|
|
Posted by Erwin Moller on 10/08/16 11:39
pihkal23 wrote:
> Hi
>
> I am not a PHP user; I manage the server/ network for our business.
> We've employed web developers (chosen because they're friends of the
> MD) to build us a site and they've used PHP & MySQL to do it.
>
> The problem we have is that if we use an apostrophe when writing a
> product description or product title in the back office of our site,
> when that data is then used or carried through to another part of the
> site eg. a live product page or an order summary page, the apostrophe
> has a backslash before it. We have run into other issues with the use
> of various punctuation marks in the text fields of the back end of the
> site and have always been told by the developers that it is a fault of
> PHP and is common with PHP text fields.
>
> Now, as I said, I'm not a PHP user and certainly no expert. But I have
> installed and used Mambo Server, Wordpress, phpBB and a couple of other
> PHP MySQL products through my own curiosity and have done so
> successfully and have never experienced any of the issues we seem to be
> facing with these text boxes. I am growing increasingly suspicious of
> the level of competence of the developers and feel that they are making
> excuses for their inability. Can anyone tell me, from what I've said
> here, whether my suspicions are justified or is it the case that PHP is
> limited in these areas?
>
> Any help/ advice would be really appreciated,
Get better developers.
Or tell these bunch to use the stripslashes() function as can be found at
www.php.net.
If they fall for that trick you might try some SQL-injection too. :P
Probably works.
Google for details.
:-)
Erm well, bottomline: If this app is anywhere critical for your business,
get better developers, or at least 1 good developer inhouse.
Seriously, you don't want some smartass to hijack your SQL-server with
orders and creditcardnumbers, or whatever it is you store in there, by
doing some basic SQL-injection, do you?
Regards,
Erwin Moller
>
> TIA
>
> pihkal23
Navigation:
[Reply to this message]
|