xProteuSx

When you use the following code: if (!eregi("^[a-z0-9]{4,12}4", $string) What does the second '4' mean? The one here >> }4" <<

Oh, I see. So I was on the right track. I thought there was something I could do as far as my coding goes. Thanks agentsteal.

How do I go about writing an 'if' statement that runs if the page was reloaded? What I have is a multiple choice test. Page1.php gives you a question and multiple choices. Page2.php marks your result. If you gave the correct answer on page1.php your user score is incremented by one via a script on page2.php. However, if you get the question right, you can keep on refreshing page2.php, and your score is incremented every time you refresh. I want to avoid this. Any ideas?

Is there any way that you can, using an 'if' clause for example, send a user directly from page1.php to page2.php?? Kind of like this: PAGE1.php --- <html> <blah blah blah> <?php $error = 0; if (error happens) {$error = 1;} if ($error = 1) { scrap this page, and go directly to page2.php } ?> </html> I am just tired of typing error code to be displayed for every instance and possibility of errors. Ideally I would like to have a single page, say error.php, and if ($error = 1) happens on any of my pages, then automatically go to error.php. Possible?

Ahh ... yes. Now I know where the a20 comes from. Thanks. About the "'online' Database INSERT Error" ... it only occurs if you refresh real fast. I think its only because of the speed of the server. How do I get around this? -------------------------------------------------------------------------------------------------------------------------------------- Cross Site Scripting: http://www.mcatzone.com/mark_spec.php?answer=<marquee>vulnerable -------------------------------------------------------------------------------------------------------------------------------------- Is it just a matter of formatting the input in the code of mark_spec.php? I'm guessing so, but just need to make sure.

What is the significance of 'a20'?

So are you saying that something like this would work? if (!preg_match("/[a-zA-Z0-9]{4,12}/i",$string) { echo 'You have entered an invalid character, or your sting is not 4-12 characters long.'; }

What is it? What can it be used for, security wise? How can it be prevented? There is very little literature on the subject, especially from a PHP point of view. The only articles that I could find on it have to do with securing of APACHE, and not much else. My understanding is that it is a PHP vulnerability as well, and can be prevented when things are coded in a certain manner. Am I wrong? Where can I find some info?

What would be an 'eregi()' pattern for a string that is: - alphanumeric - 4-12 characters I'm a little confused?? My book is only for PHP version 4. Most online resources are useless. Would this be it? eregi([a-z]+[A-Z]+[0-9]+{4,12},$string)

agentsteal, or anyone else who can help, How do I get around this? Is it just a matter of coding restrictions after the form has been subitted? Also, what do I do about these 'Array' issues? I've got about half of these errors covered, just trying to get the rest figured out ...

Thanks agentsteal. I'll get going on these soon.

MCAT = Medical College Admission Test I am coding this site as an exercise meant to help me learn PHP and MySQL. It is probably way over my head, but I have been making strides (forward). Now I think that I am at the point where I should ask for some more experienced coders to take a look. Specifically, I would very much like to know any security flaws that are open to the general public (non-members) as well as non-administrative members. Prior to the login this goes for the login section and the registration section. Following login, it applies to all pages that require input or execute any code. If you have any additional ideas, suggestions, or comments, please do not hesitate to let me know. Special thanks to [agentsteal] The URL: www.mcatzone.com Username: whoever Password: whatever Please leave the site and DB intact if you find a security hole. Thanks

OK, I am trying to call up a form variable, which is a variable in itself, as below: $whatever = $_GET[$blah]; I cannot get this to work. I have also tried: $whatever = $_GET['$blah']; $whatever = $_GET['' . $blah . '']; $whatever = $_GET['"$blah"']; I really don't know ... and can't figure it out.

OK, I think I am in over my head. Could really use some help ... On page1.php: //I know for a fact that in this case $row[0] = 1, therefore name="a1" echo '<form action="page2.php">'; echo '<ol type="a">'; while (list($key,$value) = each($answers_array)) { echo '<li> <input type="radio" name="a' . $row[0] . '" value="' . $value . '"><font size="-1">' . $value . '</font></li>'; } echo '</ol>'; echo '<br><input type="submit" value="Check Answers">'; echo '</form>'; On page2.php: $answer1 = $_GET['a1']; echo $answer1; When the radio button is selected it returns: (nothing).

