Jump to content


  • Posts

  • Joined

  • Last visited


Posts posted by HDFilmMaker2112

  1. Just to elaborate some more some of the files are like below.


    switch ($_GET['do']) {
        case 'passchange2':
    function pass_change()
        global $ui, $c, $userid, $h;
        print "<center><h4>To change your password, please fill out the information below.<br></h4><form action='?os=changepass?do=passchange2' method='post'>
    Current Password:</td><td><input type='password' name='oldpw' /></td></tr>
    <tr><td>New Password:</td><td><input type='password' name='newpw' /></td></tr>
    <tr><td>Confirm:</td><td><input type='password' name='newpw2' /></td></tr>
    <Tr><td colspan=2 align=center>
    <input type='submit' class='button' value='Change Your Password' /></form></td></tr></table></center>";
    function do_pass_change()
        global $ui, $c, $userid, $h;
        if (md5($_POST['oldpw']) != $ui['userpass']) {
            print "The current password you entered was wrong.<br />
    <a href='?os=changepass?do=passchange'>> Back</a>";
        } else if ($_POST['newpw'] !== $_POST['newpw2']) {
            print "The new passwords you entered did not match!<br />
    <a href='?os=changepass?do=passchange'>> Back</a>";
        } else {
            $_POST['oldpw'] = strip_tags($_POST['oldpw']);
            $_POST['newpw'] = strip_tags($_POST['newpw']);
            mysql_query("UPDATE users SET userpass=md5('{$_POST['newpw']}') WHERE id={$_SESSION['userid']}", $c);
            print "Password changed!<br>The next time you log in you will need to use your new password.";


    So if i use what they told me above and go to http://mucove.com/?os=changepass then try to change the pass it would try to do something like http://mucove.com/?os=changepass?do=passchange2 to change password but that doesn't work it just shows a blank page.


    Test the website with the username:test and pass:simpletest


    Is the code you posted contained in the page "http://mucove.com/?os=changepass"?


    Just as an example (you do NOT have to change the code to what I have, just checking I'm understanding you correctly), here's the way I have a site set-up.


    include 'aboutus.php';
    $section="- About Us";
    include 'contactus.php';
    $section="- Contact Us";


    In my contactus.php page I have:


    include 'contactform.php';
    $section="- Contact Form";

    Now I can get an URL of www.domainname.ext/index.php?page=contactus&do=showform

  2. Then let's try using that output to your advantage. This should work, assuming you've described the directory structure properly. See what happens with this code.


    And why did you add square brackets to the $files1, $files2 and $files3 assignments?


    works perfectly like that... just removed the echos and now it's absolutely perfect. Thanks.

  3. From your description, I think this is what you're after. Using a single dot signifies a path relative to the current directory, whereas a double dot indicates one directory above the current directory.


    $files1[] = glob("../*.php");
    $files2[] = glob("../includes/*.php");
    $files3[] = glob("../images/*");


    Still no luck. Any other ways to accomplish this without glob()?

  4. $files1[] = glob("./ghosthuntersportal.com/*.php");
    $files2[] = glob("./ghosthuntersportal.com/includes/*.php");
    $files3[] = glob("./ghosthuntersportal.com/images/*");
    $files[]=array_merge($files1, $files2, $files3);
    if(is_array($files) && count($files) > 0)
        foreach($files as $file)
    $lastupdated="Last Updated: ".date ("F j, Y", $filetime);


    This returns the below:


    Warning: filemtime() [function.filemtime]: stat failed for Array in /home/zyquo/public_html/ghosthuntersportal.com/includes/func.php on line 27



  5. You're sending a string to the max() function. When only one parameter is sent to max(), it must be an array. This is because of the way you're assigning the value: $filetime = should be filetime[] =.


    Added the [] results in this:


    Warning: max() [function.max]: Array must contain at least one element in /home/zyquo/public_html/ghosthuntersportal.com/includes/func.php on line 33


    The $files Array seems to be blank.

  6. On a *nix host, you can exec this: 


    find . -type f -printf '%TY-%Tm-%Td %TT %p\n' | sort -r | head -n 1


    Replace the "." with whatever the parent directory is of the tree you need to check.  I'd probably do something like this:


    $lastchanged = `/usr/bin/find /path_to_search  -type f -printf '%TY-%Tm-%Td %TT %p\n' | /usr/bin/sort -r | /usr/bin/head -n 1`;


    Keep in mind that this is going to scan the filesystem everytime it's called, so if this is a large tree, that could be some substantial IO.  The filesystem is not an indexed database.  The results you get are going to look like this:


    2011-06-11 12:42:55.0000000000 /home/david/foo.txt


    So you would have to break the string into pieces but that is something done easily with explode.


