MDCode
-
Posts
640 -
Joined
-
Last visited
-
Days Won
1
Posts posted by MDCode
-
-
I disapprove use of this site. They teach out of date material and security is the least of their worries in teaching.
-
Great comeback. Never heard it before.
-
Because that's a great way to get help.
-
if(substr($test, 0, 1) == "0") { echo "valid"; }
-
Are you saying that guests can confirm purchase information? If so I would change that immediately.
However, I assume you have a way to add the information into mysql already. If so, you have easy choices:
1. Delete the information when they confirm a purchase
or
2. Use cron jobs
-
These two resources will help you with the all numbers and exactly 10 characters:
-
Consider the following URL:
http://domain.com/file.php?var=firstvar&secondvar=2
Now say that the following is in file.php
<?php // Not the most secure by the way. But will echo "firstvar" echo $_GET['var']; // Still not secure by the way. But will echo 2 echo $_GET['secondvar']; ?>
By using $_GET you can access anything in the URL. Just make sure you secure it before using in any queries or outputting on any page
-
I don't believe there is an alternative for the matter. (Although someone correct me if I'm wrong). If you really are so upset by it, you may have to write it out in some configurations file.
-
It works just fine on my end. What exactly doesn't work? You stated the if(isset()) doesn't work but what was the point in changing the query and filtering?
-
You first need a form for php to do anything. To get it on click you need to use javascript
-
I don't see anywhere that you are setting the session differently. It will always be what you set it to be, no matter what. And you are echoing your session outside of your if(isset()) { ($_POST['submit'] does nothing btw). So on every page load of course it's going to display before you click submit
-
Everything on your proces.php will run. So, why not assign your session id into a variable on proces.php?
$session_id = $_SESSION['id'];
Of course you would also need a session_start();
-
There are only a few things I can think of to even get the URL in JQuery, let alone get data from it. Perhaps you can somehow modify this:
<!-- Full URL http://domain.com/file.whatever?anyvar=something --> <script type="text/javascript"> alert($(location).attr('href')); </script>
Your second question however makes no sense. I assume you want to access php sessions in your JQuery? In which case it should work just putting in the source code.
<?php session_start(); $_SESSION['uid'] = "23123"; ?> <!-- other stuff --> <script type="text/javascript"> <?php echo "var stuff= '".$_SESSION['uid']. "';"; ?> alert('Err...hi? '+stuff+' '); </script>
-
Just because you're not collecting, doesn't make it any less illegal. I don't seem to get the purpose of doing this method if you can get it legally.
-
A quick google of the subject results in this being a common problem. However, most people report that it is a problem with either:
1) Compatibility mode being turned off
or
2) Running the 32-bit version instead of the 64-bit
-
.htaccess is a little shady for me. But give this a try:
Order Deny,Allow Deny from all <FilesMatch "\.(gif|jpe?g|png)$"> Order Deny,Allow Allow from all </FilesMatch>
This should allow only access to the specified image extensions
-
Remove the !. The mysql_real_escape_string() and trim() you added may also return it true.
-
! basically means return false on. so !isset() will look if it isn't set.
-
Personally, I would just use the php time() function and avoid the whole collision possibility.
-
if($totalsecondsnow > $totalsecondsthen) {
Shouldn't that be...
if($totalsecondsnow > $totalsecondsallowed) {
The way you have it now is like saying, if the current time is greater than their last activity, log them off. Although I'm not even sure the way above will still work
-
-
You aren't checking if the form is submitted, which is why you are getting undefined variables for username and pwd. You need to first submit the form, then (check if it was submitted) it will work.
-
You have action and method mixed up. Action is the page you want the form to go to. Method is what process you want to use, most common use is post and get
-
I believe forms overrule links (not sure). Since you have a submit button I'm assuming you have a form so, you will need to post the opening <form> tag
Login script
in PHP Coding Help
Posted
I suggest you look at the php.net site. session_register() and session_is_registered() are deprecated as of php version 5.3 and removed as of version 5.4
Not only that, but your site may have php settings configured that you may not be able to use those two functions, even if they have a version lower.
For more information check out:
session_register() and session_is_registered()