Login or Register  • Home • Downloads • Your Account • Forums •

Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in Standardize Goto page Previous  1, 2 View next topic View previous topic   Web RavenPHPScripts (This Site)      Ravens PHP Scripts And Web Hosting Forum Index » Certification - All Discussion Author Message eldorado Involved Joined: Sep 10, 2008 Posts: 366 Location: France Posted: Sun Apr 26, 2009 10:57 am evaders99 wrote: Quote: 8. stripslashes on every form to prevent sql injection. Actually no. addslashes is what you want to prevent sql injections. Better, use mysql_real_escape_string (only if using MySQL databases) my bad sorry. I better review my ongoing module Anyway i'm I can't think of anything else i've seen during my coding session apart from this bit. If ($string== "" ); to If("" == $string); I'm sure I saw raven post something about conditionals. montego Former Admin in Good Standing Joined: Aug 29, 2004 Posts: 9071 Location: Arizona Posted: Mon Apr 27, 2009 10:01 pm It is just to keep you from messing up by accidentally using an assignment of "=" instead of the comparison operator "==". No other reason really. I usually use if (empty($string)) if I also want to consider other values as "no input". See the PHP manual for what I mean... But, just remember that there is no silver bullet. "Know thy input".... "Cleanse thy input"... and then "Use thy input appropriately" (as you may need to do different things depending upon what comes next. eldorado Involved Joined: Sep 10, 2008 Posts: 366 Location: France Posted: Tue Apr 28, 2009 12:20 am montego wrote: It is just to keep you from messing up by accidentally using an assignment of "=" instead of the comparison operator "==". No other reason really. I should have explained this ^_^ . Anyway I think that these two should be standardize for nuke coding and this post be a reference for future modules posted in this section. technocrat Life Cycles Becoming CPU Cycles Joined: Jul 07, 2005 Posts: 511 Posted: Sun May 03, 2009 10:14 am $string == "" would create a warning and shouldn't be used. As montego said you should be using empty() duck Worker Joined: Jul 03, 2006 Posts: 247 Posted: Wed Sep 16, 2009 10:24 am I thought I would chime in here with an idea for the standardization topic in case it ever becomes a reality. How about Standardizing SQL inserts MUST always be Extended? Reasoning behind this if using extended inserts and should fields be added to a table in future there is less likely to break of old code. I mean if current fields drop or are altered this may not help much but at least when wanting to add to or improve the functionality of a table with new fields we don't start breaking a bunch of other modules dependent on it. Just something to think about when compiling your list of Do's and Don'ts for Standardization or compatibility. fkelly Moderator Joined: Aug 30, 2005 Posts: 3137 Location: near Albany NY Posted: Wed Sep 16, 2009 12:31 pm Duck, thank you for reminding me of this. I agree wholeheartedly. This has always bugged my about Nuke. I assume you are talking about syntax where you have a list of values that have to be in the exact order that the fields are defined in the table. As in this horrible example: Code: INSERT INTO $user_prefix.`_users` VALUES (1, '', 'Anonymous', '', '', '', 'blank.gif', 'Oct 10, 2008', '', '', '', '', '', 0, 0, '', '', '', '', 10, '', 0, 0, 0, '', 0, '', '', 4096, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 10, NULL, 'english', 'D M d, Y g:i a', 0, 0, 0, NULL, 1, 1, 1, 1, 1, 1, 1, 1, 0, 3, NULL, NULL, NULL, 0, 0, 0, 0, 0, 0); Try to figure out where a new or missing field goes in there. It would be so much nicer and maintainable if the code said user_id = '1' username = 'anonymous' ... etc. one per line. I'd like to see us "backport" (as Chloe on the TV show 24 used to day) that approach into RN as time permits. duck Worker Joined: Jul 03, 2006 Posts: 247 Posted: Wed Sep 16, 2009 1:09 pm Yes that was exactly what I am referring to and he has always bugged me too! lol And BTW 24 Rocks! (but last season kind of sucked unfortunately so I hope the do better this year) Display posts from previous:   All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year  Oldest FirstNewest First        Ravens PHP Scripts And Web Hosting Forum Index » Certification - All Discussion Goto page Previous  1, 2  Jump to:  Select a forum Read Me First!!!