Search Results

Search found 5346 results on 214 pages for 'before filter'.

Page 60/214 | < Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >

  • Symfony/Doctrine/SfGuardPlugin: Redirect to requested page (route), and not referrer

    - by Prasad
    I want to be able to take the user to the requested page after login, but this does not happen with sfGuard. ** My Register action requires SignIn ;) ** On the listing page [http://cim/frontend_dev.php/] - user clicks the 'Register' link [@register = register/index] - user is taken to 'Signin' page provided by sfGuard - after sign-in, user is taken back to the Listing page (instead of Register) This is quite annoying! But logical, because the referrer is the listing page. How can I change logic to make @register the referrer? Pl help. thanks public function executeSignin($request) { $user = $this->getUser(); $this->logMessage('Signin>>> form - isAuth() '.$user->isAuthenticated(), 'info'); if ($user->isAuthenticated()) { $this->getUser()->setAttribute('tenant', $this->getUser()->getGuardUser()->sfuser->Tenant->getID()); return $this->redirect($user->getReferer($request->getReferer())); } $class = sfConfig::get('app_sf_guard_plugin_signin_form', 'sfGuardFormSignin'); $this->form = new $class(); $referer = $user->getReferer($request->getReferer()); $this->logMessage('Signin>>> referer: '.$referer, 'info'); $this->logMessage('Signin>>> referer: '.$request->getReferer(), 'info'); if ($request->isMethod('post')) { $this->form->bind($request->getParameter('signin')); if ($this->form->isValid()) { $values = $this->form->getValues(); $this->getUser()->signin($values['user'], array_key_exists('remember', $values) ? $values['remember'] : false); $this->getUser()->setAttribute('tenant', $this->getUser()->getGuardUser()->sfuser->Tenant->getID()); $this->logMessage('Signin>>> sfUrl | @homepage: '.sfConfig::get('app_sf_guard_plugin_success_signin_url','@homepage'), 'info'); return $this->redirect("" != $referer ? $referer : sfConfig::get('app_sf_guard_plugin_success_signin_url','@homepage')); } } else { if ($request->isXmlHttpRequest()) { $this->getResponse()->setHeaderOnly(true); $this->getResponse()->setStatusCode(401); return sfView::NONE; } // if we have been forwarded, then the referer is the current URL // if not, this is the referer of the current request $user->setReferer($this->getContext()->getActionStack()->getSize() > 1 ? $request->getUri() : $request->getReferer()); $this->logMessage('Signin>>> oldy: '.$request->getUri(), 'info'); $this->logMessage('Signin>>> oldy: '.$request->getReferer(), 'info'); $module = sfConfig::get('sf_login_module'); if ($this->getModuleName() != $module) { return $this->redirect($module.'/'.sfConfig::get('sf_login_action')); } $this->getResponse()->setStatusCode(401); } } Trace: May 27 10:10:14 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signin" (/login) May 27 10:10:14 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signout" (/logout) May 27 10:10:14 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_password" (/request_password) May 27 10:10:14 symfony [info] {sfPatternRouting} Match route "register" (/register) for /register with parameters array ( 'module' => 'register', 'action' => 'index',) May 27 10:10:14 symfony [info] {sfFilterChain} Executing filter "sfGuardRememberMeFilter" May 27 10:10:14 symfony [info] {sfFilterChain} Executing filter "sfRenderingFilter" May 27 10:10:14 symfony [info] {sfFilterChain} Executing filter "sfExecutionFilter" May 27 10:10:14 symfony [info] {registerActions} Call "registerActions->executeIndex()" May 27 10:10:14 symfony [info] {sfFrontWebController} Redirect to "http://cim/frontend_dev.php/login" May 27 10:10:14 symfony [info] {sfWebResponse} Send status "HTTP/1.1 302 Found" May 27 10:10:14 symfony [info] {sfWebResponse} Send header "Location: http://cim/frontend_dev.php/login" May 27 10:10:14 symfony [info] {sfWebResponse} Send header "Content-Type: text/html; charset=utf-8" May 27 10:10:14 symfony [info] {sfWebDebugLogger} Configuration 13.39 ms (9) May 27 10:10:14 symfony [info] {sfWebDebugLogger} Factories 50.02 ms (1) May 27 10:10:14 symfony [info] {sfWebDebugLogger} Action "register/index" 1.94 ms (1) May 27 10:10:14 symfony [info] {sfWebResponse} Send content (104 o) May 27 10:10:16 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signin" (/login) May 27 10:10:16 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signout" (/logout) May 27 10:10:16 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_password" (/request_password) May 27 10:10:16 symfony [info] {sfPatternRouting} Match route "sf_guard_signin" (/login) for /login with parameters array ( 'module' => 'sfGuardAuth', 'action' => 'signin',) May 27 10:10:16 symfony [info] {sfFilterChain} Executing filter "sfGuardRememberMeFilter" May 27 10:10:16 symfony [info] {sfFilterChain} Executing filter "sfRenderingFilter" May 27 10:10:16 symfony [info] {sfFilterChain} Executing filter "sfExecutionFilter" May 27 10:10:16 symfony [info] {sfGuardAuthActions} Call "sfGuardAuthActions->executeSignin()" May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> form - isAuth() May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> referer: http://cim/frontend_dev.php/ May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> referer: http://cim/frontend_dev.php/ May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> oldy: http://cim/frontend_dev.php/login May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> oldy: http://cim/frontend_dev.php/ May 27 10:10:16 symfony [info] {sfPHPView} Render "D:/projects/cim/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/signinSuccess.php" May 27 10:10:16 symfony [info] {sfPHPView} Decorate content with "D:\projects\cim\apps\frontend\templates/layout.php" May 27 10:10:16 symfony [info] {sfPHPView} Render "D:\projects\cim\apps\frontend\templates/layout.php" May 27 10:10:16 symfony [info] {main} Get slot "title" May 27 10:10:16 symfony [info] {sfWebResponse} Send status "HTTP/1.1 401 Unauthorized" May 27 10:10:16 symfony [info] {sfWebResponse} Send header "Content-Type: text/html; charset=utf-8" May 27 10:10:16 symfony [info] {sfWebDebugLogger} Configuration 16.06 ms (10) May 27 10:10:16 symfony [info] {sfWebDebugLogger} Factories 50.00 ms (1) May 27 10:10:16 symfony [info] {sfWebDebugLogger} Action "sfGuardAuth/signin" 14.53 ms (1) May 27 10:10:16 symfony [info] {sfWebDebugLogger} View "Success" for "sfGuardAuth/signin" 34.44 ms (1) May 27 10:10:16 symfony [info] {sfWebResponse} Send content (38057 o)

