right? Go to the PHP 0815 challenge
Global Rank: 105
Totalscore: 166673
Posts: 21
Thanks: 33
UpVotes: 19
Registered: 16y 202d
Last Seen: 2y 6d
The User is Offline
right?
Jul 04, 2010 - 13:50:21 (14y 81d)
Jul 04, 2010 - 13:50:21 (14y 81d)
Hi guys, I am not php expert, so be kind to me
It seems that problem with the code is that it uses in_array function and it doesn't check the input correctly. I can pass whatever and the sql statement gets printed as output. Should there be modified that part of code with foobar function? thanks PS.: delete the comment if I said to much
It seems that problem with the code is that it uses in_array function and it doesn't check the input correctly. I can pass whatever and the sql statement gets printed as output. Should there be modified that part of code with foobar function? thanks PS.: delete the comment if I said to muchLast edited by gizmore - Jul 04, 2010 - 14:00:09
Global Rank: 247
Totalscore: 87961
Posts: 1661
Thanks: 1349
UpVotes: 906
Registered: 16y 218d
Last Seen: 8h 10m
The User is Offline
right?
Jul 04, 2010 - 14:05:09 (14y 81d)
Jul 04, 2010 - 14:05:09 (14y 81d)
Yeah maybe a bit too much.
I edited your post and checked your assumptions afterwards.
It seems like you were wrong though.
There is one position/var which obviously needs to get fixed :x
You can do it with very few chars.
Good Luck
I edited your post and checked your assumptions afterwards.
It seems like you were wrong though.
There is one position/var which obviously needs to get fixed :x
You can do it with very few chars.
Good Luck
The geeks shall inherit the properties and methods of object earth.
Global Rank: 105
Totalscore: 166673
Posts: 21
Thanks: 33
UpVotes: 19
Registered: 16y 202d
Last Seen: 2y 6d
The User is Offline
right?
Jul 04, 2010 - 15:16:03 (14y 81d)
Jul 04, 2010 - 15:16:03 (14y 81d)
Thanks Gizmore, found the right path
Global Rank: 509
Totalscore: 48917
Posts: 34
Thanks: 49
UpVotes: 36
Registered: 14y 74d
Last Seen: 4y 19d
The User is Offline
RE: right?
Jun 22, 2011 - 00:12:00 (13y 94d)
Jun 22, 2011 - 00:12:00 (13y 94d)
It's not accepted, but wouldn't do XXXXX the trick?:
"SELECT 1 FROM `table` WHERE `id`=".XXXX$showX ;
Edited by gizmore:
You are very close.
btw it's XXXXX not XXXXX to XXXX a XXX to an XXX. ;)
The final solution does your idea with just two chars, but with the correct syntax you should already get different messages, saying you are close.
Good Luck!
"SELECT 1 FROM `table` WHERE `id`=".XXXX$showX ;
Edited by gizmore:
You are very close.
btw it's XXXXX not XXXXX to XXXX a XXX to an XXX. ;)
The final solution does your idea with just two chars, but with the correct syntax you should already get different messages, saying you are close.
Good Luck!
Last edited by gizmore - Jun 22, 2011 - 00:16:08
Redknee, quartozane, tunelko, silenttrack, n0tHappy, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, kalungmas have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 9900 times.
1 people are watching the thread at the moment.
This thread has been viewed 9900 times.