I guess that this used be to a standard line of code for producing random results/rows from a table: $query = 'SELECT * FROM xtable ORDER BY RAND(NOW()) LIMIT 1'; However, it does not create random results since some update to MySQL. I guess this used to work on older versions. If I call this query up 5 times, I will get the same row 5 times. Here is my code: for ($x = 1; $x <= 5; $x++) { $query = 'SELECT * FROM mcat ORDER BY RAND(NOW()) LIMIT 1'; $result = mysql_query($query) or die ('Error in query: ' . mysql_error()); if (mysql_num_rows($result) > 0) { while($row = mysql_fetch_row($result)) { echo '<br>' . $row[0]; } } } Because this 'for' loop is set to run 5 times, I should get five different results for $row[0] unless the same row is chosen each time. Even though I have over 50 rows of data, whichever row is selected first will reappear the following 4 times as well. What am I doing wrong? What can I do to get actual random results for each loop?

I am trying this for now: $query = 'SELECT * FROM test ORDER BY RAND(NOW()) LIMIT ' . $testsize ; It seems to work, and I am hoping that it will allow me to accomplish what I am trying to do. So for now its onto bigger and better problems ...

I am trying to create a multiple choice test script, where the user can choose the number of questions to be displayed. Now, once that number is input, I would like my script to randomly select that number of rows from a DB that is storing the question data, without duplicates. So, say I have 100 questions/rows in my DB, and I choose to have a 5 question quiz, I would like it to show, for example: row18 row3 row89 row99 row40 Then, next time, I would like it to show, for example: row 72 row 73 row4 row52 row16 I do not ever want it to show, for example, this: row16 row93 row16 row44 row2 Any ideas??

Right on! Thanks a bunch pocobueno1388. I have actually done this in the past, but just forgot about it! Awesome ...

I am trying to assign a value to a session variable by having the user click on a link. Here's the idea: I am building a glossary. On page1 the user clicks on a letter, A-Z, and this takes them to a page where all terms for the letter they select are displayed. So if they click on the letter 'C" it will take them to the 'C' page, where all terms for the letter C are. The definitions are stored in a DB, and I do not have any problems querying the DB. However, I do not know how to go about setting a session variable when they click on a letter. I want this: 1. User clicks on 'C' on page1, setting session variable to 'c' 2. Click takes them to page2 which queries the db for all terms starting with 'c' or 'C' and displays them in alphabetical order. Who do I set the variable with a mouse click on a link, then have it passed to page2?

Ofcourse you cannot upload files using a SQL injection. However, there are ways in which to tamper with the DB so that you can upload files to a site. I really could not tell you what the process is. If you have a file upload section that is accessible to administrators only, hackers could give themselves access to this section via an SQL injection attack, then upload files which are usually canned scripts that give them total access to a site. I have been a victim of this, so I know that one way or another, SQL injection holes can lead to files being uploaded to your site, even if indirectly.

As wildteen88 said, try this: <?php include("settings.php"); if ($disable = "true") {printf("The Website you are trying to reach is currently unavailible"); exit;} if ($update = "true") {printf("The Website you are trying to reach is currently being updated"); exit;} if ($disbale = "false") { if ($update = "false") {header( 'Location: pass.html' ) ;} } ?>

I don't know how its done, but I know that one of the sites I administrate did get hacked via a SQL injection, and they did manage to upload a bunch of content.

My understanding is that if you follow this procedure, you are (supposedly) safe from MySQL injection attacks: Before you input any values to your DB, run the values through the MySQL_real_escape_string() function. ie. $password = $_POST['password']; $password = mysql_real_escape_string($password); Now you can run your INSERT query and insert data stored in the $password variable into your DB.

When I use the following code: <?php $ary = array(); // create an empty array if ($_1 != '') $ary[] = $_1; if ($_2 != '') $ary[] = $_2; if ($_3 != '') $ary[] = $_3; if ($_4 != '') $ary[] = $_4; ?> and then I try this: echo $ary; The output is simply: 'Array' Is the code not written correctly, or do I have to output is using the explode function?

How do I add a variable to an array only if the variable is not null. I have a scenario in which I have a few variables -- lets say 4. $_1, $_2, $_3, and $_4. I want to add them to an array, but only if they are not null. So if they all have a value the array would be: $myarray = array($_1,$_2,$_3,$_4); But if the value for $_2=='' $myarray = array($_1,$_3,$_4); And if the value of $_2=='' and $_3=='' $myarray = array($_1,$_4); What's the best way to do this?