I have simple question. I did GET form search to get ID of a show, so after code is executed, the url looks like this:
...show.php?showid=inserted number
So, is it possible to drop all tables only because I used GET method, and therefore, should I use POST?
Thanks in advance!
"This is the canonical explanation here on SO of how to prevent SQL injection: stackoverflow.com/questions/60174/… – Andy Lester Feb 13 at 23:12"
Thanks. I'm not sure how to post comment as an answer, but this satisfied me. I tried SQL injection into my table, but probably not related one:' or '1'='1
And I get this:
403
Forbidden
Access to this resource on the server is denied!
So that's all. Thank you guys once again.
Related
I'm honestly stumped as to how I could do this. I've been searching and trying out different methods for the past day or so and none have worked. What I'm basically trying to do is store comments for a post (Each row represents a post). I've been reading through the Parse documentation and have tried to implement some of the things that they have there into my code in order to achieve this, but that hasn't worked out either. If anybody could help me out, I'd be extremely greatful.
This exact task is the example provided in the documentation.
http://docs.parseplatform.org/ios/guide/#relational-data
You need to create a new class called "Comments" and then refrence its parent post as one of it's columns.
I've tried doing this with Umbraco 6.1.6. I've pretty much implemented what Drew did here: http://our.umbraco.org/forum/developers/extending-umbraco/23200-Lucene-with-spatialnet?p=0
I'm storing lat and long data in umbraco nodes. The nodes are being indexed as encided values with tiers. But, I am not returning any results when I add the DistanceFilter to the query.
I'm just wondering if anyone else has tried this and got it working. Perhaps you can post some code.
Thanks.
Josh,
Have you inspected the index using luke just to ensure that fields are there? Also have you tried running raw queries (get the generated query written out using code) on the index using luke?
Regards
Ismail
cant seem to find anything related to this on Google. Though maybe I’m not searching the right keywords.
On Magento 1.6 I have a category I created. For example, "test". The seo url for that would have been:
mysite.com/test/
I then deleted the category(stupidly) and later recreated it. Now the category is called:
mysite.com/test-1/
Is there any way to reset the internal index or something so that I can once again have the url:
mysite.com/test/
Hope that makes sense and someone can help.
Thanks a lot for reading.
have you tried to write "test" in the "URL Key" field ?
This behavior has something to do with the "redirect 301" flag.
Bye
Giuseppe
I am new to Modx and I want to write a custom but of code in a snippet that handles incoming post data. Unfortunately I can't seem to be able to collect the post data using $_POST.
Can anyone point me in the right direction please?
Cheers
John
Also, if you do not wish to cache the results of the snippet call use [[!getPost]] rather than [[getPost]].
I've used
<?php
var_dump($_POST);
and [[getPost]]
and it worked (I got an array of 0, but I didn't send anything in post)
Vardump is a VERY bad idea.
The MODx Revolution Object is huge...
Please try:
<?php
print_r($_REQUEST);
Spoiler alert: this is NOW a question, so apologies to anyone that read it purely as a discursive topic :)
Anyway, I was doing a little research today re adding routes via javascript when i thought that a bit of google research wouldn't hurt. Basically, my aim was to do away with the following type of construct within my views:
and replace it with something akin to:
well, i lucked out a little today after finding this fantastic article (which isn't mine nor do i have any affiliation other than respect for the piece of work):
http://weblogs.asp.net/zowens/archive/2010/12/20/asp-net-mvc-javascript-routing.aspx
this really has been a missing link (or so i thought) for me when dealing with routes via javascript. However, the 2nd code example is misleading and actually won't produce what the example leads on. Can anyone suggest a fix for this and/or an alternative solution to allow this fluent convention of js routes within mvc views??
cheers...
[edit] - question edited 22:16 GMT to explore deeper options on this topic, plus changed title (removed OT portion).
So the question is why the second code example won't work as expected. Here's the answer, post currently doesn't return anything. This is an example of a certain developer not looking at the details of the code. When you use homePageUrl, the value will be undefined.
To actually get the home page URL, you'd do the following:
$.routeManager.action({controller:'Home', action:'Index'}).toUrl()
So, the moral of the story is that the code is a bit broken. The post action SHOULD return an object where you can put "toUrl()" right after the post is performed, like this:
$.routeManager.action({controller:'Home', action:'Index'})
.post(function(data){ alert(data); })
.toUrl();
I'll be fixing this bug in a bit!