You've Earned Badges!

03-08-2004, 09:55 PM

In the anime recommendations section 'search by title', I noticed that if you enter a title in that has leading or ending spaces (such as 'scryed ') then you won't get any search results.

There is a simple way to fix this. I suggest using the PHP function trim() after the user has submitted the title. You would only have to add:

$_POST['series'] = trim($_POST['series']);

http://anidb.ath.cx/ is guilty of this too.
Their search form doesn't trim leading and trailing whitespace either.
I think they use PERL, but it's probably not hard to fix either.

sothis · 03-08-2004, 10:27 PM

...

wow, thanks for pointing out that blazing sql injection attack possibility... i use trim/strip_tags/addslashes basically for any post/get variable, but i somehow managed to miss it on that one only! *kicks self*... it should be fixed now ^_^

extent · 03-08-2004, 10:53 PM

Best first post ever!

Lil'R.I.p.Sta · 03-08-2004, 11:28 PM

Quote:

Originally Posted by extent

Best first post ever!

we need an award for situations like that

03-08-2004, 09:55 PM	#1 (permalink)
gizban Guest Posts: n/a	trim the search submissions In the anime recommendations section 'search by title', I noticed that if you enter a title in that has leading or ending spaces (such as 'scryed ') then you won't get any search results. There is a simple way to fix this. I suggest using the PHP function trim() after the user has submitted the title. You would only have to add: $_POST['series'] = trim($_POST['series']); http://anidb.ath.cx/ is guilty of this too. Their search form doesn't trim leading and trailing whitespace either. I think they use PERL, but it's probably not hard to fix either.

03-08-2004, 10:27 PM	#2 (permalink)
sothis Overlord Join Date: May 2002 Location: Seattle, Washington Age: 32 Posts: 15,691	... wow, thanks for pointing out that blazing sql injection attack possibility... i use trim/strip_tags/addslashes basically for any post/get variable, but i somehow managed to miss it on that one only! kicks self... it should be fixed now ^_^ __________________ Anime-Planet.com - anime \| manga \| reviews Adding Anime - Synopsis Templates \| Twitter \| MySpace [sixth sense voice] I SEE BRITISH PEOPLE - Control my signature or avatar!

03-08-2004, 10:53 PM	#3 (permalink)
extent Anime Guru Join Date: Apr 2003 Location: BA, CA Age: 30 Posts: 818	Best first post ever! __________________ I am the destroyer of ... oh wait, no I'm not.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

You've Earned Badges!

you have earned more badges → see all badges

don't want a popup? edit settings here

.

Site Links

Extra Stuff

Elsewhere

Top Searches

About This Page