Jump to content

mahenda

Members
  • Content Count

    61
  • Joined

  • Last visited

Community Reputation

0 Neutral

About mahenda

  • Rank
    Regular Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. every user can see, even if he/she did not logged in
  2. $prepare = $connect->prepare($product_details); $prepare->execute(); $row = $prepare->fetch();
  3. i shortened the code assume all variable are available
  4. when user click the link with product picture, the link will open new page called product.php with product full detail from database in the product page the query accepted with get method $product_details = "SELECT * FROM product WHERE product_id=".$_GET['product_id'];
  5. //link to the product <a href="<?php echo 'product.php?product_id='. $row['product_id'];?>"style="text-decortion:none;"> //on the product page, the url look like this localhost/maembe/product.php?product_id=2 what will happen when attacker see this id and how to change it
  6. here my sample code <form> <input id="query" type="text" name="query" placeholder="search here..." autocomplete="off"> <button type="submit" value="query" >search</button> <div class="sugbx"></div> </form> //php code, assume we already run a whole php code ...... <ul class="list-group list-unstyled" style="cursor:pointer; color: #191919; position:absolute; top:12px;"> <?php foreach($query as $movie) { ?> <li class="list-group-item" onClick="searchValue('<?php echo $movie["movie_name"]; ?>'),;"><?php echo $movie["movie_name"]; ?></li> <?php } ?> </ul> <?php } ?> //ajax here $('#search').keyup(function(){ $.ajax({ type: 'GET', url: 'phpcode.php', data:'query='+$(this).val(), success: function(data){ $('.sugbx').show(); $('.sugbx').html(data); } }); }); function searchValue(val) { $('#query').val(val); $('.sugbx').hide(); } //ajax the input accept the value only after selecting one of the listed value on the suggesstion box and then i have to click the submit button the problem is, how to submit the value accepted when a list is clicked
  7. here my header to be included in different pages such as home.blade what is wrong, because i'm getting error undefined variable t_page_title //header file <!doctype html> <html xmlns="http://www.w3.org/1999/xhtml"/> <head> <title><?php echo $t_page_title; ?></title> </head> <body> //home.blade file <?php $t_page_title = 'This is page title';?> @include('repeated.header')
  8. so it means this is secure check what is happen when i'm trying searching http://localhost/member_app/results?page=1&search=mahenda i'm doubt with the number of page why is visible and how to hide them
  9. $keyword = $_GET['search']; $search = $con->prepare("SELECT * FROM members WHERE name LIKE :keywword"); $search->bindValue(':keyword', '%' . $keyword . '%', PDO::PARAM_STR); $search->execute(); or $keyword = mysqli_real_escape_string($con, $_GET['search']); ........ which is better for securing search input and why uri is http://localhost/member_app/results?search=<script>alert('hi')<%2Fscript> after submission
  10. I want to protect the database from being injected using both SQL injection and xss protection techniques so what is very useful.
  11. which one is necessary while protecting form field
  12. thank you so much now it is working
  13. /*i have some pages and i want to user to see an appropriate title when user click new page example: at home page on the tab the title must be written as welcome at hendra|home and when user clicked on about page, the tab must show another title like this you are at hendra|about page how to do this in php*/ //head <!doctype html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <title><?php echo $title; ?></title> </head><!--/end of head--> <body> //index page <?php include_once('head.php'); $title = 'welcome at hendra|home'; ?> //about page <?php include_once('head.php'); $title = 'you are at hendra|about page'; ?>
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.