----------------Board Rules and Regulations Web Hosting Services----------------RWH GeneralRWH Pre Sale QuestionsRWH Client Center Application OnlyRWH OtherFAQ - PHP5 w/phpSuExec Conversion From PHP4PHP5 Conversion Issues From PHP4 RavenNuke(tm) Programming Standards/Approaches/Philosophy----------------RavenNuke / Raven CMS CMS WikiSecurity IssuesConverting/Creating BlocksConverting/Creating ModulesConverting/Creating ThemesConverting/Creating OtherConverting/Creating General DiscussionCertification - Submit Scripts For RavenNuke(tm) CertificationCertification - Modules, Blocks, Other Scripts/Applications Converted For RavenNuke(tm)Certification - All Discussion RavenNuke(tm) v2.5x----------------RavenNuke(tm) v2.5x RavenNuke(tm) v2.4x----------------v2.4 RN Announcementsv2.4 RN Documentationv2.4 RN Issues RavenNuke(tm) v2.3x----------------v2.3 RN Announcementsv2.3 RN Quick Fixesv2.3 RN Issuesv2.3 RN Documentationv2.3 RN Feedback/Suggestionsv2.30.01 RN Security Issuesv2.30.01 RN New Installation Issuesv2.30.01 RN Upgrade Issuesv2.30.01 RN All Other Issues RavenNuke(tm) v2.2x----------------RN v2.20.00 - AnnouncementsRN v2.20.00 - All IssuesRN v2.20.00 - Feedback RavenNuke(tm) Addons----------------FCKeditor/WYSIWYG IssuesnukeFeed/FeedCreatorForum Attachment ModnukeSEOShortLinks/TegoNukeNukePie/SimplePieeCommerce Site Specific Stuff----------------READ ME FIRSTAnnouncementsRaven's v7.0 Customized DistroHack Attempt ScriptRaven's Customized Distribution PacksBUGS/FIXES - Raven's v7.3 Customized DistroCache Lite Admin ModuleNuke Tool Box (TM)Captcha SecurityRaven's RavenNuke(tm) v1.x DistroRaven's RavenNuke(tm) v2.00.00 - v2.02.00 DistroWYSIWYG - Raven's RavenNuke(tm) v2.x DistroRaven's Collapsing Forums BlockGT - Raven's RavenNuke(tm) v2.x DistroRaven's RavenNuke(tm) v2.02.02 DistroPost Fixes - Raven's RavenNuke(tm) v2.02.02 DistroPublic Testing of RavenNuke(tm) v2.10.00HtAccesserIssues/Problems With This Site Security----------------NukeSentinel(tm) Country and IP2Country UpdatesSecurity - PHP NukeSecurity - OtherNukeSentinel(tm) v2.6.xNukeSentinel(tm) v2.5.xNukeSentinel(tm) v2.4.xNukeSentinel(tm)NukeSentinel(tm) Bug ReportsNukeSentinel(tm) Enhancement RequestsNukeSentinel(tm) AnnouncementsPHP-Nuke Patched Series By Chatserv Information About Forums----------------PHPBBBB2NukePunBB PHP-Portal Project (Not General phpnuke!)----------------AnnouncementsDesign Discussions Scripts - General----------------Bug FixesGeneral/Other StuffHow To'sInstallation HelpPost Installation HelpGT - Next Gen and StandardSeeking applications ...ThemesBlocksModulesMaking Nuke Efficientphpnuke 8.1phpnuke 8.0phpnuke 7.9phpnuke 7.8phpnuke 7.7phpnuke 7.6phpnuke 7.6 Bugs/Fixesphpnuke 7.5phpnuke 7.4phpnuke 7.3phpnuke 7.2phpnuke 7.1phpnuke 7.0phpnuke 6.9phpnuke 6.8Bug Fixes for phpnuke 6.5phpnuke 6.5Gallery/Gallery2CNB Your AccountBrowser Specific IssuesUpgrading NukeNuke Treasury NSN Scripts----------------NSN NewsNSN GroupsNSN OtherNSN Gr Downloads - a.k.a NukeDepositoryNSN NukeProject Other CMS/Portal Applications----------------Post NukeNuke PlatinumNuke Evolution PHPBB----------------Stand Alonew/Nuke 6.5w/Nuke 6.9BBtoNuke ModsBBtoNuke General Programming - Server Help----------------PHPMySQLFor HireApacheHTMLCSSJavaScriptServer Help Guestbook Application (KISGB)----------------KISGB General Support Stock Quote Application (KISSQ)----------------KISSQ General Support RavenNuke(tm) v2.10.01----------------RN v2.10.01 - All IssuesRN v2.10.01 - Feedback RavenNuke(tm) v2.10.00----------------RN AnnouncementsRN FAQRN Bug FixesRN Not BugsRN Documentation Issues/SuggestionsRN Enhancement Requests and SuggestionsRN NSN Groups IssuesRN Themes IssuesRN NukeSentinel(tm) issuesRN Installer/Setup IssuesRN Bug Reports - Other IssuesRN Conversion Issues From v2.02RN Conversion Issues From Standard phpNukeRN The Good, The Bad, The Ugly 6.5 Hacks----------------Old Articles Hack Nuke News Module Hack To Allow Ordering of Articles----------------News Module Hack - AnnouncementsNews Module Hack - BugsNews Module Hack - Enhancement RequestsNews Module Hack - Discussion Other Stuff----------------Other - DiscussionOther - Sites To VisitOther - Chit ChatOther - PoliticsOther - Movie ReviewsOther - Humor Religion----------------Religion - GeneralPrayer/Praise Requests Potpourri----------------Rants & Raves Private----------------Reading - AnnouncementsReading - Digital BooksReading - Hard/Soft cover BooksReading - Digital MagazinesReading - Printed Magazines  View next topic View previous topic You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Forums ©

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2011 by Raven

You can syndicate our news using the file



Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.


:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com :::: fisubice Theme Modified by the RavenNuke™ Team ::
:: :: ::

zerosum