    Read the article

  • Using RIA Services FilterDescriptor from code behind

    - by Fermin
    Hi, I was wondering if it's possible to use the FilterDescriptor control from code behind? On the page load of my form I set the datasource of a grid in the code behind, not using a DomainDataSource control, like: TestDomainContext context = new TestDomainContext(); dataGridEmployees.ItemsSource = context.EmployeePositions; context.Load(context.GetEmployeesWithPositionQuery()); I have a textbox on my page that the user can enter into to filter on employee position. Is it now possible to add FilterDescriptor to the source of the DataGrid in code behind? Or would I manually need to filter the results of the context.GetEmployeesWithPositionQuery, for example on KeyUp event of the filter TextBox?

    Read the article

  • Laplacian of Gaussian: how does it work? (opencv)

    - by maximus
    Does anybody know how does it work and how to do it using opencv? Laplacian can be calculated using opencv, but the result is not what I expected. I mean I expect the image to be approximately constant contrast at background regions, but it is black, and edges are white. There are a lot of noise also, even after gauss filter. I filter image using gaussian filter and then apply laplace. I think what I want is done by a different way.

    Read the article

  • Android: Filtering a SimpleCursorAdapter ListView

    - by Diego Tori
    Right now, I'm running into issues trying to implement a FilterQueryProvider in my custom SimpleCursorAdapter, since I'm unsure of what to do in the FilterQueryProvider's runQuery function. In other words, since the query that comprises my ListView basically gets the rowID, name, and a third column from my databases's table, I want to be able to filter the cursor based on the partial value of the name column. However, I am uncertain of whether I can do this directly from runQuery without expanding my DB class since I want to filter the existing cursor, or will I have to create a new query function in my DB class that partially searches my name column, and if so, how would I go about creating the query statement while using the CharSequence constraint argument in runQuery? I am also concerned about the performance issues associated with trying to run multiple queries based on partial text since the DB table in question has about 1300-1400 rows. In other words, would I run into a bottleneck trying to filter the cursor?

