- A Real Happy Camper
- Dec 11, 2007
-
These children have taught me how to believe.
|
I have a chunk of code that reads from a CSV and puts the data in it into an array:
code: function generateCard($row){ //Put the bingo card values into an array
$playerFile = fopen("players.csv","r");
$counter = 0;
while (($data = fgetcsv($playerFile)) !== FALSE){
$counter++;
if ($row == $counter){
return $data;
}
}
fclose($playerFile); //remember to close it so you don't leak memory!!!!
}
do I need to put fclose before I return, or if I leave it here will it still do its job?
|
#
¿
Jan 9, 2022 00:07
|
|
- Adbot
-
ADBOT LOVES YOU
|
|
#
¿
May 21, 2024 07:35
|
|
- A Real Happy Camper
- Dec 11, 2007
-
These children have taught me how to believe.
|
Apologies if this belongs in the SQL questions thread, but it's more about the PHP end:
Is there a good baby's first guide to sanitizing inputs before sending an SQL query? I'm not handling any super sensitive information, this is mostly for an online bingo thing, but I'd like to at the very least learn the basics in case things go beyond this.
Right now I'm basically using
code:...
$username = $_POST['username'];
$discord = $_POST['discord'];
$contact = $_POST['contact']; //this is a checkbox
$driver = $_POST['driver']; //this is a dropdown menu
$team = $_POST['team']; //this is also a dropdown menu
$saniUser = mysqli_real_escape_string($db, $username);
$sanidiscord = mysqli_real_escape_string($db, $discord);
$sql_u = "SELECT * FROM users WHERE username='$saniUser'";
$sql_e = "SELECT * FROM users WHERE discord='$sanidiscord'";
$res_u = mysqli_query($db, $sql_u);
$res_e = mysqli_query($db, $sql_e);
...
Aside from this and removing DROP access on the user that's tied to this script, is there anything else I need to watch for? Or will this do what I need? I don't intend to use passwords, since that's not something I trust myself with at this point.
|
#
¿
Feb 12, 2023 22:45
|
|