-
Posts
15,229 -
Joined
-
Last visited
-
Days Won
427
Everything posted by requinix
-
RewriteRule does not look at the query string. # 1. If they actually requested "/works.php?proj=foo" then redirect RewriteCond %{REQUEST_URI} ^/works\.php\?proj=([^&]+)$ RewriteRule /works/%1 [L,R] # 2. Rewrite RewriteRule ^/?works/([^/]+) works.php?proj=$1 [L]Even better would be modifying your works.php so that it redirects if it's requested via the wrong URL. Because strictly speaking the #1 above isn't enough to catch the various "invalid" possibilities and simply doing the work in your script is easier than listing them all out.
-
Prevent html from "processing" from user submitted field?
requinix replied to JohnnyDoomo's topic in PHP Coding Help
What you're demonstrating is called XSS and the problem is worse than people just "breaking the site". Write yourself a function that calls htmlentities or htmlspecialchars with the correct set of arguments for your page: passing ENT_QUOTES and whatever character encoding your pages use. Like function htmlescape($string) { return htmlentities($string, ENT_QUOTES, "UTF-8"); }Then use that every time you output arbitrary user-provided information, like <?=htmlescape($_POST["title"])?>If you're wondering about what to do with your database, don't escape the data when it goes in. Only when you're about to display it on your page.But make sure you're not putting $_POST data into your queries directly because there's a SQL version of the problem you're having and it can be even worse than this XSS thing. -
You don't have to type in anything. It happens automatically. But you're dealing with non-whole numbers? Can't have decimal numbers as array keys. You can get around that: make each array key a string by making it non-numeric, like "x54.27". You don't have to get the original numbers back out from that string so it's not so bad. If that feels weird, add them all to the array as values (not keys), then use array_unique() to remove duplicates and array_values() to reindex.
-
${'stats' . $run} = arrayNo. Just, no. Use a regular array. You can probably even do away with the whole $run and ${stats} stuff. $allstats[]= array ( "AP"=>$AP, "EP"=>$EP, "SP"=>$SP, "FX"=>$FX, "Horse"=>$horse, );As for the ranking, You'll need to know what values there are in each category. Build an array for each of the four, containing each horse's score as the key to the array (to eliminate duplicates). // such as $APranks[$AP] = 1; // value doesn't matterWhen you're done, ksort each array in whichever order then grab just the keys. Now you have an array that looks like $APranks = array( // higher is better in this example 0 => 100, 1 => 99, 2 => 95, 3 => 90, ... )The rank would be whatever the corresponding key is + 1, so the rank for an AP=95 is 3. As you're printing out each horse you can get that "corresponding key" with array_search.
-
Getting a users rank from a mysql table with PDO
requinix replied to mediabob's topic in PHP Coding Help
Pretty much, yeah. There are finer details to consider though, like how you treat ties... -
Getting a users rank from a mysql table with PDO
requinix replied to mediabob's topic in PHP Coding Help
Get the user's current score and count how many people have a score above that. -
Then it looks like the shell is executing correctly. Try redirecting stdout someplace in case there are errors. system("/opt/lampp/htdocs/matepred/blast/bin/svm-predict output pssm.scale.model pssm.predict >pssm.out 2>pssm.err");
-
Are you sure svm-predict is marked as executable? Any warnings? Is pssm.out created?
-
htmlspecialchars or htmlentities. Be aware of the ENT_QUOTES setting (apostrophes are not encoded by default) and the character set parameter (as they both assume ISO 8859-1 unless told otherwise). Consider writing your own function that calls either using the correct arguments - that way you don't have to remember to do that yourself every time.
-
Consider reading the documentation for popen() because you're not calling it correctly. Neither were you with fopen() for that matter.
