Jump to content

KubeR

Members
  • Posts

    72
  • Joined

  • Last visited

About KubeR

  • Birthday 01/31/1997

Profile Information

  • Gender
    Male
  • Interests
    Everything.
  • Age
    17

KubeR's Achievements

Member

Member (2/5)

0

Reputation

  1. What I am trying to do is seperate functions and mysqli connection data into different files. mysqli.php $db = new mysqli(*,*,*,*); function safe_store($error) { global $db; if(!$db->store_result()) { redirect_error($error); } } full function above : function has_execeeded_max_login_fail($max,$times) { global $table_prefix,$db,$current_ip; if($result=$db->query("SELECT `times_failed` FROM `".$table_prefix."_failed_login` WHERE `ip`='$current_ip'")) { if($result->num_rows) { safe_store("2@".$result->num_rows."@".$db->errno."#:".$db->error."@SELECT `times_failed` FROM `".$table_prefix."_failed_login` WHERE `ip`='$current_ip'"); $assoc=$result->fetch_assoc(); if($assoc["times_failed"]==$max) { $return=1; }else{ $return=0; $times=$assoc["times_failed"]; } $db->free(); }else{ $return=0; $times=0; } }else{ redirect_error("1@".$db->error); } return $return; } redirect_error just outputs the error.
  2. Hello, I am trying to send a query and receive data from it, the query is sent successfully and gets the neccessary data, the problem is that store_result returns false if($result=$db->query("SELECT `times_failed` FROM `".$table_prefix."_failed_login` WHERE `ip`='$current_ip' AND `ip2`='$current_ip2'")) { if($result->num_rows) { safe_store("There is an error in the store result'"); } } $result->num_rows returns 1 row I outputted the query using echo SELECT `times_failed` FROM `am_failed_login` WHERE `ip`='127.0.0.1' AND `ip2`='' and tried to send a query using phpMyAdmin and it returned the result as I wanted. The "safe_store" (don't mind the name, I just named it like it) function safe_store($error) { global $db; if(!$db->store_result()) { redirect_error($error); } } I tried to use just $db->store_result(); but it returned Fatal error: Call to undefined method mysqli::free() in C:\xamp\htdocs\projects\lib\functions\user.php on line 310 And fact, that the query returned a result and the num_rows found 1 line in the result. Kaperstone.
  3. Hello, I'd like to know if there is any alternatives for cookies,session and ip for user identification ? As cookies aren't secure enough as they're easily compromised and untrustable. As for session, I haven't seen a website that uses session for user identification while still being told to use in several "Login/Registration" tutorials, but aren't secure/trustworthy in my opinion as they're editable. IP isn't the best idea because people use proxys and can change ip per page or interval. ( and VPN's ) User agents are editable by plugins and aren't unique as far as I know. Are there any trustworthy information that can be retrived from the user ? or combine a few into one ? (except evercookie) P.S. I am aware of OpenID, OAuth and social media authentication, but I am not interested in other websites identifying users for me. Appericiate any input.
  4. I didn't intend to reverse it, nor build a crypto with a decrypt, but a hash so as you said "the result wil always be the same", the $key is a salt, I just named it like that for no reason .... I will look more into bcrypt, thank you.
  5. Hi, Recently I've been trying writing a safe password hash and I wanted to know that if I use an MD5 hash at the end, just so it will be like some short of "packed",so instead of saving a 128 string, I'll use md5 to "pack" it into 32 characters and save up to 96 characters. I know MD5 isn't safe and all, but the question is, does it lower the security ? Also, would be happy for feedbacks about my password hash function hash_($input,$key) { $op=hash("whirlpool",hash("sha512",$key) . "$" . $input . "$" . hash("sha512",$key)); $h1=hash("sha512",$key);$h2=hash("sha512",$key); for($x=0;$x<24;$x++){$op=hash("whirlpool",$h1 . "$" . $op . "$" . $h2);} return $op;} Is it secured enough for saving high number of users or it can be improved somehow ? This might sound like I am a newbie, but I prefer sound like one instead of going the wrong way. - KubeR.
  6. Okay,I managed to install mod_security and added the RewriteEngine in .htacces as extra. But it doesn't seem to work. error_log access_log looks the same... If it's normal then I think the best option will be to turn off the logging completely, because I waste lots of storage on just storing these logs.
  7. Hello, Recently I put my websites up, but since then it constantly records entrys from domains which are trying to reach strange paths. Is there away to stop those fail path reach logs and only records what's else ? Or even completely stop it ? My operation system is CentOS 32bit.
  8. Sorry for not answering that long, I solved the problem by adding more IP and attaching each domain to different IP. Before I tried to refer multiple domains through a single IP to multiple folders.
  9. clearing the firewall settings didn't work. Can't ping the website it says "Ping request could not find host" /etc/resolv.conf - They're the default name servers, worked before, so I guess they are.
  10. Well, it's not a cloud server but a basic VPS, it came with a VPS cp to manage the vps - SolusVM This. It points to a name server but doesn't return an IP.
  11. One free control panel, the cheapest you can get. I personally, used zpanel and vestacp, but you can find more on Google. Free isn't always worse than paid.
  12. Reachable through SSH,points to the proper IP and there is no FAQ as I purchased a VPS and I've changed the OS manually. As I said, the OS I switched to is very minimal, it almost don't have commands, only the basic for file operation(ls,cd,chmod etc.) and OS startup, else like the standard commands which you posted before it doesn't have. This is why I am asking, before, the Centos had all the packages on already installed, but now it doesn't have them (because the new OS is minimal), which in my opinion I am missing those packages which are in charge of the DNS process or relative which because of it, it doesn't work properly.
  13. It worked before pointing to the same name server with different control panel and operation system.
  14. Hello, I've installed a Debian x64 minimal package and a control panel on my VPS, but after I install the name servers, the domain doesn't reach my VPS's name servers for some reason. The minimal package comes only with the tools to run the Debian server which means it had no sudo and such. But previously when I had Centos on before switching to Debian, it did reach the name servers. Which in this case I suspect that it's a server-side problem, could there be any ? When I try to connect to the domain it says that the website is not available. I am using zpanel and the default DNS records that the zpanel generates. P.S. I tried to find the reason why it doesn't work but I couldn't find any solution, all I found is suggestions to add www A record which also didn't work. And yes, I did wait 24 hours and even more.
  15. Thank you. works perfectly,about the rest. I tried to fix it by debugging and alerting the array values, found that I used slice instead of split,took the value that splice returned instead of just let it stand alone and named #output instead of #t_o. for those who are interested in the fixed code and/or in need of similar code : var t_t = 0; $("#t_i").keypress(function (e) { var key = e.which; if (key == 13 || key == 188) { e.preventDefault(); var tag = $(this).val(); if (tag.length > 0) { t_t++; $("<span class=\"tag\" id=\"tag_" + t_t + "\"><font>" + tag + "</font><span class=\"tagcan\" id=\"" + t_t + "\">X</span></span>").appendTo("#t_"); $(this).val(""); var output = $("#t_o").val(); $("#t_o").val(output + "," + tag); } } }); $("#t_").on('click', '.tagcan', function() { var d = $(this).attr("id"), c = $("#tag_" + d), a = $("#t_o").val(), b = c.text(),f; c.remove(); a = a.split(","); b=b.substr(0,b.length-1); var e = $.inArray(b, a); a.splice(e, 1); a = a.join(","); $("#t_o").val(a); });
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.