Caesar
-
Posts
1,025 -
Joined
-
Last visited
Never
Posts posted by Caesar
-
-
No that is not sufficient...especially if any forms or pages on your siteare susceptible to SQL injection or XSS exploits.
-
-
Security will depend on the measures you took to secure it...in your code/programming.
-
<?php if((!isset($_SESSION['username'])) | (!isset($_SESSION['userid']))) { echo' <form action="" method="post"> <table align="left" border="0" cellspacing="0" cellpadding="3"> <tr><td>Username:</td></tr><tr><td><input type="text" name="username" size="15" maxlength="30" /></td></tr> <tr><td>Password:</td></tr><tr><td><input type="password" name="password" size="15" maxlength="30" /></td></tr> <tr><td><input type="submit" name="sublogin" value="Login" /></td></tr> </table> </form>'; } ?> -
That is what I'm thinking. Print out the value in your browser prior to the update query....see if it matches. Are there any whitespaces being added? How did you format the `amount` column/field in the database?
-
<?php $query = "UPDATE `orders` SET `c_phone` = '$c_phone' WHERE `ship_name` = '$name' && `amount` = '$t_price'"; //Shortened query to make it more visible ?>
-
Bottom left I believe.
-
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in /php/mp3crib/C_AuthUser.php on line 17
http://www.mp3crib.com/login.php
When submitting invalid characters:
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in /php/mp3crib/C_AuthUser.php on line 17
-
Well it was for both really, to find out how to do it and how it works, and to have the ability to create my own if I ever need to, or if I'm having a problem with one I could have more of an insight to what the problem might be
Understandable...and I would (And have) code one for learning purposes...but definitely not to provide to a client. Why? Well, because with shop's already available that provide ready made modules and plugins for tons of different payment gateways, shipping modules, etc. And then providing updates with new themes and new plugins for newer features/payment gateways....I wouldn't want to keep troubleshooting or providing support. Let someone else do it. Why reinvent the wheel...unless I was coding the software to sell it as an ecommerce solution to the masses.
-
This guy is pretty much a turd, for someone asking for help. I say he take his infinite knowledge and figure it out.
For someone with that attitude, sure took him a while to notice he was only copying the original variable...and not redefining it's value.
-
Why not create a new font directory and simply reference the path to it, where you can basically upload any font you like?
-
<?php $sql = "SELECT * FROM $table WHERE titleID = '$id'"; ?>
-
You mean...?
<?php $object->method($variable); ?>
<?php $array = array('poop'=>'caca', 'pee'=>'urine'); ?>Look into OOP/Objects and arrays. But yeah, don't get ahead of yourself, start with the very basics. Will learn much much better.
-
As well as in the 'id' attributes....misspellings, that is.
-
form code isnt displaying desired output
Might want to mention what it is outputting.
-
There are plenty of robust shopping carts out there already. Is this for learning purposes or you actually want to go commercial with it? If you're making one for a client, alls I can say is, you're better off using an existing solution, so that you don't have to provide constant support/updates.
-
Store the date as a timestamp and then format it any way you want when you want to display it.
<?php //Current timestamp - Ready to be inserted into your db. $mydate = time(); //Takes timestamp and formats it to display as: June 26, 2007 $showdate = date("M d, Y", $mydate); ?> -
Scrap this....
$titl=$dat['title'];
$crea=$dat['creator'];
$subj=$dat['subject'];
$foru=$dat['forum'];
$tit=str_replace(" ", "-", $titl);
$cre=str_replace(" ", "-", $crea);
$sub=str_replace(" ", "-", $subj);
$for=str_replace(" ", "-", $foru);
And try this...
<?php function do_it($dat) { foreach($dat as $newdat) { $newdat = str_replace(" ", "-", $newdat); } return $newdat; } ?> -
That's not your business, when I tell you what the values contain. And yes, I know they contain that, because they all print out normally! However, with spaces and not "-" which it should be doing! The array is being assigned from a SQL database.
I don't think you're getting it.
If the flow/logic in your code is just like that snippet you showed, then think about it....you're doing the string replace after the array values have been defined....and printing out any of the $dat isn't going to go through the string replacing. Of course, that is going only by the small snippet of code you showed.
-
Look at your code logic. PHP is going to work from the top to the bottom. Where exactly are you redefining the values for the $dat array before you print out it's value at the end of your code?
-
<?php $str = strtotime('21:00:00'); //To convert it to a timestamp that will include today's date $newstr = date("H:i", $str); //Will equal "21:00" //$newstr = date("M d, Y - H:i", $str); //Will equal "Jun 25, 2007 - 21:00" echo $newstr; ?> -
Of course, you should be checking against your db (or wtvr) to make sure the login validates. And you also want to scrub/clean the input to make sure your script is not vulnerable to XSS/SQL injection.
-
Let's break this down in a lot more simple steps, for the sake of understanding what's going on.
<?php //Define the variables $username & $password $username = $_POST['username']; //Assuming you're posting from a form where $password = $_POST['password']; //the fields are 'username' & 'password' if(isset($_POST['username']) && isset($_POST['password'])) { session_start(); //If the form has been submitted, then initialize the session and define the session variables $_SESSION['username'] = $username; $_SESSION['password'] = $password; echo 'Welcome '.$username.' (<a href="logout.php">Logout</a>)'; } else { echo' Welcome Guest!<br /> <a href="login.php">Login</a> | <a href="register.php">Register</a>'; } ?> -
<?php $str = "you_foo"; preg_match('/[^a-zA-Z0-9_\s]+/', $str); //...."\s" = single space character. ?>
[SOLVED] php functions in variables
in PHP Coding Help
Posted
You can use objects to do this...
OOP