Comments for Hdeya team blog http://www.hdeya.com/blog We can make IT Tue, 20 Apr 2010 17:51:36 +0000 http://wordpress.org/?v=2.9.2 hourly 1 Comment on Sorting items on the fly (AJAX) using jQuery UI Sortable, PHP & MySQL. by Mahmoud M. Abdel-Fattah http://www.hdeya.com/blog/2009/05/sorting-items-on-the-fly-ajax-using-jquery-ui-sortable-php-mysql/comment-page-1/#comment-116 Mahmoud M. Abdel-Fattah Tue, 20 Apr 2010 17:51:36 +0000 http://www.hdeya.com/blog/?p=162#comment-116 Before asking for help, you should use real email, and you're using FAKE ONE, so how can we help you ?! Before asking for help, you should use real email, and you’re using FAKE ONE, so how can we help you ?!

]]> Comment on Sorting items on the fly (AJAX) using jQuery UI Sortable, PHP & MySQL. by Arne http://www.hdeya.com/blog/2009/05/sorting-items-on-the-fly-ajax-using-jquery-ui-sortable-php-mysql/comment-page-1/#comment-115 Arne Tue, 20 Apr 2010 17:45:28 +0000 http://www.hdeya.com/blog/?p=162#comment-115 Since you didn't include your exact versions of compiled jQuery and jQuery UI, the script gives me "there's an error with AJAX." I appreciate the tutorial and don't want to disparage you taking the time to share your work freely with the world, but if you're going to write a tutorial, put up all the files required, preferably as a downloadable ZIP, and take the time to explain the code. Since you didn’t include your exact versions of compiled jQuery and jQuery UI, the script gives me “there’s an error with AJAX.” I appreciate the tutorial and don’t want to disparage you taking the time to share your work freely with the world, but if you’re going to write a tutorial, put up all the files required, preferably as a downloadable ZIP, and take the time to explain the code.

]]> Comment on Sorting items on the fly (AJAX) using jQuery UI Sortable, PHP & MySQL. by paceto http://www.hdeya.com/blog/2009/05/sorting-items-on-the-fly-ajax-using-jquery-ui-sortable-php-mysql/comment-page-1/#comment-106 paceto Wed, 10 Mar 2010 14:11:37 +0000 http://www.hdeya.com/blog/?p=162#comment-106 // Great tutorial but ... please fix this SQL INJECTION style mysql_query !!!!!!!!! SQL INJECTION via $menu[$i] !!!!!!!!!! mysql_query("UPDATE `menu` SET `sort`=" . $i . " WHERE `id`='" . $menu[$i] . "'") or die(mysql_error()); !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! $menu[$i] variable is send by the client so it's insecure ... what if I send post ... $menu[$i] = blabla' or 1=1;# ... this will update all records in this table ... !!!!!!!! CORRECT !!!!!!!!!!!!! mysql_query("UPDATE `menu` SET `sort`=" . mysql_real_escape_string($i) . " WHERE `id`='" . mysql_real_escape_string($menu[$i]) . "'") or die(mysql_error()); !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Great tutorial 10x again // Great tutorial but … please fix this SQL INJECTION style mysql_query

!!!!!!!!! SQL INJECTION via $menu[$i] !!!!!!!!!!
mysql_query(“UPDATE `menu` SET `sort`=” . $i . ” WHERE `id`=’” . $menu[$i] . “‘”) or die(mysql_error());
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

$menu[$i] variable is send by the client so it’s insecure …
what if I send post … $menu[$i] = blabla’ or 1=1;# … this will update all records in this table …

!!!!!!!! CORRECT !!!!!!!!!!!!!
mysql_query(“UPDATE `menu` SET `sort`=” . mysql_real_escape_string($i) . ” WHERE `id`=’” . mysql_real_escape_string($menu[$i]) . “‘”) or die(mysql_error());
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Great tutorial 10x again

]]> Comment on Sorting items on the fly (AJAX) using jQuery UI Sortable, PHP & MySQL. by jorin http://www.hdeya.com/blog/2009/05/sorting-items-on-the-fly-ajax-using-jquery-ui-sortable-php-mysql/comment-page-1/#comment-104 jorin Sun, 14 Feb 2010 16:50:24 +0000 http://www.hdeya.com/blog/?p=162#comment-104 still doesnt makes sense where the $_POST["menu"] variable is beeing created.. still doesnt makes sense where the $_POST["menu"] variable is beeing created..

