simboski19
-
Posts
36 -
Joined
-
Last visited
Posts posted by simboski19
-
-
That works like a treat Christian, thanks again.
I couldn't find any mention of the non-incremental regex in the post you mention. Any ideas?
I could post another topic more specifically for the non-incremental regex.
Thanks
-
Thanks for the advice Christian.
Yes I 100% agree with your view on the simplicity of the password, however this is controlled by the companies API we are having to tap into. We would indeed make the password much stronger but not our choice.
I'll certainly take a look at the link you have sent through.
Thanks again.
-
Hi there,
I am working with a web api that has specific requirements for the way it's passwords are formatted. I have used regex very rarely and therefore am very unfamiliar with how to structure them.
Basically one of the requirements is that the password entered should:
Be - not-repeating such as 'aaaa'
AND
Be - not-incremental such as '1234' or 'abcd'
My current code looks like this:
// Password requirements:
// Length: Minimal 4 chars, maximum 39 chars
if (strlen($password) >= 4 && strlen($password) < 40) {
// the password has at least 4 chars and is less than 40 chars in length
// Move on...
} else {
array_push($errors,'Your <strong>Password</strong> must be between <strong>4 and 39</strong> characters in length. Please try again.');
}
// Allowed chars: a-z, A-Z, 0-9, minus, underscore, at-sign and dot
REGEX TO GO HERE?
// Additional: not-repeating and not-incremental like 'aaaa' or '1234' or 'abcd'
REGEX TO GO HERE?
Could someone help me with the formatting please. I did look at the various links on first post in the forum but it was still way over my head!!!?
Any help would be much appreciated.
-
Hi there,
I am in the process of building a penny auction website using php / javascript. I am at the stage of developing the bidding process by which someone clicks to bid on an item, this resets a time counter and this runs over and over until someone wins when the clock strikes 00:00. My understanding is that I would be updating various database tables with the bidder information, updating the time remaining and doing this every second which would require a cronjob to be run on the server every second.
I wondered if anyone had real experience of working with / building one of these websites as this is slightly new to me? What I am unsure about is how complicated this constant requesting and serving information is? What are the best things to use to get / set the information.
I was planning on using php to update a table with the new bidder information and the date/time.
This would also update the product with the time remaining.
If a new user bids this overwrites this information and the process starts again.
Any information would be a massive help and much appreciated.
Thanks
Simon
-
Yes that is correct, it is simply posting to itself. Does this not have some validation issues however? Just a thought if it's empty thats all.
I have given this a go and I will let you know how i get on.
Many thanks
Simon
-
Hi there,
I am having some issues with a page failing security tests because of a form. The form's text input files is getting sanitized when posted but the only thing I can think is that the form action="" is $_SERVER['REQUEST_URI'] and this then includes anything that is within the URL.
<form name="zipcode" id="zipcode" action="<?php echo htmlentities($_SERVER['REQUEST_URI'], ENT_QUOTES, "UTF-8"); ?>" method="post">
<label for="zip" class="smalllbl">Zipcode: </label>
<input type="text" class="smallzip" name="zip" id="zip" value="" />
</form>
Has anyone else experienced this when running PCI Compliance style security tests? And if you have, why would this happen as the same form action is used elsewhere with no issues.
Many thanks in advance
Simon
-
Works like a treat. Many thanks
Simon
-
Great thanks.
I'll try both now.
Using $_GLOBALS, am I right in thinking this can then be used anywhere in the php file in multiple functions?
Thanks
Simon
-
Hi,
As the title suggests I am unsure on how to first run a query which stores values into an array. I then need to run a function multiple times but use the array within the function. How is this possible? I have had no luck figuring it out yet.
1. RUN QUERY
2. BUILD ARRAY USING QUERY RESULTS
3. RUN FUNCTION MULTIPLE TIMES
4. WITHIN FUNCTION I NEED TO USE ARRAY
Many thanks
Simon
-
Thanks for the information guys.
One thing though as I am not so clued up with the inserting of data in a safe manor apart from mysql real escape string(). Are you saying that as long as the data is made safe on entering and exiting the database there would never been an issue of security here?
Thanks
Simon
-
Thanks AyKay47, I will give this a go.
Hi Adam, I need to remove all tags and their content as i need to stop people inserted dangerous scripts into my DB. They were just a few examples but if you have any further suggestions they would be welcomed.
Thanks guys
Simon
-
Yeah i have tried around 4-5 of these functions that i discovered using Google search but this is slightly above my ability so just wondered if anyone had the same need in the past and a function that works.
Many of the preg_replace functions didnt work replacing all of the content and the tags.
Simon
-
Is there a way/function to not only remove <script>, <embed> tags etc but also remove the content within the tags so this:
"
some text
<script>
functionhere();
</script>
some more text
"
to this:
"
some text
some more text
"
In effect remove the whole tag and content within the tags? Havent been able to find anything online that works
Many thanks in advance.
Simon
-
Hi there,
Just tried the base href tag and it didnt work unfortunately. To give some more information here:
- In my .htaccess i have a RewriteBase /admin <- i need this to actually get to the correct files as my structure is:
/ -> root files for front-facing website
/admin/ -> the admin is found within this folder and within here this is where i need to tweak/change the DOC ROOT
- In my header i need to somehow redirect any files from root to /admin/(root now here)
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="stylesheet" type="text/css" href="/css/screen.css" media="screen" />
<link rel="stylesheet" type="text/css" href="/css/orange/orange.css" media="screen" />
So they would become:
<link rel="shortcut icon" href="/admin/favicon.ico" type="image/x-icon" />
<link rel="stylesheet" type="text/css" href="/admin/css/screen.css" media="screen" />
<link rel="stylesheet" type="text/css" href="/admin/css/orange/orange.css" media="screen" />
Thanks
Simon
-
Thanks premiso.
