pwntastic

All this brings up another question, is binding really better than using something like mysqli_real_escape_string?

I see. Bind I shall then. Thanks everyone!

Hello, I am pretty new to PDO but have heard that it is good to use prepared statements to help avoid mysql injections. What I'm wondering is, when using prepare, does one need to bind parameters or would one be able to do something like the following without risking security? $db = new PDO(..); $r = $db->prepare("SELECT * FROM test WHERE col=$_POST['col']"); $r->execute(); Thanks

Yep that was what was happening lol thanks for your help.

Hello, I'm having a problem with a popup I'm making. This problem is only in the android default browser however it works well in any other browser. With JavaScript, I found out that when I click anywhere within the popup, it doesn't tell me I'm in #popup, it tells me that I am in the #popup_wrapper I imagine it's something witht he size because when i zoom out it works well. What would cause this issue? Thanks in advance. My code is actually inline and not like here. I just put it out like this because I thought it would be easier to read. <style type="text/css"> #popup_wrapper{ overflow: hidden;z-index: 100;width: 100%;height: 100%;background-color: #c0c0c0;background: rgba(0, 0, 0, 0.5);position: fixed;top: 0px;left: 0px;font-family: 'Karla', Arial, Sans-Serif;color: #5a5353; } #hor_wrapper{ width: 100%;height: 450px;position: relative;top: 15%; z-index: 101; } #popup{ height: 450px;width: 450px;margin: 0 auto;background-color: #fff;border-radius: 7px;box-shadow: 3px 3px 5px #000; z-index: 110; } #popup_header{ width: 400px;height: 150px;margin: 0 auto; } img{ width: 250px;height: 100px;position: relative;left: 75px;margin: 15px auto; } h1{ text-align: center; font-size: 25px; margin-bottom: 0px; } p{ width: 350px;height: 40px;margin: 15px auto;line-height: 20px;font-size: 16px; } #opt1{ line-height: 100px;border: 2px dashed #fcc4ab;outline: #fcc4ab solid 2px;text-align: center;color: #fff;height: 100px;width: 150px;background-color: #fcc4ab;float: left;margin: 40px 20px;text-transform: uppercase; cursor: pointer; } #opt2{ line-height: 100px;border: 2px dashed #aca9a9;outline: #aca9a9 solid 2px;text-align: center;color: #fff;height: 100px;width: 150px;background-color: #aca9a9;float: right;margin: 40px 20px;text-transform: uppercase; cursor: pointer; } </style> <div id="popup_wrapper" style=""> <div id="hor_wrapper" style=""> <div id="popup" style=""> <div id="popup_header" style=""> <img src="image.jpg" alt="image goes here" style=""> <h1 style=""> Lorem ipsum! </h1> <p style=""> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Nam cursus. Morbi ut mi. Nullam enim leo, egestas id, condimentum at, laoreet mattis, massa. Sed eleifend nonummy diam. </p> <div id="opt1" style=""> Option 1 </div> <div id="opt2" style=""> Option 2 </div> </div> </div> </div> </div>

Hello, talked to someone from bigcommerce it was a problem with them...dude said the only way to fix it was to get my own SSL but I found a way around it...thanks requinix I appreciate the attempt.

Honestly, I cannot reproduce this error either o.O . It must be something with bigcommerce. Is there another way to redirect people to another site? I'm not trying to send the person to https://ssl.candystand.com I'm trying to send them to http://www.candystand.com however, it keeps sending to the weird url. I did the window.location = 'http://www.candystand.com'; just like that and the .href also but the outcome is the same. Is there another way to redirect a person to another page with js?

I know thats why. Is there another way to forcefully redirect. I have no control over the server sided stuff as I'm working bigcommerce.

Yea I did this: window.location = "http://www.candystand.com"; and even this: window.location.href = "http://www.candystand.com"; but both just redirect to http://ssl.candystand.com I don't understand the anchor href is equal to something like: domain.com/page that works fine I'd imagine location.href should work the same? I tried https://ssl.domain.com for the page I'm working with to see if that redirects? however it is unexistant Is there another way to redirect with javascript?

Hello, I'm using window.location = 'http://www.websiteISpecify.com'; to redirect a person. This works fine in one page, however, in another one found in another domain with ssl, it redirects me to a url like the following: https://ssl.websiteISpecify.com How would I make it direct me to the page I'm specifying without adding these extra things? Thanks in advance.

I've figured out the problem. Was pretty silly on my part. It wasn't displaying information on other browsers because there was no information in the cart for those browsers. I apologize for this and I'm thankful for those who attempted to help.

Hello, I figured out I can use $.parseHTML() or DOMParser(). I can't use $.parseHTML because the code I'm working on uses jquery 1.7.2 (using the current vers. causes problems with some other parts of the page). For some reason when I use DOMParser, seems to work on chrome and fire fox but not on ie. I've tried a simple example though in ie with the DOMParser and that worked well. Why would it not work on ie? I believe it should work in ie8+. Also, another problem I found is that ff and ie read my regular expressions differently. My regular expression is like so: \<tbody\>[\s\<\>a-zA-Z\=\"\:\/\d\.\-\_\&\;\[\]\,\#\(\)\'\?$$]*\<\/tbody\>/g In chrome this expression returns all the code between tbody tags. In ff and ie it only returns the beginning and ending tbody tags and some space in between. Why is this?

