holiks
-
Posts
83 -
Joined
-
Last visited
Never
Posts posted by holiks
-
-
side and top bar seem a little square(ish) even with the diagonal pattern...which the side bar doesn't even have. the archaic scrolling of the 3 vans can change a bit....maybe at least add more variety of not to replace it with some ofthe special effect.
-
What do you think?
btw no email confirmation required right now to view rest of site. just a login/password
-
^bump^ <- anybody do that anymore
-
Points much noted...I agree on having a function/class in place for handling submitted data. Just wishing quotes didn't have to be such a prob with database which is causing extra overhead to store data (which is reasonable) AND also just to retrieve it....in mysql at least. Valuable input there thank you.
-
www.fairslice.com
Tried to be simple and effective. Could probably use a bit more "solidness" ? I'm especially interested in your views on the multimedia areas , specifically the Pictures section of a member's profile. I just approached this site with a VERY blank mind. No concepts borrowed, no tips taken nothing. Except for the calendar section. I borrowed a vey basic calendar from somewhere (gotta dig up to find the author) and modified it to my needs (i enabled the setting/highlighting of events. And of course the games.
The contact list request thing I tried to keep separate in its own section of the site away from your message inbox(which only recieves a "notice" unlike other major sites that mix n mingle your private messages and requests
) The chatroom was also designed ground-up but i have serious doubt about the underlying code powering it. Relying on periodic html refreshes to update the chat screen. ...ajax comes to mind but we'll see.
the bulletins section again from the ground-up was built with simplicity of code in mind and i think it works pretty well...so far.
I added a sort of "live preview" to pages that submit a message or bulletin anywere. A personal touch I haven't seen yet. USes javascript though. Wasn't too hard
-
Is it safe in any way to say that the following code can be used as a method to prepare user-submitted data for submission to something like say a Database?
foreach($_REQUEST as $var => $value) { if(is_array($_REQUEST["$var"])) { foreach($_REQUEST["$var"] as $var2 => $value2) { $_REQUEST["$var"]["$var2"] = htmlspecialchars($value2, ENT_QUOTES); } } else { $_REQUEST["$var"] = htmlspecialchars($value, ENT_QUOTES); } }Can one now take any of the now_processed $_REQUEST vars and play around wrecklessly without worrying about malicious input?
For database storage that is.
-
Oh and BTW I really appreciate the input on security....always useful...and I see many posts in this section even requesting it. But feel free to speak on other aspects...your overall view of the site, functionality, design etc.
This just couldn't be all...or could it? ....baaah humbug
..i think the video/audio - upload/playing works pretty well, though not sure of the efficiency of the code (/me thinks code could smaller and faster ) .it pretty much stores a temporary file for download by user, which was originally pulled from a...well mysqldb. Yes I went the way of storing pretty much all media (music/video/pics) into the db with a "garbage cleanup" performed ever so often (in case, for some reason the client needs to retry their request within a short period of time). [-edit-]
Oh btw please excuse my above post about aesthetic comments...for my eyes have jst discovered the Critique forum
-
thank you Coreye. These should all now be fixed. Not beautified.....but hot-fixed.
-
Oh and BTW I really appreciate the input on security....always useful...and I see many posts in this section even requesting it. But feel free to speak on other aspects...your overall view of the site, functionality, design etc.
-
I tried to register a 26 character username and a 4 character pass and it came up with an error saying "username OR password cannot exceed 32 characters".. ?
The code has been changed to reflect the fact that usernames and passwords can only contain letters and numbers.
Thank you.
-
Fatal error: Call to undefined function: str_ireplace() in /home/content/t/h/e/thekenchow/html/search.php on line 375
I'm not sure why this function is undefined here. I can't seem to reproduce it. Thanks though.
-
There is Full Path Disclosure if you set PHPSESSID in the cookie to an invalid value.
Tried a quick fix and there should be no path disclosure anymore. Just an Error page.....for now.
Thanks.
-
Fair Slice....
A small project I found laying around that I started some time ago and never finished.
So some nights ago decided to picked up on it again and these are the results thus far.
I guess in short one can say it's a sorta media publishing, socializing,
Would appreciate any comments, suggestions, questions, criticisms, sarcasm etc
www.fairslice.com
...tia...
-
I had a problem with a simple mysql/php web application. Basically I had a working member profile system (the profile editing/updating part of it worked fine). As I worked through night after night on the rest of the site, I happened to try updating a profile (using a member account and using Opera browser). To my surprise all of a sudden the profile wasn't being updated...and to top it off, all the rest of that member's data in the same record row (age,location,likes,dislikes,etc.) had been emptied. I was baffled even more when I tried using IE browser and saw that it worked!! Well I poured through pages and pages of the www and found similiar problems but none with my exact prob. Now I made sure my mysql query was properly formed. I even copied the query (a simple UPDATE) from the script's output and pasted into another mysql admin tool 'phpmyadmin' and it worked. Somehow the database/memberprofile just wasn't being updated through MY php script. I knew it because the same exact query worked through phpmyadmin. (all php code and mysql queries were verified and valid).
I did some more troubleshooting and will not neglect to mention the fact that I did eventually fix the problem!! and the database (member profile) is now updated whether using IE,firefox,Kmeleon or Opera.
What did I do? Put the css in its own file and linked it to the page. yep ...tested 3 times and that was the prob for WHATEVER reason!!
:)Now my question (which i'm not sure is about mysql/php/apache (thinking not mysql)) is,
why did I have to put the CSS in it's own file to make the DATABASE update work in Internet Explorer AND Firefox/Opera/Kmeleon? Is it to do with the headers sent by IE as opposed to FF/Opera/Kmeleon?
-
Sounds like it may be related to your configuration.....have you tried testing your script on another server setup?
-
sorry i have been so out of the loop (www/tech wise) for a bit.......why not help a teacher? Seems like guys doing $1000 projects get free help round here too? just asking.
-
idiot proof? ...let's try. We'll start off first by asking you what exactly is the problem you're having.
//oh... he no have no script at all
-
Any idea what the db layout is like?
...and is there any particular reason you check both $_GETs and $_POSTs instead of just $_REQUEST?
-
Try changing $id to $_REQUEST['id'] ....or $_GET['id']
-
Is it the form that's not showing up or the generated_links before it?
-
1 - show login form
2 - authenticate user against database (draw group details based on user/pass combo)
3 - now you know that he is a member/friend/family/whatever then use something like a header() redirect ...or includes() within switch()
$group = mysql_result(mysql_query("SELECT group_name FROM tbl_users WHERE username='$name_input' and password='$pass_input'")) or die(mysql_error()); switch($group) { case 'family': /*include family page*/ ; case 'friend': /*include friend page*/ ; case 'member': /*include member page*/ ; }..untested...jst a guide
-
-
-
For development/learning purposes you can run them all with right now
...but not for that might mean a service like dyndns.org or similiar companies/sites
My Music Website
in Website Critique
Posted
simple....very simple ....but effective.