15:07:11 MST 2007
Hi Joel,
What happens is the page gets loaded via a get, a form in quite a large
table gets populated... the user can make changes, then they are posted
through one post back to the same page.
A block of code at the top of the page loops through the posted results and
saves them back into FMP... I then need to reload the table, with the new
values, and present it back to the user... so the code that was originally
used to create the table is called again...
On the first time through, via a get, all works fine, I get my table, no
errors... on the second time through, the same block of code (and I've
verified by removing/adding/commenting in and out that it is that block)
creates the error...
Thanks for the suggestions... for now I've simply inserted
error_reporting(E~WARNING) into the top of the page, as the code all works,
just creates the warning ;-)
Cheers
Steve
-----Original Message-----
From: fx.php_list-bounces at mail.iviking.org
[mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Joel Shapiro
Sent: Monday, 26 November 2007 6:58 p.m.
To: FX.php Discussion List
Subject: Re: [FX.php List] This is doing my head in...
Hi Steve
A few random thoughts... maybe something will trigger something for
you...
- You say "the same piece of code at the top of the page gets called
again" after doing your editing. Is the code duplicated within that
same page or are you calling a different page? Are you using the
same $_REQUEST['action'] for both parts / all three parts? (Is there
any change if you put $_REQUEST['action'] into a $variable at the top
of the page and then reference that later instead of $_REQUEST
['action']?)
- Based on Dan's comment, I see you're using $messages[] instead of
$message. Do you really store multiple messages here (and later know
which one to echo)?
HTH,
-Joel
On Nov 26, 2007, at 9:03 AM, DC wrote:
> do you have any checkboxes? sometimes those can be sent to PHP via
> arrays if the HTML defines the id or name with square brackets. at
> least that's what your error says - string expected, but array gotten.
>
> GL,
> dan
>
> Steve Winter had written:
>> A typically cryptic, completely off the point, ggt post ;-)
>> As I understand it, the theory of it is that it means that pages
>> which
>> require data to be posted, and are therefore capable of making
>> changes to a
>> database are more easily able to be 'hacked' if they use _REQUEST,
>> since it
>> means that someone could look at the source of your html page,
>> determine
>> variables about your database, then use a get command to 'attack'
>> your
>> database, or some such thing of that kind...
>> In the case of that code, it's totally irrelevant, as the user has
>> to have
>> already logged in to get anywhere that code, they will never be
>> able to
>> determine its name from the web, since it's a page which is
>> included by a
>> page which in turn was included previously, based on a series of
>> 'upstream
>> decisions'...
>> And for the record, the problem still persists, so if anyone can
>> see any
>> reason why code that will behave correctly when accessed once
>> round all of a
>> sudden 'flips out' when it's used a short time later...
>> Thanks
>> Steve
>> -----Original Message-----
>> From: fx.php_list-bounces at mail.iviking.org
>> [mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Dale
>> Bengston
>> Sent: Sunday, 25 November 2007 5:12 p.m.
>> To: FX.php Discussion List
>> Subject: Re: [FX.php List] This is doing my head in...
>> Why not?
>> Dale
>> On Nov 25, 2007, at 3:21 AM, Gjermund Gusland Thorsen wrote:
>>> Never use _REQUEST, use _POST or _GET
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>> No virus found in this incoming message.
>> Checked by AVG Free Edition. Version: 7.5.503 / Virus Database:
>> 269.16.6/1150 - Release Date: 24/11/2007
>> 5:58 p.m.
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition. Version: 7.5.503 / Virus Database:
>> 269.16.6/1150 - Release Date: 24/11/2007
>> 5:58 p.m.
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
_______________________________________________
FX.php_List mailing list
FX.php_List at mail.iviking.org
http://www.iviking.org/mailman/listinfo/fx.php_list
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.16.7/1151 - Release Date: 25/11/2007
4:24 p.m.
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.16.7/1151 - Release Date: 25/11/2007
4:24 p.m.
More information about the FX.php_List
mailing list