Yes, the thing is I have a table with prices, item names, item options, and other item related info from the ajax request. I'm trying to get this information, and display it in a div but I can't display it the way it is in the table. So I would like to extract the information, and place it in my own layout. The code displayed last by me, is only a demonstration of one way I was trying to do this but I have failed miserably.

I'm not too familiar with this. I tried something simple like this to try to get the hang of it but I get weird results. I've been googling this around and have come across similar for loops to put the data in. <html> <head> <script type="text/javascript" src="jquery.js"></script> <script type="text/javascript"> window.onload = function() { var data = document.body.innerHTML; var div = document.createElement('div'); div.innerHTML = data; var matches = new Array(); for (var i = 0; i < data.length; i++) { matches.push(data[i]); } } </script> </head> <body id="body_content"> <div> hello <div> hello <div> hello </div> </div> </div> </body> </html> in this code I get data.length = 203

I have no control of the output since its not my application. I just have to use that data.

Hello, I have some html in a string from an AJAX response. I'm currently trying to filter certain information. I tried to extract rows from the table with a regular expression but the problem is the table is made something like this: <table> <tbody> <tr> <td>DATA</td> <td>DATA</td> <td><table><tbody><tr><td>DATA</td></tr><tr><td>DATA</td></tr></tbody></table></td> </tr> My regular expression is: <tr>[^()]*<\/tr> This gets the first tr through like the second </tr> in the nested table though. Does anyone have any suggestions with the regular expression or even a better way to go about this? Thanks in advance.

Hello, I have a function which gets data from a div1 and is suppose to display it in another div2. This function is executed when the page is loaded, and again on mouseover of a third div. So when first loaded, it has 1 value. Then this value is updated through a form without refreshing the page. When I do the onmouseover on div3, it still displays the 1 value even though it should be 2 values now. If I view source, it displays 2 values in that third div. If I refresh the page, it then shows 2 values. It does this if I keep increasing values even though the source code has the correct number of values. Why does it do this and how could I fix this issue? I've posted the function here...the function is suppose to place the data into a fourth div. function get_data(){ product_data = $("#get_data").find(".ProductList").html(); product_data = '<ul id="product_list" style="list-style: none; margin: 0 auto; padding: 0; width: 300px; height: auto; display: block; vertical-align: middle; position: relative; top: 10px;">' + product_data+ '</ul><div id="button_wrapper" style="margin: 30px auto; width: 350px; height: 70px;"><a style="color: #fff; display: block; background-color: #5a5353; width: 120px; height: 50px; margin: 10px; float: left; text-align: center; line-height: 45px; border: 1px dashed #fff; outline: 2px solid #5a5353;" class="link_button" href="http://www.vapenvapor.com/cart.php">View Full Cart</a><a href="https://store-fiaz3cj8.mybigcommerce.com/checkout.php" class="link_button" style="color: #fff; display: block; background-color: #5a5353; width: 120px; height: 50px; margin: 10px; text-align: center; line-height: 45px; border: 1px dashed #fff; outline: 2px solid #5a5353; float: right;">Checkout</a></div>'; $("#cart_preview").html(product_data); $("#cart_preview>#product_list>li").css({"margin" : "10px 0 10px 0", "border-bottom" : "1px dashed #fff ","padding": "5px"}); $("#cart_preview>#button_wrapper>.link_button").css({"color": "#fff", "display": "block", "background-color": "#5a5353", "width": "120px", "height": "50px", "margin": "10px", "float": "left", "text-align": "center", "line-height": "45px", "border": "1px dashed #fff", "outline": "2px solid #5a5353"}); }

Hello, I'm trying to see if it's possible to send data with JavaScript to a PHP file on another server. I'm working on a project where I'm pretty much limited to html, css, and js because of where the site is being hosted. I was thinking I could create a PHP file on another server though, and then just pass data with javascript. The only thing I can think of right now is form action or window.location and some GET method, but I'd like to see if there's a way that this can be done without redirecting the person back and forth.

yes, you can do something like: $sqlget = "SELECT * FROM `For_Sale` WHERE `input_body` = 'sedan' ORDER BY `input_build` ASC"; just as long as you have a column in your db named input_body

hey requinix, whenever i moved the header() to the top and commented it out and put error_reporting(E_ALL) it showed the error along with the binary data...it turned out that the font file was corrupted...when it was moved it's contents were copied and pasted onto a new file but it had some characters that the browser wasn't able to read im guessing so what was copied was wrong...thankyou for your help

Hello, i have it understood that since you are using "" within "" you'd have to use \ to escape...for example in the first example you are concatenating your string and $t[$key]->title so it wasn't necessary there.

well the thing is the code was originally working well...it was just moved into another folder somewhere else but the directories were changed in the php files to match the new location...I have no idea why this is happening...and even on local server this code is working well...i even changed the $_SESSION='hello' and it displays hello on local server...on hosted it doesn't show any text...that's why i originally thought there was something with the imagettftext() since the rest works

i saved the image without the header() and when i open it with notepad it just displays the binary data...infact it saved the image just how it's displayed on the page...it only allowed me to save it as .png or .bmp

Hello, if you want to just display it seperately you can do something like: <?php $name = $_COOKIE['name']; $age = $_COOKIE['age']; //if you echo $name or $age it should display(according to the info in your description) name: mohit and age: 22 ?>

yea but for some reason here it doesnt ...it still displays gray box and lines O.o even if i enter the direct url to this file...when i delete imagejpeg() then it doesn't show the image