Jump to content


  • Posts

  • Joined

  • Last visited

Posts posted by fugix

  1. in your failed address function, change to

    function FailedAddress() {
      return $this->failedAddress; //remove the $

    you will also need to change the messageText function as well

    function MessageText() {
      return $this->messageText; // remove the $

  2. you need to create an instance of your class first, you have not defined the variable that you are trying to use

    include ('PopmongerClass.php');
    $Popmonger = new Popmonger();
    echo $Popmonger->FailedAddress();
    echo $Popmonger->MessageText();

  3. function headerReturnImages() {
    $query = mysql_query("SELECT image_image FROM reviews ORDER BY image_id ASC");
          while ($fetch = mysql_fetch_array($query)) {
          echo'<img src="images/';
          echo $fetch["image_image"];
          echo '" alt="" class="active" />';
          echo'<img src="images/';
          echo $fetch["image_image"];
          echo '" alt="" />';

  4. the reason why $_SERVER['PHP_SELF'] poses such an issue as far as injection is concerned, is because it incorporates $_SERVER['PATH_INFO'] which can be tampered with by users. To my knowledge, $_SERVER['SCRIPT_NAME'] does not incorporate PATH_INFO, however I would check a reference before being confident

  5. Aha.


    The culprit? This:


    header("Location: http://" . $HTTP_HOST . $SCRIPT_NAME . "?id=" . $validentry);


    Needed to be this:


    header("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . "?id=" . $validentry);


    I guess the syntax for predefined variables must have changed some time after the publication of the manual I'm using. Either way, I've spent years working with and debugging C, Java and VB, but php is clearly an all-new sort of monster in this sense.


    None the less, thanks for all your help and hopefully I didn't waste too much of this board's time. I'll try to keep the n00b issues to a minimum  ;)

    wow yeah, didn't even notice that, dumb of me...those variables are stored in the $_SERVER predefined array. Glad you found your error

  6. try this

    * @author ohyeah
    * @copyright 2011
    $dir = 'C:/wamp/uploads/';
    $files = scandir($dir);
    foreach($files as $filedownload){
        if(substr($filedownload, 0, 1) != '.'){
            $file_size = round((filesize("$dir/$filedownload")) / 1024) . "kb";
            $filedownload = urlencode($filedownload);
            echo "\t<tr>
            \t\t<td><a href=\"{$dir}{$filedownload}\">$filedownload</a></td>

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.