]]> Comment on Sorting items on the fly (AJAX) using jQuery UI Sortable, PHP & MySQL. by lardlad http://www.hdeya.com/blog/2009/05/sorting-items-on-the-fly-ajax-using-jquery-ui-sortable-php-mysql/comment-page-1/#comment-103 lardlad Fri, 05 Feb 2010 19:47:23 +0000 http://www.hdeya.com/blog/?p=162#comment-103 This got me hung up too. I think this is where 'menu' is posted from: echo '' . I guess the syntax looks for an id and everything after the "_" is what gets posted. This got me hung up too. I think this is where ‘menu’ is posted from:
echo ” .

I guess the syntax looks for an id and everything after the “_” is what gets posted.

]]> Comment on Generate thumbnails automatically for uploaded images on OpenWYSIWYG by Koualsky http://www.hdeya.com/blog/2009/05/generate-thumbnails-automatically-for-uploaded-images-on-openwysiwyg/comment-page-1/#comment-101 Koualsky Thu, 28 Jan 2010 08:51:25 +0000 http://www.hdeya.com/blog/?p=154#comment-101 Silly question from newbie to pros: why do such editors like OpenWYSIWYG trim any whitespace in html view? Is it necessary to right operation in visual mode? Just asking because sometimes I used to insert ready html blocks with explicit styling classes from my external css, when there's a need for html re-editing, it's getting hard to move around such trimmed markup. Thanks & Greets ps. great blog! keep on developing it! Silly question from newbie to pros:

why do such editors like OpenWYSIWYG trim any whitespace in html view? Is it necessary to right operation in visual mode?

Just asking because sometimes I used to insert ready html blocks with explicit styling classes from my external css, when there’s a need for html re-editing, it’s getting hard to move around such trimmed markup.

Thanks & Greets

ps. great blog! keep on developing it!

]]> Comment on Sorting items on the fly (AJAX) using jQuery UI Sortable, PHP & MySQL. by sholn http://www.hdeya.com/blog/2009/05/sorting-items-on-the-fly-ajax-using-jquery-ui-sortable-php-mysql/comment-page-1/#comment-100 sholn Fri, 15 Jan 2010 18:08:43 +0000 http://www.hdeya.com/blog/?p=162#comment-100 Hi there! nice tutorial, I've used with Drupal and works really fine thx! I own you a beer ;) Hi there!
nice tutorial, I’ve used with Drupal and works really fine thx!
I own you a beer ;)

]]> Comment on 20 Useful PHP Components & Tutorials for Everyday Project by 3m masr http://www.hdeya.com/blog/2009/03/20-useful-php-components-tutorials-for-everyday-project/comment-page-1/#comment-98 3m masr Tue, 01 Dec 2009 20:22:19 +0000 tag:google.com,2005:reader/item/cd45c4c9b46876ec#comment-98 thanks for sharing .. really so good ! thanks for sharing .. really so good !

]]> Comment on Sorting items on the fly (AJAX) using jQuery UI Sortable, PHP & MySQL. by Colin O. Below http://www.hdeya.com/blog/2009/05/sorting-items-on-the-fly-ajax-using-jquery-ui-sortable-php-mysql/comment-page-1/#comment-97 Colin O. Below Mon, 23 Nov 2009 02:52:29 +0000 http://www.hdeya.com/blog/?p=162#comment-97 Hi, is it possible to post more data than only one array? Or add some data tho this array before post to php? I have more than one of these sortable div and i'd like to add the possibility to move elements of one sortable div to another sortable div. How would you solve this problem? Regards Colin Hi,

is it possible to post more data than only one array? Or add some data tho this array before post to php?

I have more than one of these sortable div and i’d like to add the possibility to move elements of one sortable div to another sortable div.

How would you solve this problem?

Regards
Colin

]]> Comment on 20 Useful PHP Components & Tutorials for Everyday Project by Egypt Web Design http://www.hdeya.com/blog/2009/03/20-useful-php-components-tutorials-for-everyday-project/comment-page-1/#comment-91 Egypt Web Design Sat, 17 Oct 2009 20:11:34 +0000 tag:google.com,2005:reader/item/cd45c4c9b46876ec#comment-91 An adorable collection ... thanks for sharing :) An adorable collection … thanks for sharing :)

]]>