nadeemshafi9

heavey metal <(iron monger) i dont even use my laptop mobility , i have it hooked up to my tv and just unplug my urb reciver for my pc mouse and keyboard and just switch it over and now i have internet windows and all on 32 inch HD HDMI dont lagh, i go to work with an empty laptop case lol.

im a nervouse person nothings ever perfect for me

reminds me of two projects i started on here 1 i completed when i was in uni, i done this project where you give the database name to the class and then run the index page and a single class creates all the CMS pages by reading teh table names and feild names, that was completd. then i started tryign to stick blobs of sound together to get speach and it was a total flop i used soxmix concatinator lol.

Lavascript lol

lol, 4 in the morning iv never kisssed this much ass since i started earnign a living

thoght so lol maybe you can do somthing with hidden feilds ?? function more(cur){ var values = new array(); for(var i=0;i<cur;i++){ id = i+1; if(document.getElementById('file'+id)){ values[i] = document.getElementById('file'+id).value; alert('file'+id+' Added to array.'); } else{ alert('file'+id+' Does not exist and was not added to the array.'); } } if(document.getElementById('file'+cur).value != ''){ cur++; document.getElementById('holder').innerHTML += '<div class="formcontainer"><div class="formlabel">File '+cur+': </div><div class="forminput"><input type=file name=file'+cur+' id=file'+cur+' onblur="more('+cur+');"></div></div>'; } var total = values.length; for(var i=0;i<cur;i++){ id = i+1; if(document.getElementById('file'+id)){ document.getElementById('file'+id).value = values[i]; alert('file'+id+' Updated.'); } else{ alert('file'+id+' Does not exist and was not updated.'); } } } <div id=holder> <div class="formcontainer"> <div class="formlabel">File 1:</div> <div class="forminput"> <input type=file name=file1 id=file1 value='' onblur="more('1');"> </div> </div> </div>

so whats the issue isnt the onblur event firing have you tested it with an alert()? http://www.w3schools.com/JS/js_obj_array.asp

crayon - and daniel0 do you guys rember a few years back when i was a budding developer - do you rember me asking any dum question i think i did once or twice

this is a good exp the jist of it is that you can limit communication on your system to only that port

we have a system that we deploy and other ysstems use that system from client locations, now these systems contact the server using a socket connection . i have been thinking about why and without any research this is why i reckon, 1, http requires web server wich is unstable, a socket server that you have created will be there only for one reason and thats to listen for your device, nothing else will use it, you can send each char of your message start message and end one by one with a checksum to make sure the data is solid. there is little chance of teh server falling and if it does it wont affect your web server. you can monitor it in your script what comes throgh etc etc. basicaly creating your own socket the application is more pure no web server stuff less to fail http has its own protocol used in socket communication http is a protocol socket is a loop running on your server listening to a port. you dont need teh http protocol, i think you get the idea you can use a filename.php with a socket so if you communicate to filename.php you can comunicate with it on multiple sockets filename.php:1000 filename.php:2000 etc but teh code inside the file will be listening for whatever port and teh data posted to it read this http://bytes.com/groups/net-vb/367435-sockets-vs-http

http://www.google.co.uk/search?hl=en&q=mobile+phone+browser+emulator&btnG=Search&meta= when i was at uni i would just literly put my site up and go to it str8 from my mobile phone.

making a site that runs on mobile phones is a waste of time, any reasonable phone can diplay a full web page and no one would realy whant to view it on that anyways, the practicle solution is to use rss feeds which the mobile phone user can subscribe or view, or xml files with xslt which is a step back from rss. what you need is a system like joomla which allows you to install it in 5 mins and then everything can become an rss feed. if your talking about those old mobile phones which are tiny and there entire screen gets fuilled by a tickbox then forget it your efforts will go to waste you will get it on there no one will use it, i say stick to a web app that allows users to create a question then add answers too it (multiple choice) or a question and mark it as open. then you can have them log in to answer them and you can serve the results as a web page and xml rss feed dynamicaly generated, you can also email these results or even text message them or even bluetooth them.

it would be somthing like load the window and if they do anything else which would be unfocus from that window then load the exit page using element creation and insertion in js.

let me do some research and find a quote i like and il change it, cmon mate dont lay an egg over it lol!!!

i only play games on my xbox 360, pc gaming is for obsessed people

whats going on ?

ok we have stopped the db user from dropping anything anyways but yes. so your saying that quoting into will fix the issue, i use quoteinto for update and delete queries but $result = $tvCustomerData_table->fetchAll($tvCustomerData_table->select() ->from($tvCustomerData_table) ->where("{$search_filter} {$user_filter}") ->order(array("{$sort} {$dir}")) ->limit($limit, $start)); is teh above code prone to injection ?

why not make your get variable into a object with your own syntax and then hash or encode it and then decode it and read it in on the other end. to teh original post, i used to keep track of attacks on my sites and they used to be bots that attack you especialy in the url especialy if you include files using get vars

ok cool cos my supervisor wasent worried about sql injection and i was like oh but look you can just look in firebug and see all teh ajax calls and attack them all then i tried it and i manage to break one or two but didnt manage to delete anything. im juts reading up on prepaired statements. can you elaborate a tincey wincey bit more on that example you gave PK like '; DROP TABLE users; -- it will just return 0 rows. plz thanks

javascript frameworks are mindblowing, when you combine them with an mvc that is using mod rewrite such as zend framework, you get a super easy to manipulate interface with great widgets and a backend that is designed to work with ajax. trust me its just damn easy and you end up making much more powerfull frontends using the js framework and much more inteligent frontends and backend logic. The backend becomes much more managable and easy to call functionality. the zend framework comes bootstrapped with a file registry app.ini for your db conns and many many more classes features and structure. each module can be seperated having different views controllers and layouts. layouts are amazing you can apply them to a content produced by a method in a controler when outputed to a virew or you can simply tell it that this controller will output json or xml or somthing. http://framework.zend.com/ http://extjs.com/ (this is a combo of all teh best frameowrks and much much more for js) http://php-ext.quimera-solutions.com/

and that will filter any attacks from being injected because if teh firts part fails it breaks ?

how good of a solution is that because i am having issues wit hthis too, prior to my new apps i used to have an array in the bootstrap of the apps and used to check against it for illagel chars for id's and text strings in teh url or post directly in teh model on any controler call. That caght everything. now i am using the zend MVC and ajax its slightly more of a widespread issue zend seem to havre made it slightly better because they break up the query into functions eg select() from() etc. how well can i protect myself by using quotes ? can it be broken still ? does quoting it fix any vulnrability ?

forgive me if im wrong off teh top of my head i think they cant exec remotley ? or am i wrng ? you can do that with exec you got confused with you server to server comms, you wont be executing that command on server 2 you will be executing it on server 1 but there is a better way execute it directly on server 2 using server 1. <?php // variable initialization $command = 'ls -al >files.txt'; // set up basic connection $ftp_server = "ftp.example.com"; $conn_id = ftp_connect($ftp_server); // login with username and password $login_result = ftp_login($conn_id, $ftp_user_name, $ftp_user_pass); // execute command if (ftp_exec($conn_id, $command)) { echo "$command executed successfully\n"; } else { echo "could not execute $command\n"; } // close the connection ftp_close($conn_id); ?> or you can execute the commands on server 1 just like you would do on a command line from server 1 to server 2