I'm a single undead gal trying to make it in the big city. I have to start somewhere and they're evil here. They don't judge. They've got necro-tempered glass. No burning up. A great medical plan, and who needs dental more than us?

Harmony ,'Conviction (1)'


Buffistechnology 3: "Press Some Buttons, See What Happens."

Got a question about technology? Ask it here. Discussion of hardware, software, TiVos, multi-region DVDs, Windows, Macs, LINUX, hand-helds, iPods, anything tech related. Better than any helpdesk!


NoiseDesign - Jan 11, 2007 9:19:17 pm PST #189 of 25496
Our wings are not tired

You've had a busy evening.


Sean K - Jan 11, 2007 9:24:22 pm PST #190 of 25496
You can't leave me to my own devices; my devices are Nap and Eat. -Zenkitty

If watching a progress bar can really be counted as "busy."


Gris - Jan 12, 2007 10:19:17 am PST #191 of 25496
Hey. New board.

From MacRumors.com, the iPhone FAQ:

- Does the Web browser support Flash or Java? –No.
- Can it open Word and Excel documents? –No. (Steve Jobs says it can open PDF files, though.)
- Will it sync with Outlook? –No.
- Does it connect to standard iPod accessories like car docks and speaker systems? –Yes!
- Won’t the screen get smudgy? –It does, but you don’t see it except when the screen is off. The one I played with was pretty streaky, but wiping it on my sleeve cleaned it completely.

Now I'm even less likely to get one. The thing that attracted me initially was not the "iPod meets Phone" capabilities - it's the OS. It looks like it could be a really powerful application platform well beyond the phone/media. And they seem to be ignoring that. I can (and often do) read and write Word/Excel files on my $400, contract-free, unlocked Treo 680. That feature is added on by external software, but Apple has specifically said that there won't be an easy way to write and install new apps for the iPhone. They keep comparing it to an iPod, a closed platform. Which seems like a waste. Let it be the computer it could be.


Jon B. - Jan 12, 2007 1:28:10 pm PST #192 of 25496
A turkey in every toilet -- only in America!

Here's a hopefully simple question for a PHP/MySQL programmer:

I have a PHP page and I want to give it a date as a parameter. The page will then pull off of the database, all records with a matching date. The database field is called Playdate and the parameter is just date. I'd like the URL to look like

blahblahblah.php?date=20070112

So I thought I should be able to do something like

WHERE date_format(Playdate, '%Y%m%d') = $date"

But that doesn't pull any records.

Suggestions?


Tom Scola - Jan 12, 2007 1:30:23 pm PST #193 of 25496
Mr. Scola’s wardrobe by Botany 500

I don't know the answer to your question, but your code as written will make you vulnerable to an SQL injection attack.


Jon B. - Jan 12, 2007 1:33:09 pm PST #194 of 25496
A turkey in every toilet -- only in America!

Please elaborate....


Tom Scola - Jan 12, 2007 1:36:43 pm PST #195 of 25496
Mr. Scola’s wardrobe by Botany 500

blahblahblah.php?date=foo';DROP%20TABLE%20XXX


Jon B. - Jan 12, 2007 1:38:31 pm PST #196 of 25496
A turkey in every toilet -- only in America!

Does it help that the page uses read-only access and that there's nothing in the database that I care if people see?


Tom Scola - Jan 12, 2007 1:45:12 pm PST #197 of 25496
Mr. Scola’s wardrobe by Botany 500

Does it help that the page uses read-only access and that there's nothing in the database that I care if people see?

Yeah, it helps. But avoiding that sort of thing is a good habit to get into.


Jon B. - Jan 12, 2007 3:55:05 pm PST #198 of 25496
A turkey in every toilet -- only in America!

While riding home, I think I figured out a simple way to avoid injection attacks: simply validate that the $date variable is exactly 8 numeric digits.

That should protect me, yes?