Month: May, 2007

Protection against SQL injection attacks in PHP.

30 May, 2007 (15:50) | SQL, PHP

Early on PHP had no good methods for escaping SQL, and until recently didn’t support parameterized queries. As a result a lot of documentation covers SQL queries without really addressing the issue, and a lot of older PHP developers are unaware of the enhancements made to prevent this type of attack.
PHP 4.3 introduced mysql_real_escape_string […]

Some great advanced JavaScript videos

22 May, 2007 (15:40) | JavaScript

Douglas Crockford of Yahoo has made some excellent JavaScript lecture videos. He covers how to work around the issues in JavaScript to make it more scalable and easier to work with. I’ve yet to even see a book or anything else which could be purchased for money which delves into the details of […]

Finding “dead time” in a database of start and end times.

22 May, 2007 (15:28) | Snippets, SQL

The following snippet will find “dead time” (e.g. time where no events are scheduled) in a database:
1 select distinct dateadd(s,-1,starttime) as deadtime,"start" from sometable t where
2 0=(select count(*) from sometable u where u.starttime < t.deadtime and u.endtime > t.deadtime)
3 union all
[…]