-
How to use loading image in jQuery $.post() ?
requinix replied to ankur0101's topic in Javascript Help
You know that my_hiden_url.php isn't really hidden, right? Anyone can easily find out that it exists. Keep a flag somewhere about whether the content has been loaded. Just before you fire off the AJAX, set the flag=false and do a setTimeout with a function displays the Loading thing if the flag isn't set. When the AJAX returns, set the flag.- 6 replies
-
- jquery post
- loading text
-
(and 1 more)
Tagged with:
-
$pid = fopen( $command,"python Hash_ID_v1.1.py"); echo "<body><pre>"; while( !feof( $pid ) ) { echo fread($pid, 256); flush(); ob_flush(); echo "<script>window.scrollTo(0,99999);</script>"; usleep(100000); } fclose($pid);That's just all completely wrong. fopen() is for opening files. You can't run commands with it. Look into the program execution functions, or popen and friends.
-
User input not being added/updated to SQL database
requinix replied to AshleighCo's topic in PHP Coding Help
Yep, that's the same code you posted earlier alright. Congratulations on that? What is $row supposed to be? The new values from the form? Then shouldn't it be $_POST instead? I'm going to bed. If someone picks up from where I'm leaving off, remember to mention the SQL injection too. -
Or it's not JSON. I only guessed that it might be because you didn't post the actual $content string.
-
What's your source XML? It might be easier to read from that than from the array you built.
-
That looks like JSON. $obj = json_decode("{" . the string . "}"); // if you don't have the {}s already echo $obj->key;
-
User input not being added/updated to SQL database
requinix replied to AshleighCo's topic in PHP Coding Help
So where is $row defined? -
That's one of the things that bothers me: if I'm grouping by a unique key in a table, such as the primary key, then why shouldn't I be able to access other columns from that same table? It's impossible for there to be any ambiguity about which row's data is kept in the grouping because it's guaranteed there's only one row (from that table) in each.
-
Most of the time you use __get and __set to put the data in a different place. If you're just setting it on the object like normal then there's no point using either because that's the default behavior anyways. Since the data is in a different place, if you implement one method you'll very likely need to implement the other. The exception would be using __get and __set with inaccessible members, like class Example { public $one; protected $two; private $three; public function __get($name) { return $this->$name; } public function __set($name, $value) { $this->$name = $value; } public function test() { // none of these will trigger __get or __set $this->one = 123; echo $this->one; $this->two = 234; echo $this->two; $this->three = 345; echo $this->three; } } class Child extends Example { public function test2() { // will not trigger __get/__set $this->one = 123; echo $this->one; $this->two = 234; echo $this->two; // will because it's not accessible $this->three = 345; echo $this->three; } } $e = new Example(); // will not trigger __get/__set $this->one = 123; echo $this->one; // will because it's not accessible $this->two = 234; echo $this->two; $this->three = 345; echo $this->three;As for "ideal", that depends why you want to use them.
-
$this is for the instance/the object, self is for the class. The instance doesn't exist until you create it so only instance methods can use it, while the class exists the whole time so both instance and static methods can use it. And no, it's not a bad practice. Not by a long shot.
-
I didn't follow half that question, but if you're asking about how to GROUP BY the item and get a SUM of the quantities then basically you just SELECT i.whatever item fields, SUM(q.quantity) AS quantity FROM whatever table is the master list of items AS i JOIN whatever table has the quantity AS q ON matching item GROUP BY i.identifier column(replace in actual names for the English) If you're having problems then post the schema of the table(s) involved.
-
Need Some Help With Member Experience Formula
requinix replied to ShoeLace1291's topic in PHP Coding Help
L = (E / 1000) ^ (7 / 10) L ^ (10 / 7) = ((E / 1000) ^ (7 / 10)) ^ (10 / 7) = (E / 1000) ^ (7 / 10 * 10 / 7) = E / 1000 1000 * L ^ (10 / 7) = EProtip: WolframAlpha is pretty cool- Solve for E - Graph of L for E=0 to 20k (shows that you gain levels more slowly) - Graph of E for L=0 to 50 (shows that it takes more and more experience to level) - Graph of ΔE for L=0 to 10 (shows how much more experience is required between levels) Comments: - That's a lot more experience than the 75 and 100 you used in your example. Maybe you want to tone it down? - This assumes members begin at E=0 L=0. If they start at E=0 L=1 then the equations need to change a little -
No you're right: it's not possible. fastsol gave you the answer:
-
Works for me. What's the rest of your code?