Nolongerused3921
Members-
Posts
141 -
Joined
-
Last visited
Everything posted by Nolongerused3921
-
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
Don't suppose anyone knows...? Was kind of hoping to figure this out so I could finish this up -
If you mean to the actual image itself, try http://www.php.net/manual/en/function.imagerectangle.php or make the image a few pixels bigger, use http://www.php.net/manual/en/function.imagefill.php, then import the picture and offset it a pixel or two.
-
I concour and err... Try [code] <br /> or <div style="padding-top: 5px;">Text</div> [/code] (I had typed this in my previous post but had no idea that SMF parses br's
-
Not really a php question, but have you tried <br />?
-
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
Yes it was a typo in the post... Too bad, I thought it was that simple :( And this may help a bit... The data from MySQL (Unedited, directly from phpmyadmin) : [quote] Wonder\r\n\r\n\r\n\r\n\r\n\r\nIf\r\n\r\n\r\nTHis\r\nREALLY\r\n\r\n\r\nWORKS\r\n\r\n!? [/quote] (I wrote a new string to just test this and not stripping \') The html from the edit area: [code] <textarea name="content" cols="80" rows="20">Fixed \r\n\r\nit\r\n\r\nshould\r\n\r\n\r\n\r\nwork\r\n\r\n\r\n\r\n\r\nNOW!</textarea> [/code] From just printing the item: [code] Fixed \r\n\r\nit\r\n\r\nshould\r\n\r\n\r\n\r\nwork\r\n\r\n\r\n\r\n\r\nNOW! [/code] The code to print it: [code=php:0] <?php print $parser->content($temp_data[content]); ?> [/code] -
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
I have taken out stripslashes altogether as well -
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
Nope... Still not working, same output regardless of where $data = stripslashes($data); and $data = nl2br($date); are placed -
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
I did run it through nl2br, look at the bottom of the bbcode function... :( -
Could probably loop through an array using foreach and set the definition name to the ID... Such as: foreach($array as $id => $value) { define($id, $value); } But like jesirose and gennericnumber1 hinted at, using defines is incredibly messy and variables are generally better... Honestly the only time I've ever used a define is for error numbers that are used everywhere.
-
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
If I take it out, it just shows as \n\n\n\n\n... Its not parsing it for some reason -
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
Errr sorry about the confusion... [quote] Fixed's 'should''' be ''' workingrnrnrnrnYAY! [/quote] Thats what the html output is, as in - what a person would see if they were viewing that article.... What I actually wrote, and commited to the database was: [quote] Fixed's 'should''' be ''' working YAY! [/quote] -
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
It... Doesn't convert it to actual new lines, that quote I pasted was after it ran through content(), in an html area... As for showing a live example - it'd take me awhile, as I'm currently testing locally... -
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
Okay thanks, but er... Is there an answer to my question? -
Posting information across multiple forms
Nolongerused3921 replied to Merdok's topic in PHP Coding Help
You can't use that for uploading files, you'd have to use a serialized array but even then there are security problems... I suggest you do the uploading last so that it doesn't need to be pushed to another form. If you absolutely [b]have to[/b], try: $file = serialize($_POST['file']); Then put $file into the hidden form element... But be forewarned, there are more than likely vulnerabilities just waiting to pop up for using this method, as it lets people see your directory structure. Oh and to get it back to an array, just do $file = unserialize($_POST['serialized_file']); -
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
Why was my post edited...? -
Posting information across multiple forms
Nolongerused3921 replied to Merdok's topic in PHP Coding Help
I don't know there would be too many things going on at once, but if you want to split it up just use <input type="hidden" value="<?php print $_POST[value]; ?>" /> Would that solve your problem? Or am I completely misunderstanding you -
mysql_real_escape_string breaking \n
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