    Read the article

  • Django Managers

    - by owca
    I have the following models code : from django.db import models from categories.models import Category class MusicManager(models.Manager): def get_query_set(self): return super(MusicManager, self).get_query_set().filter(category='Music') def count_music(self): return self.all().count() class SportManager(models.Manager): def get_query_set(self): return super(MusicManager, self).get_query_set().filter(category='Sport') class Event(models.Model): title = models.CharField(max_length=120) category = models.ForeignKey(Category) objects = models.Manager() music = MusicManager() sport = SportManager() Now by registering MusicManager() and SportManager() I am able to call Event.music.all() and Event.sport.all() queries. But how can I create Event.music.count() ? Should I call self.all() in count_music() function of MusicManager to query only on elements with 'Music' category or do I still need to filter through them in search for category first ?

    Read the article

  • jQuery Filtering Gridview Columns

    - by RSchmitt
    I'm looking to have a click event for all columns but the last column of a GridView and then have a separate click event for the last column of the gridview (a DropDownList). I have the following right now but just can't seem to get it to exclude the last column: var _activeRow; $('.gridview-jquerify tr').filter(function() { return $('td', this).length && !$('table', this).length }) .bind('click', function(e) { if (_activeRow) _activeRow.removeClass('gridviewrow-highlighted'); _activeRow = $(this).addClass('gridviewrow-highlighted'); $(this).each(function() { var myID = $(this).find('.gridview-cell-hide').html(); __doPostBack('MyUpdatePanel', myID); }); }); Then I can't seem to get a variation of the above to work for the last column by doing a filter using :last in the selector such as: $('.gridview-jquerify tr >td:last').filter(function() { return $('td)', this).length && !$('table', this).length })

    Read the article

  • Prevent SQL injection from form-generated SQL - NO PreparedStmts

    - by Markos Fragkakis
    Hi all, I have a search table where user will be able to filter results with a filter of the type: Field [Name], Value [John], Remove Rule Field [Surname], Value [Blake], Remove Rule Field [Has Children], Value [Yes], Remove Rule Add Rule So the user will be able to set an arbitrary set of filters, which will result essentially in a completely dynamic WHERE clause. In the future I will also have to implement more complicated logical expressions, like Where (name=John OR name=Nick) AND (surname=Blake OR surname=Bourne), Of all 10 fields the user may or may not filter by, I don't know how many and which filters the user will set. So, I cannot use a prepared statement (which assumes that at least we know the fields in the WHERE clause). This is why prepared statements are unfortunately out of the question, I have to do it with plain old, generated SQL. What measures can I take to protect the application from SQL Injection (REGEX-wise or any other way)?

    Read the article

  • Filtering MySQL query result according to a interval of timestamp

    - by celalo
    Let's say I have a very large MySQL table with a timestamp field. So I want to filter out some of the results not to have too many rows because I am going to print them. Let's say the timestamps are increasing as the number of rows increase and they are like every one minute on average. (Does not necessarily to be exactly once every minute, ex: 2010-06-07 03:55:14, 2010-06-07 03:56:23, 2010-06-07 03:57:01, 2010-06-07 03:57:51, 2010-06-07 03:59:21 ...) As I mentioned earlier I want to filter out some of the records, I do not have specific rule to do that, but I was thinking to filter out the rows according to the timestamp interval. After I achieve filtering I want to have a result set which has a certain amount of minutes between timestamps on average (ex: 2010-06-07 03:20:14, 2010-06-07 03:29:23, 2010-06-07 03:38:01, 2010-06-07 03:49:51, 2010-06-07 03:59:21 ...) Last but not least, the operation should not take incredible amount of time, I need this functionality to be almost fast as a normal select operation. Do you have any suggestions?

    Read the article

  • Query results taking too long on 200K database, speed up tips?

