Before you start

Hi,

I would like to enquire on the appropriate steps to be taken to prevent SQL injection.

I have created a form but when I try the input '' into the field, it gives me a SQL error.

I have taken a look at the user.module in the Drupal 5 Core and realised that the it is done through the function below.

Personally, I found this solution unsatisfactory for my purpose. What if a user wishes to declare his name as O'Reily? The ' sign will prevent him from doing so while the name is perfectly legitimate.

I have done a search on the site but to no avail. Can any kind souls point me to the right direction?

Basically, I am looking for some contributed module or code snippet. Thanks in advance =)


function user_validate_name($name) {
if (!strlen($name)) return t('You must enter a username.');
if (substr($name, 0, 1) == ' ') return t('The username cannot begin with a space.');
if (substr($name, -1) == ' ') return t('The username cannot end with a space.');
if (strpos($name, ' ') !== FALSE) return t('The username cannot contain multiple spaces in a row.');
if (ereg("[^\x80-\xF7 [:alnum:]@_.-]", $name)) return t('The username contains an illegal character.');
if (preg_match('/[\x{80}-\x{A0}'. // Non-printable ISO-8859-1 + NBSP
'\x{AD}'. // Soft-hyphen

What is taxonomy

So I've been installing, running, config'ing and designing Joomla! sites for the past couple of years. It has been my php app of choice when not using ASP for windows houses.
But I have a project coming up that I've decided Joomla! may not have the existing module variety and choices. I particularly like the commerce options and flexibility available for Drupal.
This all being said, I am new.
I have set up a Drupal site on a test server in preparation for the project.

Heres the goal.

Greetings -

I've built several website with Drupal 5.x but over the past six months I have been on hiatus and have not been following the Drupal site at all. When I went on hiatus I had ascertained that although Drupal 6.x had been released, it wasn't in broad use for production websites just yet due to the lack of a few key contributed modules. That's the last thing I know.

Hi, there,

I'm just starting to get to know Drupal through this site and forum.

I seem to notice modules and functionality that is not yet available for 6.x and I'm wondering if someone would really spell out the value of using 6.x over the latest 5.x release. I don't plan on doing any development, so the more pre-made (working) modules that are available, the better.

What would some of you more experienced users do if starting from scratch right now, knowing what you know. Would you stay on 5 or move to 6?

I have a client who is having trouble uploading files larger than 2MB. I have increased the php_memory value in the htaccess file and he is still having problems. Yet when I upload files to the server directly via FTP (as high as 60MB), no problems.

a) what else should i be troubleshooting so he can upload using drupal successfully

b) He is concerned about members having trouble downloading and wants to know if there is any way we can simulate high traffic and multiple downloads at once to ensure once the site is open to members there will not be any problems