Jump to content

RedInjection

Members
  • Content Count

    23
  • Joined

  • Last visited

  • Days Won

    1

RedInjection last won the day on November 3 2015

RedInjection had the most liked content!

Community Reputation

1 Neutral

About RedInjection

  • Rank
    Member
  1. function generateRandomString($length = 5) { $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $charactersLength = strlen($characters); $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, $charactersLength - 1)]; } return $randomString; } This is my function - Is this ok?
  2. Also tested this $pageURL = 'http'; if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";} $pageURL .= "://"; if ($_SERVER["SERVER_PORT"] != "80") { $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"]; } else { $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]; } $c = $pageURL; print $c; if(!file_exists("404.php")) if($c=="home"){include("header.php");}else{include("kf.seg/intheader.php");} include("kf.pages/$c.php"); include("kf.seg/footer.php"); Create a 404 page or add a rule htaccess to say its missing
  3. Create a .htaccess file RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://yourwebsite.com/$1 [R,L] PHP <?php if(empty($c)){$c="home";} // not sure what this is? if(!file_exists("kf.pages/$c.php")){$c = "404";} if($c=="home"){include("kf.seg/header.php");}else{include("kf.seg/intheader.php");} include("kf.pages/$c.php"); include("kf.seg/footer.php"); ?> Can I check what are you trying to do with $c="home"; ?
  4. $pageURL = 'http'; if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";} $pageURL .= "://"; if ($_SERVER["SERVER_PORT"] != "80") { $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"]; } else { $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]; } Can I check why you need to see if HTTPS? Do you use individual pages for encryption or everything? I am just asking because you could be able to remove some of this code as it's unnecessary and add a rule in .htaccess?
  5. Hello all, I have made a script that does what I want but I am asking are there any flaws in my coding that I am missing in terms of security? * When a user registers by default the table sets the column status to pending * The key generated is a random 5 character string with a mixture of Uppercase and Numbers // IF username is missing from URL then redirect if ( empty($_GET['username']) ) { redirect_to("register.php"); } // IF key is missing from URL then redirect if ( empty($_GET['key']) ) { redirect_to("register.php"); } // SQL Query $sql = "SELECT * from users WHERE username = '{$_GET['username']}'"; $result = $mysqli->query($sql); $row = $result->fetch_assoc(); if ( $row['status'] == 'pending' ) { if ( $_GET['key'] == $row['activation'] ) { $sql = "UPDATE users SET status='enabled' WHERE username='{$_GET['username']}' LIMIT 1"; $result = $mysqli->query($sql); $sql = "UPDATE users SET activation='' WHERE username='{$_GET['username']}' LIMIT 1"; $result = $mysqli->query($sql); echo 'Your account is now <font color=green><strong>ACTIVE</strong></font>'; } } if ( $_GET['key'] != $row['activation'] ) { redirect_to("register.php"); } Thanks for your feedback! I hope I done okay as I am learning
  6. Hello, print $_GET['id']; If a users goes to page.php?id=X then it will show the value but how do I make it if a user goes page.php that it shows no error as it say's its not defined? Is there a simple way of doing it or do I need to write an IF function that sets id as nothing initially and if it has value then display?
  7. Hello, I have a PHP script that reads information from a table and display the information in file.php?id=X format. I have designed the page so the <title></title> and META description is unique for each X. Do search engines automatically crawl this format I have used or is there something I need to do to make it work? Thanks for your help!
  8. Hello all! I am learning SQL and from what I understand DISTINCT is what I need to hide duplicates? SELECT provider FROM categories ORDER BY provider In my table I have several 'provider' that are duplicates, I don't want to delete them but i just want to hide them, what is the best practice of doing this?
  9. Fixed it be reinstalling PHP, without any modifications my original script post works <?php $sql = "SELECT role FROM users"; $result = $mysqli->query($sql); $row = $result->fetch_assoc(); $checkrole = $row['role']; if (logged_in() == true AND $checkrole == 'admin' ) { ?> <b>I am admin</b> <?php ; } <?php if (logged_in() == true AND $checkrole == 'user' ) { ?> <b>I am user</b> <?php ; } ?>
  10. I am creating a jquery that hides/displays information when a hyperlink is clicked, so I have a while loop to count records but jquery needs me to define a variable for each hyperlink so I am going to increment it. I need to integrate jquery so I need to be able to insert it because of this
  11. Hello all! I am aware of how to use \" when escaping HTML tags but I want to know how people do it with javascript as I have a very complex JS I have wrote which I need to integrate with PHP As an example $(".hide1").hide(); $(".show1").show(); $('.show1').click(function(){$(".hide1").slideToggle();}); I know that ECHO '$(".hide1").hide(); $(".show1").show();'; ECHO '$('.show1').click(function(){$(".hide1").slideToggle();});'; Isn't going to do it, what characters in that above code need to be escaped, is it possible I can convert the $ sign using HTML character codes? $ so it can read it easier and allow me to produce the output I want. Thanks.
  12. Tried to clear my cache but same result I am afraid "SELECT role FROM users WHERE role='admin' mysqli_result Object ( [current_field] => 0 [field_count] => 1 [lengths] => Array ( [0] => 5 ) [num_rows] => 1 [type] => 0 ) SELECT role FROM users WHERE role='user' mysqli_result Object ( [current_field] => 0 [field_count] => 1 [lengths] => Array ( [0] => 4 ) [num_rows] => 1 [type] => 0 ) SELECT role FROM users WHERE role='user' or role='admin' mysqli_result Object ( [current_field] => 0 [field_count] => 1 [lengths] => Array ( [0] => 5 ) [num_rows] => 2 [type] => 0 ) Appreciate your help to all!
  13. Still showing "admin" even for a user logged in
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.