    - by colorfulgrayscale
    I have a sql statement where I'm joining about 4 tables, each with 200K rows. The query runs, but keeps freezing. When I do a join on 3 tables instead, it returns the rows (takes about 10secs). Any suggestion why? suggestions to speed up? Thanks! Code SELECT * FROM equipment, tiremap, workreference, tirework WHERE equipment.tiremap = tiremap.`TireID` AND tiremap.`WorkMap` = workreference.`aMap` AND workreference.`bMap` = tirework.workmap LIMIT 5 p.s and if it helps any, I'm using sql alchemy to generate this code, the sqlalchemy code for this is query = session.query(equipment, tiremap, workreference, tirework) query = query.filter(equipment.c.tiremap == tiremap.c.TireID) query = query.filter(tiremap.c.WorkMap==workreference.c.aMap) query = query.filter(workreference.c.bMap == tirework.c.workmap) query = query.limit(5) query.all()

    Read the article

  • how to bind to the results of a query in WPF

    - by randyc
    I have a query that hits a service and returns the results back to me as an indexed collection static void QueryActivities() { QueryClient qc = new QueryClient("BasicHttpBinding_IQuery"); QueryFilter filter = new QueryFilter(); filter.CallForService = false; var result = qc.GetFilteredActivityIndex(filter); result.Clone(); //inserted this just to test return in debug mode } WHen this is executed I get a return of 5 records ( actually five rows of data with multiple values per each row. id, type, date, address etc). I would like to bind this return to a gridview within a WPF application. Is there a way to refernce and bind to result variable or do I need to create a new collection and then add the return of result to the new collection? thank you

    Read the article

  • Handy F# snippets

    - by Benjol
    There are already two questions about F#/functional snippets. However what I'm looking for here are useful snippets, little 'helper' functions that are reusable. Or obscure but nifty patterns that you can never quite remember. Something like: open System.IO let rec visitor dir filter= seq { yield! Directory.GetFiles(dir, filter) for subdir in Directory.GetDirectories(dir) do yield! visitor subdir filter} I'd like to make this a kind of handy reference page. As such there will be no right answer, but hopefully lots of good ones.

    Read the article

  • write client ip in iis 7.0 log over firewalls

    - by Guy Bertental
    Hi, I a solution for IIS 7.0 which runs on windows server 2008 64bit to write my clients IP to IIS logs while the server is behind firewalls and proxies (Pass X-Forwarded-For header value). I've tried to install the an ISAPI Filter written by Joe Pruitt. it works great on Windows Server 2003 32bit IIS 6.0, but seems to do nothing at all on windows server 2008 64bit IIS 7.0. Did anyone try this ISAPI filter on this version of OS? or have another solution? link to the Joe Pruitt's (from F5) ISAPI filter: http://devcentral.f5.com/weblogs/Joe/archive/2009/08/19/x_forwarded_for_log_filter_for_windows_servers.aspx best regards, guy bertental

    Read the article

  • how to close a popup screen in blackberry bold

    - by SWATI
    hey i have displayed a pop-up screen when i click on a menu item now i want to close that pop-up screen when user presses escape key.but it does not work and remain stuck,till i click on a button on the pop=up screen. how can i achieve that???? filter is my pop-up screen my code is ::: protected boolean keyChar(char c, int status, int time) { boolean retVal = false; if (c == Characters.ESCAPE) { close(); UiApplication.getUiApplication().invokeLater(new Runnable() { public void run() { //UiApplication.getUiApplication().popScreen(filter); UiApplication.getUiApplication(). popScreen(UiApplication.getUiApplication().getActiveScreen());//(filter); } }); retVal = super.keyChar(c,status,time); } return retVal; }

    Read the article

  • How dynamic can I make my LINQ To SQL Statements?

    - by mcass20
    I have the need to construct a LINQ To SQL statement at runtime based on input from a user and I can't seem to figure out how to dynamically build the WHERE clause. I have no problem with the following: string Filters = "<value>FOO</value>"; Where("FormattedMessage.Contains(@0)",Filters) But what I really need is to make the entire WHERE clause dynamic. This way I can add multiple conditions at runtime like this (rough idea): foreach (Filter filter in filterlist) { whereclause = whereclause + "&& formattedmessage.contains(filter)"; }

