[FX.php List] Errors searching for email addresses

Bob Patin bob at patin.com
Mon Jan 26 10:38:38 MST 2009


Not true... it's what I use all the time...

BP

Bob Patin
Longterm Solutions LLC
bob at longtermsolutions.com
615-333-6858
http://www.longtermsolutions.com
Twitter: bobpatin
iChat/AIM: bobpatin
FileMaker 9 Certified Developer
Member of FileMaker Business Alliance & TechNet
--------------------------
FileMaker hosting and consulting for all versions of FileMaker
PHP • Full email services • Free DNS hosting • Colocation • Consulting

On Jan 26, 2009, at 11:32 AM, Steve Winter wrote:

> Hi Bob,
>
> Which is fine so long as you're not actually using an email address  
> as a username, since the stripping of the @, which your code below  
> does, will result in it not working ;-)
>
> Cheers
> Steve
>
>
> On 26 Jan 2009, at 17:29, Bob Patin wrote:
>
>> This is an often-discussed topic; the other thing to consider is  
>> that users can use wildcards to spoof your login system.
>>
>> Here's what I use in my web apps to validate username and password:
>>
>> $query->AddDBParam('username',"==".preg_replace('/([@*#?!=<>"])/','\ 
>> \\${1}',$username));
>> $query->AddDBParam('password',"==".preg_replace('/([@*#?!=<>"])/','\ 
>> \\${1}',$password));
>>
>> I forget who originally posted this, but it's very useful...
>>
>> Hope this helps,
>>
>> Bob Patin
>> Longterm Solutions LLC
>> bob at longtermsolutions.com
>> 615-333-6858
>> http://www.longtermsolutions.com
>> Twitter: bobpatin
>> iChat/AIM: bobpatin
>> FileMaker 9 Certified Developer
>> Member of FileMaker Business Alliance & TechNet
>> --------------------------
>> FileMaker hosting and consulting for all versions of FileMaker
>> PHP • Full email services • Free DNS hosting • Colocation •  
>> Consulting
>>
>>
>> On Jan 26, 2009, at 11:13 AM, luke at soundtoys.com wrote:
>>
>>> I am using fx.php to check login credentials against our FM db and  
>>> the username is the customers email address. I keep getting a 401  
>>> error (no matching records) because of the @ being a special  
>>> symbol in FM. How do I pass the data as an argument for  
>>> AddDBParam() such that it recognizes the '@' as the actual  
>>> character not the special symbol.
>>>
>>> Thanks in advance,
>>>
>>> -- 
>>>
>>> /***************************
>>>  *   Luke Awtry
>>>  *   Audio Plugin Developer
>>>  *   SoundToys, Inc.
>>>  *   802.951.9700 x207
>>>  *   luke at soundtoys.com
>>>  ***************************/
>>> _______________________________________________
>>> FX.php_List mailing list
>>> FX.php_List at mail.iviking.org
>>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>
>
> Steve Winter
> steve at bluecrocodile.co.nz
> m: +44 77 7852 4776
> 3 Calshot Court, Channel Way
> Ocean Village, Southampton SO14 3GR
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.iviking.org/pipermail/fx.php_list/attachments/20090126/a5540012/attachment.html


More information about the FX.php_List mailing list