Jump to content

Insecure

Members
 View Profile  See their activity

  • Posts

    11

  • Joined

  • Last visited

    Never

About Insecure

  • Birthday 12/21/1986

Contact Methods

  • AIM
    xIx+Insecure+xIx

Profile Information

  • Gender
    Not Telling
  • Location
    Wisconsin, USA

Insecure's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Insecure
    No problem, sorry I forgot what I called it apparently lol. Thanks for the catch wildteen.
  2. Insecure
    if (substr($_SERVER['HTTP_HOST'],0,3) != 'www') { header('HTTP/1.1 301 Moved Permanently'); header('Location: http://www.'.$_SERVER['HTTP_HOST'] .$_SERVER['REQUEST_URI']); } ?>"; Why is your last line ?> and then "; Try removing the ?> ??
  3. Insecure
    What error are you getting?
  4. Insecure
    The first file you posted, the one with the header(). Is that your member.php file?? Secondly, I see this: while($row = mysql_fetch_array($query)) { if ( $_POST['new'] == $_POST['confirm'] ) [b]{}[/b]else{ Are you purposely trying to do an else statement right away? If so, why not do != instead of ==?
  5. Insecure
    Did you do any updates to this? Something with SEO?? // ################# Start recognize SEO Url data #############################
  6. Insecure
    How about this: <?php require "connect.inc.php"; echo "<table width='700'> <tr> <th></th> <th>Member</th> <th>Grade</th> <th>Played</th> <th>Won</th> <th>Drawn</th> <th>Lost</th> <th>Points</th> <th>&#38;#37;</th> </tr>"; $result = mysql_query("SELECT * FROM members"); while ($row = mysql_fetch_array($result)) { $percent = round($row['points']/$row['played']*100, 2); echo "<tr>"; echo "<td>" . $row['id'] . "</td>"; echo "<td>" . $row['member'] . "</td>"; echo "<td>" . $row['grade'] . "</td>"; echo "<td>" . $row['played'] . "</td>"; echo "<td>" . $row['won'] . "</td>"; echo "<td>" . $row['drawn'] . "</td>"; echo "<td>" . $row['lost'] . "</td>"; echo "<td>" . $row['points'] . "</td>"; echo "<td>" . $percentage. "</td>"; echo "</tr>"; } echo "</table>"; ?>
  7. Insecure
    @MrSean: Lol oops typo thanks for catching that... I'm not sure how well this will work, but how about trying this? $queryString = $_SERVER['QUERY_STRING']; echo "Query: " . $queryString; Will that get the result?
  8. Insecure
    Lets say you have: http://www.domain.com/?x=value In your script you can do: $x = $_GET['value'];
  9. Insecure
    How about making another table that has a couple columns like: ID IP Data Shown Then you insert the ip of the user and which data is shown, then as you pick a "new/random" one, check to see if it is in this table, if it is, pick a new one...?
  10. Insecure
    I'm not sure if you plan on keeping your code that way, but I would not use the $_POST in the SQL code, that could cause security issues down the line, but also, I'm not sure why you are putting in "\" in your sql? I would try something like this: $user = $_POST['user_name']; $pass = $_POST['password']; "SELECT * FROM users WHERE user_name=$user AND password=$pass"
  11. Insecure
    I am looking for a little help with some php. The code that I have posted is all working properly, but as you can tell it is pretty messy and I think is probably the hardest way to come up with the results. I am wondering if anyone can help me clean up this code a little. I am not a pro by any means with php but I do understand a bit. I have never been able to really understand the join option in MySQL and I'm thinking that might help me here but I am not sure. If any one has any ideas of how to make this cleaner I would appreciate the feedback. $info = ''; $rgs_sql = $db->query("SELECT * FROM " . DB_RANKGROUPS . " WHERE `display` = '1' ORDER BY `displayorder` DESC"); while($rgs = $db->fetch_array($rgs_sql)) { $rankgroupID = $rgs['id']; $rankgroupName = $rgs['groupname']; $info .= " <table width='75%'> <tr> <td><center><font size=+1 color=white><strong>$rankgroupName</strong></font></center></td> </tr> </table> <table width='75%'> <tr> <td width='15%'><strong>Rank</strong></td> <td width='25%'><strong>Username</strong></td> <td width='20%'><strong>Content</strong></td> <td width='20%'><strong>DSL</strong></td> <td width='15%'><strong>Online Status</strong></td> </tr> "; $ranks_sql = $db->query("SELECT * FROM " . DB_RANKS . " WHERE `display` = '1' AND `group` = '$rankgroupID' ORDER BY `ranknum` DESC"); while($ranks = $db->fetch_array($ranks_sql)) { $rank = $ranks['ranknum']; $sql = $db->query("SELECT * FROM " . DB_MEMBERS . " WHERE `rank` = '$rank' AND `status` = '1' ORDER BY `username` ASC"); while($row = $db->fetch_array($sql)) { $username = $row['username']; $rank = $row['rank']; $dsl = "Hello"; $onlinestatus = "on"; //$users->getOnlineStatus($row['id']); $info .= " <tr> <td width='20%'><img src='".RANK_IMAGES."/$rank.".RANK_IMAGES_EXT."'></td> <td width='25%'><a href=index.php?page=Members&profile=$username>$username</a></td> <td width='20%'>Content</td> <td width='20%'>$dsl</td> <td width='15%'><center><img src=/includes/images/$onlinestatus.gif'></center></td> </tr> "; } } $info .= " </table><br> "; }
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.