    Read the article

  • ServiceTracker in OSGi r4.1

    - by Schildmeijer
    Im using a org.osgi.util.tracker.ServiceTracker (PrintableServiceTracker implements ServiceTrackerCustomizer and simply prints when a new service is added). Filter filter = bc.createFilter("(objectClass=se.enea.print.Printable)"); tracker = new ServiceTracker(bc, filter, new PrintableServiceTracker(bc)); I've read about "pseudo registration" in the new ebook "OSGi in action" and I wonder if I have to do pseudo registration explicitly or if the framwork handles this automatically? (Will already installed Printable services be caught by the ServiceTracker. will ServiceTracker.addingService(ServiceReference) be called for each of the pre installed Printable services)

    Read the article

  • Views performance in MySQL for denormalization

    - by Gianluca Bargelli
    I am currently writing my truly first PHP Application and i would like to know how to project/design/implement MySQL Views properly; In my particular case User data is spread across several tables (as a consequence of Database Normalization) and i was thinking to use a View to group data into one large table: CREATE VIEW `Users_Merged` ( name, surname, email, phone, role ) AS ( SELECT name, surname, email, phone, 'Customer' FROM `Customer` ) UNION ( SELECT name, surname, email, tel, 'Admin' FROM `Administrator` ) UNION ( SELECT name, surname, email, tel, 'Manager' FROM `manager` ); This way i can use the View's data from the PHP app easily but i don't really know how much this can affect performance. For example: SELECT * from `Users_Merged` WHERE role = 'Admin'; Is the right way to filter view's data or should i filter BEFORE creating the view itself? (I need this to have a list of users and the functionality to filter them by role). EDIT Specifically what i'm trying to obtain is Denormalization of three tables into one. Is my solution correct? See Denormalization on wikipedia

    Read the article

  • Lucene.NET faceted search.

    - by Paul Knopf
    I found a great tutorial on performing a faceted search. http://www.devatwork.nl/articles/lucenenet/faceted-search-and-drill-down-lucenenet/ This article does not explain how to retrieve the narrowed available attributes to filter from (for further drill down). Lets say I am looking for planners that are red. When I perform the faceted search, I want to return all available attributes to filter from that are red. Then when I add a "weekly format" filter, I want the attribute list to get even smaller, containing only filters available for the segmented group.

    Read the article

  • Best way to optimize queries like this in Django

    - by chris
    I am trying to lower the amount of queries that my django app is using, but I am a little confused on how to do it. I would like to get a query set with one hit to the database and then filter items from that set. I have tried a couple of things, but I always get queries for each set. let's say I want to get all names from my DB, but also separate out the people just named Ted. Both the names and the ted set will be used in the template. This will give me two sets, one with all names and one with Ted.. but also hits the database twice: namelist = People.objects.all() tedList = namelist.filter(name='ted') Is there a way to filter the first set without hitting the data base again?

    Read the article

  • Django equivalent for latest entry for each user

    - by paul-ogrady
    Hi, I'm surprised this question hasn't come up. Couldn't find much on the web. Using Entry.objects.latest('created_at') I can recover the latest entry for all Entry objects, but say if I want the latest entry for each user? This is something similar to an SQL latest record query. But how do I achieve this using the ORM? Here is my approach I'm wondering if it is the most efficient way to do what I want. First I perform a sub query: Objects are grouped by user and the Max (latest) created_by field is returned for each user (created_at__max) I then filter Entry objects based on the results in the subquery and get the required objects. Entry.objects.filter(created_at__in=Entry.objects.values('user').annotate(Max('created_at')).values_list('created_at__max')) or using a manager: class UsersLatest(models.Manager): def get_query_set(self): return Super(UsersLatest,self).get_query_set().filter(created_at__in=self.model.objects.values('user').annotate(Max('created_at')).values_list('created_at__max')) Is there a more efficient way? possibly without sub query? Thanks, Paul

    Read the article

  • Which way is more effective?

    - by Danny Chen
    I have a huge IEnumerable(suppose the name is myItems), which way is more effective? Solution 1: Filter it first then ForEach. Array.ForEach(myItems.Where(FILTER-IT-HERE).ToArray(),MY-ACTION); Solution 2: Do RETURN in MY-ACTION if the item is not up to the mustard. Array.ForEach(myItems.ToArray(),MY-ACTION-WITH-FILTER); Is one of them always better than another? Or any other good suggestions? Thanks in advance.