    I tried this just to check, error:


    Warning: shell_exec() has been disabled for security reasons in /home/zyquo/public_html/ghosthuntersportal.com/includes/func.php on line 34

  7. I came up with this:


    $files1 = glob("./ghosthuntersportal.com/*.php");
    $files2 = glob("./ghosthuntersportal.com/includes/*.php");
    $files3 = glob("./ghosthuntersportal.com/images/*");
    $files=array_merge($files1, $files2, $files3);
    if(is_array($files) && count($files) > 0)
        foreach($files as $file)
    $lastupdated="Last Updated: ".date ("F j, Y", filemtime($filetime));


    But I get this error:


    Warning: Wrong parameter count for max() in /home/zyquo/public_html/ghosthuntersportal.com/includes/func.php on line 32


    It returns a date of Last Updated: December 31, 1969.

  8. I just checked to see when the slashes are added and they're placed in there prior to mysql_real_escape_string, which makes no sense.... the function is not called prior to that at all.


    This is the form:

    <form action="./product_process.php?do=add" method="post">
    <p><label>Product Name:</label> <input type="text" name="product_name" size="30" />
    <label>Product Price:</label> <input type="text" name="product_price" size="5" />
    <p><label>Product Code:</label> <input type="text" name="product_code" size="30" /></p>
    <p><label>Product Category:</label> <input type="text" name="product_category" size="30" /></p>
    <p><label>Product Link:</label><br />
    <textarea name="product_link" rows="5" cols="30"></textarea>
    <p><label>Product Image:</label> <input type="text" name="product_image" size="30" /></p>
    <p><label>Product Tag:</label> <input type="text" name="product_tag" size="30" /></p>
    <p><label>Product Keywords:</label> <input type="text" name="keyword" size="30" /></p>
    <p><label>Product Hightlights:</label><br />
    <textarea name="product_highlights" rows="10" cols="60"></textarea>
    <p><label>Product Features:</label><br />
    <textarea name="product_features" rows="10" cols="60"></textarea>
    <p><label>Product Pros:</label><br />
    <textarea name="product_pros" rows="5" cols="30"></textarea>
    <p><label>Product Cons:</label><br />
    <textarea name="product_cons" rows="5" cols="30"></textarea>
    <p><label>Product Description:</label><br />
    <textarea name="product_description" rows="10" cols="60"></textarea>
    <p><label>Product Notes:</label><br />
    <textarea name="product_notes" rows="5" cols="30"></textarea>
    <p><label>Product Specifications:</label><br />
    <textarea name="product_specifications" rows="10" cols="60"></textarea>
    <p><input type="submit" value="Submit" name="Submit" /></p>

  9. When I submit a product using my admin panel, the PayPal button has slashes added to escape the double quotes in the paypal button. It's also adding slashes to my apostrophes. I didn't think it was suppose to add slashes, or they should atleast be pulled out on insert into the database?


    function sanitize($formValue){
    if(function_exists(get_magic_quotes_gpc()) && get_magic_quotes_gpc()) {	
    $formValue = stripslashes($formValue);
    $formValue = mysql_real_escape_string($formValue);
    return $formValue;





  10. I'm having an issue with this function:


    function copyyear($setyear){
    $year = date('Y');
    $copyrightdate="© ".$setyear;
    $copyrightdate.=" - ".$year."";
    return $copyrightdate;


    I'm echoing out the function here:


    <?php echo copyyear("2011"); ?> Ghost Hunter's Portal, L.L.C.


    This is resulting in:


    "Ghost Hunter's Portal, L.L.C." with no date in front of it.

  11. Alright, come to this result:


    SELECT $tbl_name.product_id 
         , AVG($tbl_name3.review_product_rating) AS avg_rating 
      FROM $tbl_name 
      JOIN $tbl_name3 
        ON $tbl_name3.product_id = $tbl_name.product_id 
    WHERE $tbl_name.product_category = '$cat' 
        BY $tbl_name.product_id
        BY avg_rating


    The above works perfectly for the basic product_category view. But when it comes to my search page it shows no results.


    Here's the search mysql query:

    $likeValues = "$tbl_name2.keyword LIKE '%" . implode("%' OR $tbl_name2.keyword LIKE '%", $keywords) . "%'";
    $sql10000= "SELECT * FROM $tbl_name JOIN $tbl_name2 USING(product_id) WHERE $likeValues GROUP BY product_id ORDER BY $sort_by_selected2 LIMIT $start, $limit";

  12. Would there be a way to simplify the following, so it's not got the while loop in it?

    $sql_average_rating="SELECT product_id, (SUM(review_product_rating)/(COUNT(review_product_rating)-1)) AS review_product_rating FROM $tbl_name3 GROUP BY product_id";
    $sql_insert_rating="UPDATE $tbl_name product_rating_average='$review_product_rating' WHERE product_id='$product_id'";

  13. I may need a sub-query. Basically I have a reviews table ($tbl_name3) which has product_id and review_product_rating. So there maybe 5 reviews for product_id "1", and 3 reviews for product_id "2"... I need to Average together the 5 reviews for product_id "1" and average together the 3 reviews for product_id "2" but not average together product_id "1" and product_id "2". So I need to average together the product's reviews independently of each other, and then ORDER the main query be those average values.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.