[quote] Fixed's 'should''' be ''' workingrnrnrnrnYAY! [/quote] Was inserted as [quote] Fixed's 'should''' be ''' working YAY! [/quote] Or something similar... I had just fixed my $_POST import function (To parse it all before a user has access to it), and it turns out it wasn't calling mysql_real_escape_string, so I added it and now er... It seems to have broken the ability for new lines to work. Portion of the $_POST import function (The only part of it that pertains to this, the entire function is over 70 lines) [code] <?php if (get_magic_quotes_gpc()) { $tmp_data = stripslashes($tmp_data); } if ($filter_type == 2) { $tmp_data = htmlentities($tmp_data); $tmp_data = mysql_real_escape_string(strip_tags(trim($tmp_data))); } elseif (!is_numeric($tmp_data)) { //Then we can finish this.. otherwise it should be safe if it's just a number.. $tmp_data = htmlspecialchars($tmp_data, ENT_QUOTES); $tmp_data = mysql_real_escape_string(strip_tags(trim($tmp_data))); } ?> [/code] My content/bbcode parsing (The part that is called in order to strip slashes, convert nl2br, convert bbcode, etc.): [code] <?php function bbcode($data, $bbcode_on = TRUE){ $db = $this->db_class; if ($db->is_connected() == NOT_CONNECTED){ $db->connect(); } $data = htmlspecialchars($data); $data = stripslashes($data); $pattern = array(); $replacement = array(); $bbcode = $GLOBALS['bbcode']; if ($bbcode_on = TRUE) { for ($i = 0; $i != count($bbcode); $i++) { if ($bbcode[$i][type] == "bbcode") { array_push($pattern,$bbcode[$i][pattern]); array_push($replacement,$bbcode[$i][replacement]); } if ($bbcode[$i][type] == "smiley") { $data = str_replace($bbcode[$i][pattern], "<img src='".$this->rdir."images/smilies/".$bbcode[$i][replacement]."' />", $data); } } $data = preg_replace($pattern, $replacement, $data); } $data = str_ireplace(chr(10), "<br />\n", $data); nl2br($data); return $data; } function content($data, $bbcode_on = TRUE) { $data = html_entity_decode($data); $data = $this->bbcode($data, $bbcode_on); return $data; } ?> [/code] All content is sent through content($data, TRUE/FALSE), and this is what is [b]now[/b] screwing it up, but prior to adding real_mysql_escape_string, it was working fine. -
The title says it all, for some reason mysql_real_escape_string breaks \n... Even with stripslashes(). How do I fix this...?
-
That did it, thanks 448191 - I now love this mock registry :D
-
I'm about to make a drastic change to my site engine, however before doing so I want to confirm GLOBALS (I rarely use them).... Right now I'm defining classes like this: [code=php:0] $filesys = new filesys(); $parser = new parser($mysql,$settings[0]['root_dir']); $user = new user($mysql,$parser,$default_group); $articles = new article($mysql); [/code] As you can see I pass variables through like that, however this is getting to be a major problem... So I'm wondering, how global ARE global variables? Can I define a class definition as a global and access it's functions in another class (A whole other file altogether)... Do I have to define this global before I require it, or does php process globals prior to executing any other code. The reason I ask is because I need to reuse the same basic code over and over again in multiple modules (Article module defined above, for instance*), and I [b]really[/b] hate having to pass class definitions through the startup function, or even a class function ($article->update($class_definition, $othervariable); ) *You can't tell from the code, but modules are automatically loaded based on class definitions... So if I assign "new article();" to a variable, it will automatically load /modules/article.mod.php prior to defining the class.
-
I just stress tested my download.php script, and I found that with files over 3mb, apache eats up quite a bit of memory and goes to ~90% CPU for a short bit while it loads the file... There has [b]got[/b] to be an alternative to this, as I may be serving files [b]up to and possibly above[/b] 120mb to literally thousands of people a day... My server simply can not handle this, and I honestly don't think many can. So my question is this... How can I serve a file, securely and secretly - while maintaining complete control over who gets to access the file, without having to load it into memory.
-
[SOLVED] SESSION being set even before its called
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
Okay thanks, I was worried there since it wasn't showing up for me. -
[SOLVED] SESSION being set even before its called
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
That fixed it! Thanks, the bug has annoyed me to no extent for the past 2 weeks, I just never put any real thought into it until now. Edit: Wheres "topic solved"...? -
[SOLVED] SESSION being set even before its called
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
Well... To be honest I've been aware of the problem for awhile, I just need to know how to fix it, which like you said is another issue :( If anyone has ran into this problem before I would be incredibly thankful if you'd tell me how you fixed it -
[SOLVED] SESSION being set even before its called
Nolongerused3921 replied to Nolongerused3921's topic in PHP Coding Help
Well $_SESSION is considered a header, is it not? I'm afraid that its automatically being placed before the logic in the buffer then the php is being executed afterwards... Although I'm not sure I just know that after placing [b]many[/b] print's, the $_SESSION is screwed up when inside the main logic ($action == "blah"), as long as another $_SESSION reassignment is in there as well... Which makes me think SESSION really is a header, and php doesn't execute code until after moving headers.