right? Go to the PHP 0815 challenge
Global Rank: 106
Totalscore: 166569
Posts: 21
Thanks: 33
UpVotes: 19
Registered: 16y 362d
Last Seen: 2y 166d
The User is Offline
right?
Jul 04, 2010 - 13:50:21 (14y 241d)
Jul 04, 2010 - 13:50:21 (14y 241d)
Hi guys, I am not php expert, so be kind to me
It seems that problem with the code is that it uses in_array function and it doesn't check the input correctly. I can pass whatever and the sql statement gets printed as output. Should there be modified that part of code with foobar function? thanks PS.: delete the comment if I said to much
It seems that problem with the code is that it uses in_array function and it doesn't check the input correctly. I can pass whatever and the sql statement gets printed as output. Should there be modified that part of code with foobar function? thanks PS.: delete the comment if I said to muchLast edited by gizmore - Jul 04, 2010 - 14:00:09
Global Rank: 228
Totalscore: 94570
Posts: 1695
Thanks: 1365
UpVotes: 929
Registered: 17y 13d
Last Seen: 4d 8h
The User is Offline
right?
Jul 04, 2010 - 14:05:09 (14y 241d)
Jul 04, 2010 - 14:05:09 (14y 241d)
Yeah maybe a bit too much.
I edited your post and checked your assumptions afterwards.
It seems like you were wrong though.
There is one position/var which obviously needs to get fixed :x
You can do it with very few chars.
Good Luck
I edited your post and checked your assumptions afterwards.
It seems like you were wrong though.
There is one position/var which obviously needs to get fixed :x
You can do it with very few chars.
Good Luck
The geeks shall inherit the properties and methods of object earth.
Global Rank: 106
Totalscore: 166569
Posts: 21
Thanks: 33
UpVotes: 19
Registered: 16y 362d
Last Seen: 2y 166d
The User is Offline
right?
Jul 04, 2010 - 15:16:03 (14y 241d)
Jul 04, 2010 - 15:16:03 (14y 241d)
Thanks Gizmore, found the right path
Global Rank: 514
Totalscore: 48924
Posts: 34
Thanks: 49
UpVotes: 36
Registered: 14y 234d
Last Seen: 4y 179d
The User is Offline
RE: right?
Jun 22, 2011 - 00:12:00 (13y 254d)
Jun 22, 2011 - 00:12:00 (13y 254d)
It's not accepted, but wouldn't do XXXXX the trick?:
"SELECT 1 FROM `table` WHERE `id`=".XXXX$showX ;
Edited by gizmore:
You are very close.
btw it's XXXXX not XXXXX to XXXX a XXX to an XXX. ;)
The final solution does your idea with just two chars, but with the correct syntax you should already get different messages, saying you are close.
Good Luck!
"SELECT 1 FROM `table` WHERE `id`=".XXXX$showX ;
Edited by gizmore:
You are very close.
btw it's XXXXX not XXXXX to XXXX a XXX to an XXX. ;)
The final solution does your idea with just two chars, but with the correct syntax you should already get different messages, saying you are close.
Good Luck!
Last edited by gizmore - Jun 22, 2011 - 00:16:08
Redknee, quartozane, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 10093 times.
1 people are watching the thread at the moment.
This thread has been viewed 10093 times.