Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
05-18-2004, 12:16 AM #1
- Join Date
- Jun 2002
- Thanked 0 Times in 0 Posts
special characters corrupting database. is this possible? from a file upload utility?
If I have an upload utility - without any checking for special characters, is it possible that someone could upload the name a file that would corrupt a databse??? like
my pic & of my dog.jpg
whatever, basically - my database is becoming corrupted and i've narrowed it down to this and I'm wondering if this could cause it.
05-18-2004, 04:11 AM #2
- Join Date
- May 2002
- Perth Australia
- Thanked 98 Times in 96 Posts
basically no , if special characters are going to be an issue they will be an issue at INSERT time not later on , e.g. you record would never get created in the first place if the input was wrong.
what can happen is that you may have field names that are MySQL commands/reserved words , if you used phpmyadmin or similar to create the database then it would have allowed you to create the fields as it adds backticks to all the data .. and backticks are the solution if indeed that is the problem
"SELECT replace FROM my_table";
may or may not work depending on your MySQL version but
"SELECT `replace` FROM my_table"
If your Database is really corrupt , e.g. unreadable then there are other issues occurring , almost certainly not relating to the data itself , also look at the REPAIR table syntax in the manual
MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)