simboski19

Ah sorry Christian, I must have mis-read your previous email. Yeah sure, I'll give it a go without the use of a regex. Many thanks again for your help

That works like a treat Christian, thanks again. I couldn't find any mention of the non-incremental regex in the post you mention. Any ideas? I could post another topic more specifically for the non-incremental regex. Thanks

Thanks for the advice Christian. Yes I 100% agree with your view on the simplicity of the password, however this is controlled by the companies API we are having to tap into. We would indeed make the password much stronger but not our choice. I'll certainly take a look at the link you have sent through. Thanks again.

Hi there, I am working with a web api that has specific requirements for the way it's passwords are formatted. I have used regex very rarely and therefore am very unfamiliar with how to structure them. Basically one of the requirements is that the password entered should: Be - not-repeating such as 'aaaa' AND Be - not-incremental such as '1234' or 'abcd' My current code looks like this: // Password requirements: // Length: Minimal 4 chars, maximum 39 chars if (strlen($password) >= 4 && strlen($password) < 40) { // the password has at least 4 chars and is less than 40 chars in length // Move on... } else { array_push($errors,'Your <strong>Password</strong> must be between <strong>4 and 39</strong> characters in length. Please try again.'); } // Allowed chars: a-z, A-Z, 0-9, minus, underscore, at-sign and dot REGEX TO GO HERE? // Additional: not-repeating and not-incremental like 'aaaa' or '1234' or 'abcd' REGEX TO GO HERE? Could someone help me with the formatting please. I did look at the various links on first post in the forum but it was still way over my head!!!? Any help would be much appreciated.

Hi there, I am in the process of building a penny auction website using php / javascript. I am at the stage of developing the bidding process by which someone clicks to bid on an item, this resets a time counter and this runs over and over until someone wins when the clock strikes 00:00. My understanding is that I would be updating various database tables with the bidder information, updating the time remaining and doing this every second which would require a cronjob to be run on the server every second. I wondered if anyone had real experience of working with / building one of these websites as this is slightly new to me? What I am unsure about is how complicated this constant requesting and serving information is? What are the best things to use to get / set the information. I was planning on using php to update a table with the new bidder information and the date/time. This would also update the product with the time remaining. If a new user bids this overwrites this information and the process starts again. Any information would be a massive help and much appreciated. Thanks Simon

Yes that is correct, it is simply posting to itself. Does this not have some validation issues however? Just a thought if it's empty thats all. I have given this a go and I will let you know how i get on. Many thanks Simon

Hi there, I am having some issues with a page failing security tests because of a form. The form's text input files is getting sanitized when posted but the only thing I can think is that the form action="" is $_SERVER['REQUEST_URI'] and this then includes anything that is within the URL. <form name="zipcode" id="zipcode" action="<?php echo htmlentities($_SERVER['REQUEST_URI'], ENT_QUOTES, "UTF-8"); ?>" method="post"> <label for="zip" class="smalllbl">Zipcode: </label> <input type="text" class="smallzip" name="zip" id="zip" value="" /> </form> Has anyone else experienced this when running PCI Compliance style security tests? And if you have, why would this happen as the same form action is used elsewhere with no issues. Many thanks in advance Simon

Works like a treat. Many thanks Simon

Great thanks. I'll try both now. Using $_GLOBALS, am I right in thinking this can then be used anywhere in the php file in multiple functions? Thanks Simon

Hi, As the title suggests I am unsure on how to first run a query which stores values into an array. I then need to run a function multiple times but use the array within the function. How is this possible? I have had no luck figuring it out yet. 1. RUN QUERY 2. BUILD ARRAY USING QUERY RESULTS 3. RUN FUNCTION MULTIPLE TIMES 4. WITHIN FUNCTION I NEED TO USE ARRAY Many thanks Simon

Thanks for the information guys. One thing though as I am not so clued up with the inserting of data in a safe manor apart from mysql real escape string(). Are you saying that as long as the data is made safe on entering and exiting the database there would never been an issue of security here? Thanks Simon

Thanks AyKay47, I will give this a go. Hi Adam, I need to remove all tags and their content as i need to stop people inserted dangerous scripts into my DB. They were just a few examples but if you have any further suggestions they would be welcomed. Thanks guys Simon

Yeah i have tried around 4-5 of these functions that i discovered using Google search but this is slightly above my ability so just wondered if anyone had the same need in the past and a function that works. Many of the preg_replace functions didnt work replacing all of the content and the tags. Simon

Is there a way/function to not only remove <script>, <embed> tags etc but also remove the content within the tags so this: " some text <script> functionhere(); </script> some more text " to this: " some text some more text " In effect remove the whole tag and content within the tags? Havent been able to find anything online that works Many thanks in advance. Simon

Hi there, Just tried the base href tag and it didnt work unfortunately. To give some more information here: - In my .htaccess i have a RewriteBase /admin <- i need this to actually get to the correct files as my structure is: / -> root files for front-facing website /admin/ -> the admin is found within this folder and within here this is where i need to tweak/change the DOC ROOT - In my header i need to somehow redirect any files from root to /admin/(root now here) <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" /> <link rel="stylesheet" type="text/css" href="/css/screen.css" media="screen" /> <link rel="stylesheet" type="text/css" href="/css/orange/orange.css" media="screen" /> So they would become: <link rel="shortcut icon" href="/admin/favicon.ico" type="image/x-icon" /> <link rel="stylesheet" type="text/css" href="/admin/css/screen.css" media="screen" /> <link rel="stylesheet" type="text/css" href="/admin/css/orange/orange.css" media="screen" /> Thanks Simon