I havent heard of that tag so i will give it a go now and let you know how i get on.
Many thanks
Simon
-
Hi there,
I do apologise I may have explained it poorly. I have actuall got that installed already and that sorts out anywhere I have DOC_ROOT.
My issue is actually anywhere I have a path to a file e.g. /website.css or /website.js it will not reference correctly because it is going back a folder (hope that makes sense).
So I guess my question is can you change the .htaccess or apache to rewrite / to become /admin/???
Thanks (and sorry for the confusion)
Simon
-
Hi there,
I am working on a website which has a sub-domain set as a folder and not an actual sub-domain (as my client does not want to do this which is another story). Anyway, all of my links which relate to the DOCUMENT_ROOT are not working. Example below:
www.website.com
www.website.com/admin - my sub-domain in a folder
I can access a page within www.website.com/admin however all links to files, css files etc will not work because the DOCUMENT_ROOT does not inlcude the /admin/.
My question is therefore is there some way of adding in this /admin/ step or fooling php/apache to include this in all files within the /admin/ folder.
Many thanks
Sim
-
Hi there,
I have just figured this out using CONCAT. Here is the way to do it for anyone else who may need this method:
(select feedprice/conversionrate from tblcurrencies where conversiontype = CONCAT(currency, 'GBP'))
Works like a treat.
Thanks for all the help, really appreciated!
Simon
-
Hi there,
I have the theory sorted and the query 95% complete, however I can't seem to select the currency from the same sub-query. This is what I have:
[...]
converted_price
from (
select
m.product_id AS product_id,
m.product_name AS product_name,
m.product_description AS product_description,
m.product_image AS product_image,
m.product_brand AS product_brand,
m.product_active AS product_active,
cj.masterid AS masterid,
cj.catid AS catid,
cj.subcatid AS subcatid,
mr.merchantname AS mername,
mr.currency AS currency,
case
when f.product_sale_price != '0'
then f.product_sale_price
else f.product_price
end feedprice,
(select feedprice/conversionrate from tblcurrencies where conversiontype = currency".$_COOKIE['currency'].") AS converted_price
[...]
The conversion works well and I have successfully retrieved the correctly converted price when manually entering the 'curreny' in the new select i.e. USDGBP which means the currency of the product is in USD and the currently selected currency (which is stored in a cookie) is GBP. This is then placed into my currency table like this:
conversiontype conversionrate
USDGBP 1.54838
When I run the query it returns something like this:
(select feedprice/conversionrate from tblcurrencies where conversiontype = currencyGBP) AS converted_price
Any ideas how I first retrieve the currency which isnt working at the moment and also how I write the code to do this. Currently I cant think how to write this php/mysql into the select.
Many thanks
Simon
-
Brilliant. I shall give this a go and get back to you how I get on.
Thanks a million
Simon
-
Hi Dan,
This is the structure of my query:
select
product_id,
product_name,
product_description,
product_image,
product_brand,
product_active,
masterid,
catid,
subcatid,
mername,
currency,
min(feedprice) feedprice
from (
select
m.product_id AS product_id,
m.product_name AS product_name,
m.product_description AS product_description,
m.product_image AS product_image,
m.product_brand AS product_brand,
m.product_active AS product_active,
cj.masterid AS masterid,
cj.catid AS catid,
cj.subcatid AS subcatid,
mr.merchantname AS mername,
mr.currency AS currency,
case
when f.product_sale_price != '0'
then f.product_sale_price
else f.product_price
end feedprice
from tblmpr m
JOIN tblmpr_mpc_junction j ON (m.product_id = j.mprid)
JOIN tblfeeds f ON (j.product_xmlid = f.product_xmlid)
JOIN tbl_mpr_cat_junction cj ON (cj.mprid = m.product_id)
JOIN tblmerchants mr ON (f.supplier_id = mr.merchantid)
JOIN tblaffiliates af ON (m.product_affiliate = af.affiliateid)
WHERE
masterid = $masterid
AND
catid = $categoryid
AND
subcatid = $subcategoryid
AND
m.product_active = 1
AND
f.product_active = 1
AND
mr.active = 1
AND
af.active = 1
$addgender
$addbrand
ORDER BY feedprice
) as x
GROUP BY product_id
$pricesort
I have made the main price BOLD. This is the price I would need to convert before then ordering in the outer query. You will see a table named: tblmerchants (mr) - this is where the currency is stored. It is only stored as a string i.e. GBP, USD or EUR. Would I need to store the actual exchange rate here?
Thanks
Simon
-
Hi all,
I have a mysql query which pulls out products to display. In my database each product has a price associated with it. These prices are mixed so I have products from the US, UK or Europe and obviously these prices will be in these different currencies:
Product X - 1.99 (GBP)
Product Y - 3.99 (US Dollars)
Product Z - 2.99 (Euros)
My query pulls out products into a list format which can then be sorted by price. My query uses ORDER BY price. I then convert the price retrieved into the default currency (using php). So you can imagine the prices that are sorted can sometimes look incorrect when displayed as they will be sorted and then converted.
My question is can you convert an integer within a mysql query???
Thanks
-
Dammit. Just put it back in all working great.
Thanks again
-
It seems Adam that the query is calculating the correct cheapest price from the list of child products, however it is using the first merchant it comes to.
Simon
Help with Regex: no-repeating and non-incremental password
in Regex Help
Posted
Ah sorry Christian, I must have mis-read your previous email.
Yeah sure, I'll give it a go without the use of a regex.
Many thanks again for your help