right? Go to the PHP 0815 challenge
Global Rank: 106
Totalscore: 166662
Posts: 21
Thanks: 33
UpVotes: 19
Registered: 16y 266d
Last Seen: 2y 69d
The User is Offline
right?
Jul 04, 2010 - 13:50:21 (14y 145d)
Jul 04, 2010 - 13:50:21 (14y 145d)
Hi guys, I am not php expert, so be kind to me
It seems that problem with the code is that it uses in_array function and it doesn't check the input correctly. I can pass whatever and the sql statement gets printed as output. Should there be modified that part of code with foobar function? thanks PS.: delete the comment if I said to much
It seems that problem with the code is that it uses in_array function and it doesn't check the input correctly. I can pass whatever and the sql statement gets printed as output. Should there be modified that part of code with foobar function? thanks PS.: delete the comment if I said to muchLast edited by gizmore - Jul 04, 2010 - 14:00:09
Global Rank: 229
Totalscore: 93264
Posts: 1680
Thanks: 1358
UpVotes: 920
Registered: 16y 281d
Last Seen: 2h 8m
The User is Offline
right?
Jul 04, 2010 - 14:05:09 (14y 145d)
Jul 04, 2010 - 14:05:09 (14y 145d)
Yeah maybe a bit too much.
I edited your post and checked your assumptions afterwards.
It seems like you were wrong though.
There is one position/var which obviously needs to get fixed :x
You can do it with very few chars.
Good Luck
I edited your post and checked your assumptions afterwards.
It seems like you were wrong though.
There is one position/var which obviously needs to get fixed :x
You can do it with very few chars.
Good Luck
The geeks shall inherit the properties and methods of object earth.
Global Rank: 106
Totalscore: 166662
Posts: 21
Thanks: 33
UpVotes: 19
Registered: 16y 266d
Last Seen: 2y 69d
The User is Offline
right?
Jul 04, 2010 - 15:16:03 (14y 145d)
Jul 04, 2010 - 15:16:03 (14y 145d)
Thanks Gizmore, found the right path
Global Rank: 511
Totalscore: 48926
Posts: 34
Thanks: 49
UpVotes: 36
Registered: 14y 137d
Last Seen: 4y 82d
The User is Offline
RE: right?
Jun 22, 2011 - 00:12:00 (13y 157d)
Jun 22, 2011 - 00:12:00 (13y 157d)
It's not accepted, but wouldn't do XXXXX the trick?:
"SELECT 1 FROM `table` WHERE `id`=".XXXX$showX ;
Edited by gizmore:
You are very close.
btw it's XXXXX not XXXXX to XXXX a XXX to an XXX. ;)
The final solution does your idea with just two chars, but with the correct syntax you should already get different messages, saying you are close.
Good Luck!
"SELECT 1 FROM `table` WHERE `id`=".XXXX$showX ;
Edited by gizmore:
You are very close.
btw it's XXXXX not XXXXX to XXXX a XXX to an XXX. ;)
The final solution does your idea with just two chars, but with the correct syntax you should already get different messages, saying you are close.
Good Luck!
Last edited by gizmore - Jun 22, 2011 - 00:16:08
Redknee, quartozane, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 9966 times.
1 people are watching the thread at the moment.
This thread has been viewed 9966 times.