    Read the article

  • NSPredicates with custom objects

    - by Horatiu Paraschiv
    Hi, I have the following problem and I cannot figure out how to solve it. I have an NSSet which contains Person objects (NSDictionary with 2 keys: name, age). From time to time I get an NSArray of Person objects and I want to add them to my NSSet but I want to filter out the duplicates. I'm thinking I could use NSPredicates but I am reading the documentation and I can't understand how should I format my NSPredicate to filter out my array content based on what I already have in NSSet. So I have an NSSet with 5 custom objects and I get an NSArray with 6 objects but 3 of them already exist in NSSet and I want to filter them out. I understand what I should do with basic objects like Strings, integers, etc but I don't know how to extend this to work with custom more complex objects. I hope I was clear enough with my problem. Any starting point, example or advice is much appreciated. Thank you!

    Read the article

  • LINQ To SQL Wildcards

    - by mcass20
    How can I build in wildcards to my LINQ To SQL lambda expression? This is what I have currently: var query = from log in context.Logs select log; foreach (string filter in CustomReport.ExtColsToFilter) { string tempFilter = filter; query = query.Where(Log => Log.FormattedMessage.Contains(tempFilter)); } This works fine up until I try and pass wildcards in the filter string. I'm experimenting with SqlMethods.Like() but to no avail. The filters above look like this: "<key>NID</key><value>mcass</value>". I'd like to be able to pass filters like this: "<key>NID</key><value>%m%</value>"

    Read the article

  • Django many to many annotations and filters

    - by dl8
    So I have two models, Person and Film where they're in a many to many relationship. My goal is to grab a film, and output the persons that have also appeared in at least 10 films. For example I can get the count individually by: >>> Person.objects.get(short__istartswith = "Matt Damon").film_set.count() 71 However, if I try to filter all the actors of a particular film out: >>> Film.objects.get(name__istartswith="Saving Private Ryan").actors.all().annotate(film_count=Count('film')).filter(film_count__gte=10) [] it returns an empty set since if I manually look at everyone's film_count it's 1, even though an actor such as Matt Damon (as seen above) has been in 71 films in my db. As you can see with this query, the annotation doesn't work: >>> Film.objects.get(name__istartswith="Saving Private Ryan").actors.all().annotate(film_count=Count('film'))[0].film_count 1 >>> Film.objects.get(name__istartswith="Saving Private Ryan").actors.all().annotate(film_count=Count('film'))[0].film_set.count() 7 and I can't seem to figure out a way to filter it by the film_set.count()

    Read the article

  • why egrep's stdout did not go through pipe?

    - by ccfenix
    Hi, i got a weird problem regarding egrep and pipe I tried to filter a stream containing some lines who start with a topic name, such as "TICK:this is a tick message\n" When I try to use egrep to filter it : ./stream_generator | egrep 'TICK' | ./topic_processor It seems that the topic_processor never receives any messages However, when i use the following python script: ./stream_generator | python filter.py --topics TICK | ./topic_processor everything looks to be fine. I guess there need to be a 'flush' mechanism for egrep as well, is this correct? Can anyone here give me a clue? Thanks a million import sys from optparse import OptionParser if __name__ == '__main__': parser = OptionParser() parser.add_option("-m", "--topics", action="store", type="string", dest="topics") (opts, args) = parser.parse_args() topics = opts.topics.split(':') while True: s = sys.stdin.readline() for each in topics: if s[0:4] == each: sys.stdout.write(s) sys.stdout.flush()

    Read the article

  • Prevent SQL injection from form-generated SQL.

    - by Markos Fragkakis
    Hi all, I have a search table where user will be able to filter results with a filter of the type: Field [Name], Value [John], Remove Rule Field [Surname], Value [Blake], Remove Rule Field [Has Children], Value [Yes], Remove Rule Add Rule So the user will be able to set an arbitrary set of filters, which will result essentially in a completely dynamic WHERE clause. In the future I will also have to implement more complicated logical expressions, like Where (name=John OR name=Nick) AND (surname=Blake OR surname=Bourne), Of all 10 fields the user may or may not filter by, I don't know how many and which filters the user will set. So, I cannot use a prepared statement (which assumes that at least we know the fields in the WHERE clause). This is why prepared statements are unfortunately out of the question, I have to do it with plain old, generated SQL. What measures can I take to protect the application from SQL Injection (REGEX-wise or any other way)?

    Read the article

< Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >