Jump to content

Karaethon

Members
  • Content Count

    89
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Karaethon

  • Rank
    Regular Member
  • Birthday 11/08/1978

Profile Information

  • Gender
    Male
  • Location
    United States
  • Interests
    Coding, Gaming, Girls

Recent Profile Visitors

128 profile views
  1. Karaethon

    Invalid Request to service file falls through

    WOOT! It's working correctly now, my eternal gratitude to both of you for the help and knowledge. So, Mac, I noticed your Avatar is the gatecode for earth, with Mac_Gyver as you username is that a nod to both stargate and macgyver staring the same actor? if so, cool, both shows rock.
  2. Karaethon

    Invalid Request to service file falls through

    oops, I converted that line to use password_verify() from one that used crypt()
  3. Karaethon

    Invalid Request to service file falls through

    that may be it, i just added a line to the output array ( "playerID" => $_SESSION['id'] ) and it returned null for the id. .... so what's the code to do that? mysqli_??? num_rows?
  4. Karaethon

    Invalid Request to service file falls through

    hmmm. Im not sure why. User: <?php class User { public $id; public $username; public $email; public $fname; public $lname; public $addr1; public $addr2; public $city; public $state; public $zip; public $phone; public $ssn; public $dob; public $paypal; public $credits; public $winnings; public $loggedIn = false; function __construct(){ if (session_id() == ""){ session_start(); } if(isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] == true){ $this -> _initUser(); } }//end __construct public function authenticate($user, $pass){ $mysqli = new mysqli(DBHOST, DBUSER, DBPASS, DBNAME); if ($mysqli->connect_errno){ die("Cannot connect to MySQL: " . $mysqli->connect_error); return false; } $safeUser = $mysqli->real_escape_string($user); $incomingPassword = $mysqli->real_escape_string($pass); $query = "SELECT* FROM Players WHERE Username = '{$safeUser}'"; if(!$result = mysqli_query($mysqli, $query)){ die("Cannot retrieve accoutnt for {$user}"); return false; } $row = $result->fetch_assoc(); $dbPassword = $row['Password']; if (password_verify($incomingPassword, $dbPassword) != $dbPassword){ die("Password for {$user} does not match stored password."); return false; } $this->id = $row['Player_ID']; $this->username = $row['Username']; $this->email = $row['Email']; $this->fname = $row['FName']; $this->lname = $row['LName']; $this->addr1 = $row['Addr1']; $this->addr2 = $row['Addr2']; $this->city = $row['City']; $this->state = $row['State']; $this->zip = $row['Zip']; $this->phone = $row['Phone']; $this->ssn = $row['SSN']; $this->dob = $row['DoB']; $this->paypal = $row['PayPal']; $this->credits = $row['Credits']; $this->winnings = $row['YTD_Winnings']; $this->loggedIn = true; $this->_setSession(); return true; } //end authenticate function public function logout(){ $this -> loggedIn = false; if (session_id() == ''){ session_start(); } $_SESSION['loggedIn'] = false; foreach ($_SESSION as $key => $value){ $_SESION[$key] = ""; unset($_SESSION[$key]); } $_SESSION = array(); if (ini_get("session.use_cookies")){ $cookieParameters = session_get_cookie_params(); setcookie(session_name(), "", time() - 86400, $cookieParameters['path'],$cookieParameters['domain'], $cookieParameters['secure'], $cookieParameters['httponly']); } //end if session_destroy(); }// end logout function private function _setSession(){ if (session_id() == ''){ session_start(); } $_SESSION['id'] = $this->id; $_SESSION['username'] = $this->username; $_SESSION['email'] = $this->email; $_SESSION['fname'] = $this->fname; $_SESSION['lname'] = $this->lname; $_SESSION['addr1'] = $this->addr1; $_SESSION['addr2'] = $this->addr2; $_SESSION['city'] = $this->city; $_SESSION['state'] = $this->state; $_SESSION['zip'] = $this->zip; $_SESSION['phone'] = $this->phone; $_SESSION['ssn'] = $this->ssn; $_SESSION['dob'] = $this->dob; $_SESSION['paypal'] = $this->paypal; $_SESSION['credits'] = $this->credits; $_SESSION['winnings'] = $this->winnings; $_SESSION['loggedIn'] = $this->loggedIn; }//end setsession function private function _initUser(){ if (session_id() == ''){ session_start(); } $this->id = $_SESSION['id']; $this->username = $_SESSION['username']; $this->email = $_SESSION['email']; $this->fname = $_SESSION['fname']; $this->lname = $_SESSION['lname']; $this->addr1 = $_SESSION['addr1']; $this->addr2 = $_SESSION['addr2']; $this->city = $_SESSION['city']; $this->state = $_SESSION['state']; $this->zip = $_SESSION['zip']; $this->phone = $_SESSION['phone']; $this->ssn = $_SESSION['ssn']; $this->dob = $_SESSION['dob']; $this->paypal = $_SESSION['paypal']; $this->credits = $_SESSION['credits']; $this->winnings = $_SESSION['winnings']; $this->loggedIn = $_SESSION['loggedIn']; }//end initUser function }//end user class ?>
  5. Karaethon

    Invalid Request to service file falls through

    crap, i didnt even think to make sure its a string "true" instead of boolean true. and I'll look into why user->authenticate is returning true. Thank you both for your replies.
  6. My app just found an error in my login.php file on accident. The app is supposed to get credentials from the user then submit them to my server for verification. I accidentally submitted null credentials (empty strings) and the server returned auth=true. I can't figure out why. Server code: <?php require_once '../../includes/db_connect.inc'; require_once 'user.php'; $header = "Content-Type: application/json"; $_SESSION['error'] = array(); if (!isset($_GET['secureSubmit']) || $_GET['secureSubmit'] != true){ die(header("Location: ../access_denied.php")); } // check requirements $required = array('username', 'password'); foreach ($required as $requiredField){ if (!isset($_GET[$requiredField]) || $_GET[$requiredField] == ""){ $_SESSION['error'][] = $requiredField . " is incomplete or missing."; } } if (count($_SESSION['error']) > 0){ $errors = array(); for ($i = 0; $i < count($_SESSION['error']); $i++){ $errors[]=array( 'num' => $i, 'desc' => $_SESSION['error'][$i] ); } print json_encode($errors); exit; }else{ $user = new User; if ($user->authenticate($_GET['username'], $_GET['password'])){ print json_encode(array( 'auth' => true, 'call' => "login", 'sid' => session_id(), 'credits' => $_SESSION['credits'] ) ); }else{ print json_encode(array('auth' => false,)); } } ?> I went to my browser and entered http://localhost:10509/login.php?secureSubmit=true&username=%22%22&password=%22%22 and recieved {auth":true,"call":"login","sid":"29e81981a4709407e2fd8a8f734ad9bc","credits":null} as a response, can anyone find where the invalid positive is coming from? The initial check for empty username or password should be failing before it ever gets to the check.
  7. Karaethon

    Is 'password_hash' broken?

    Ahhh. ok... so I use _hash when the user registers or edits their password and _verify when they log in? Kinda wish the php documentation said something about that, or at least I didn't catch it if it did.
  8. Karaethon

    Is 'password_hash' broken?

    I copied the code for password_hash at php.net: <?php /** * In this case, we want to increase the default cost for BCRYPT to 12. * Note that we also switched to BCRYPT, which will always be 60 characters. */ $options = [ 'cost' => 12, ]; echo password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options); ?> and changed it for use in my login page: $options = ['cost' => 12,]; $user = mysqli_real_escape_string($db_link,$_GET['username']); $pass = password_hash($_GET['password'], PASSWORD_BCRYPT, $options); but my page keeps saying invalid user/pass. Upon echoing the $pass I find that the result changes EACH time. so I created a test page that runs the code from php.net (verbatim code) 20x and I got: [pre] $2y$10$Nlf0J520viR4C5jd3nIdd.6M3OMKACx503Jm3PiXDYZIs.13XAheq $2y$10$SO1ip3JI.EGjUJb3JYUDSeAUszg6A3UBX9b.ENk2aythAuxQ1apxS $2y$10$Ub7cQSbFWXhkLrzm3ldGGe8FfgsOjS99vgj9l801yqXgPjvJmVpsm $2y$10$8fNzz/tmrg8tLdHOk0r7GOh0j1frKN3ujA/qzrFHi/s22jMO/hbri $2y$10$o.5LnDxkhw/YNxJT16fuIOiQbnhHKs51SqFTqQ3KsflY6nYV.HLLm $2y$10$zQZiauRe6tuF2rGd1XGcO.E7ekhfP68Sqih8ll9Om7n5c2NO3tPSu $2y$10$uLZXDAQu14EW8P4CMMICBuvRv0wOEAxghzJV1c9UuNK7yTRJNNdjO $2y$10$P6Uy4/PDOnE9zv/VxRAWFebKY/qYXj1unIrTvV42xUxe.zXx3ut2W $2y$10$uHb8qdh3CGe0BkXdyuThHu0vgAH5bxEPYMe0VK410Q7xqcAlC.xuy $2y$10$xXwbec0Cn0JcMorGgmmRY.qHW.N1pNoYq.2V.IAQHsCDYPXtgQyJ6 $2y$10$w88m.M6BmVVoYYBhM1IAquOIb4NH9n093nQmdzhKm0Fq2ykgcZFZm $2y$10$IkVTs7.z4rZt5/rkgRQnKeXfINb7VTqXxTDRZB9caR4X0rwKtdhIW $2y$10$XyjX0X0I.l4Ct9eF4zhhz.S5Cg/Ppqf3veL9ciehjBr/2Rp8usPCm $2y$10$iJkhIWl95TVlA4hw2nltd./YmyXA2.abqTu8WFs/YuEvJsndosv6W $2y$10$kwVNtAaKxG8z2m.D0evl..Xx64NWPxbFAIBjCDLBfgiJncgniBB7S $2y$10$m8ZyiI7HhXutyTZGySit/O3lmAGsIlfRqEcYc7eCV2XS9TS1Sw9/y $2y$10$uYDilXy1HKT9M6DiPUhAe.3W5teCpkTF4x5UgVYiJctz4HXNMzU9e $2y$10$0HDD2quyh2AfMeF41PbKTu7PGTPn2fcl42HLxweaIHay9KbPDrEh6 $2y$10$qc0Kt5VtkrslpLlQmvq5a.dboTbf8qEif9KOwYwjoGGh6Q.xoN8JK [/pre] Is password_hash broken? or am I mistaken to think that it's supposed to return the same output everytime fror the same input?
  9. Karaethon

    Finding occurrence of values in a string.

    Ok, so I've been reading about regex and I think this is the fix... am I wayyyyyyy wrong? (\d{3})\.(\d?)(\w?)
  10. Karaethon

    script to fade bg color on page

    I really like this keyframes animation stuff, I even came up with, and coded, a heartbeat for my image on my page, is there a way to put in a delay between intervals so i can change the heart rate without having to adjust the percentages every time i adjust the cycle length?
  11. Karaethon

    Finding occurrence of values in a string.

    Oh Shoot. I just noticed I had a small typo, its ###.# or ###.#L. How does that change the regex? Ok, I used what you wrote and it does (almost) exactly what I want, the only error was (my fault completely) it did not capture the trailing 6 on a reference to 100.6 and it did not capture the trailing i on 100.4i. I bet its an easy fix if I grocked regex. But I don't (yet).
  12. Karaethon

    Finding occurrence of values in a string.

    Do they always start with a series of digits? If so, what is the minimum/maximum number of digits? Are the digits always followed by a period? Is the period always followed by a letter? If so, what are the valid letters and are they always lower case? Also, how is that reference supposed to be modified to a URL? I.e. what would the URL look like for your example of '105.f'? Ok... 1. Yes each section is three digits. 2. No, at present they are not but I could add the period if that would be required 3. Yes, if there is a subsection then that subsection is numbered as [section number].[subsection letter] 4(?) Each separate data piece is in a bootstrap collapse with an ID of "sectionNNN.L" or "sectionNNN" as appropriate. So I will be wrapping the reference in <span class="btn btn-link" data-target="section???" onclick=" showPage('section???')" data-parent=" #page">???</span> Specifically the data is the comprehensive rules text at magic.wizards.com/rules
  13. Karaethon

    script to fade bg color on page

    Thank you for your help. I ended up with this (which is a lot like what I just noticed you posted) I was able to drop the shifts to grey that I thought I would need for good color blending but didn't need after testing. body { width: 100%; height: 100%; animation: pulse 60s infinite; overflow-y:auto; } @keyframes pulse { 0% { background-color: #ffffff; } 10%{ color: #ff0000; } 20%{ background-color: #0000ff; } 30%{ color: #00ff00; } 40%{ background-color: #000000; } 50%{ color: #ffffff; } 60%{ background-color: #ff0000; } 70%{ color: #0000ff; } 80%{ background-color: #00ff00; } 90%{ color: #000000; } 100% { background-color: #ffffff; } }
  14. I have a DB of data: article-id, section-id, subsection-id, article-text. When a row is fetched I am displaying article, section, subsection as <h3>, <h4>, <h5> and then text in a <p>. Before outputting the text I want to scan it for other articles, sections, or subsections it may reference then turn that reference into a hyperlink. I read the PHP documentation but I can't find anything that translates to the basic commands of instring, indexof, and left/mid/right. Example: 1. Article Name 100. Article 1, section 1 100.a article 1, section 1, subsection a Text blah blah blah 105.f blah blah blah I want to find that 105.f and turn it into a link. All my articles, sections, and subsections are in the DB so I know I can use an array of the number values as my items to look for, but I can't figure out how to look.
  15. Karaethon

    script to fade bg color on page

    Oh. I can do it in css? Everything I need to do? I saw how it was alternating between two colors but can I randomly alternative between grey and one of the 5 colors? Great site, but now my headache got worse....
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.