Jump to content

Jessica

Staff Alumni
  • Posts

    8,968
  • Joined

  • Last visited

  • Days Won

    41

Everything posted by Jessica

  1. PHP runs server-side. The information you want is on the client-side. You'd have to have the PHP code run ON the client computer. The PC. Not just access the PHP in a browser, but use the PC as the server, if it could be done.
  2. I'd get both results and compare in PHP.
  3. On the mysql_query() you need to have that OR die(mysql_error()); part - that error indicates something failed in your query. (sorry to bump an old post, but I went to bed last night without finishing up here ) Personally, I think the do while syntax is much less readable then the simple while() - you're putting your crucial part way at the end.
  4. I see plenty of non-default thumbnails there. When you do print_r($row), that shows you what was returned from the db. The code you posted when you asked about where to put distinct does not show the query, just some HTML output. Instead of trying to print an image try just printing $row['thumbURL'] and seeing what it's set to.
  5. You didn't post your new query. It should be something like SELECT DISTINCT(*) FROM ...
  6. Also, You can skip this: //delete duplicate record id's from the array. To do this we will use array_unique function By adding DISTINCT into the query http://dev.mysql.com/doc/refman/5.0/en/distinct-optimization.html Change if ($_POST['search'] == null) { to if(isset($_POST['search'])){ You're using $query, you should be using $row now. Like: echo '<img src="../cms/htms/staff_videos/thumbs/'.$row['thumbURL'].'" height="40" width="40" alt="GameArgus Thumb" border="2" />'; $query is the sql string - $row is the current row you're on. S was the first letter (at the 0 spot) of $query, and you were essentially getting it.
  7. Woops, I made a mistake. Change the line to while($row= mysql_fetch_array ($rs)){
  8. Can you link to a sample url you'd use for it? I simplified the code down a lot to try to find the problem. For now, run this and paste what it outputs, or please provide a sample link to the page and run this code on it. <? $var = $_POST['search']; $trimmed = trim($var); $trimmed_array = explode(",",$trimmed); print_r($trimmed_array); foreach ($trimmed_array as $trimm){ $query = "SELECT * FROM videos WHERE tags LIKE '%$trimm%' OR title LIKE '%$trimm%' ORDER BY date_posted DESC" ; $rs = mysql_query ($query) OR DIE(mysql_error()); $row_num_links_main = mysql_num_rows($rs); echo $row_num_links_main; while($row= mysql_fetch_array ($numresults)){ print_r($row); } } ?>
  9. GOOGLE for OCTAL TRANSLATOR or OCTAL DECODER
  10. Well we determined it was Octal, and someone already translated it for you. Google will help you find more info.
  11. It depends on what was used to obfuscate it in the first place.
  12. http://www.google.com/search?q=define:obfuscated+code
  13. I'd just contact them and explain the problem. Who is your host?
  14. The method of having a single salt and using it in the code itself seems fine, but all the tutorials I've read that mention it have it as a random salt PER user, and the salt is stored in the DB too. That's why it confuses me. I like the idea of only having so many attempts per day, to help stop brute force attacks on the login screen itself. Because the salt doesn't stop those attempts.
  15. obsidian: But where do you use it? Edit: I guess my question is how does salt stop the dictionary attacks on user's accounts? It seems like it only does any good if the "hacker/cracker" somehow gets access to the database - so the articles that tell you to store the salt per user in the db don't make any sense - if they have access to the password column, they have access to the salt.
  16. I don't know, but is your computer time set to the server's time? Perhaps if they're different Firefox somehow knows that you mean 30 minutes, but IE thinks you mean that time, which is different from your computer. No idea how to fix it, best of luck.
  17. A little off topic, but how do you guys do salt? I know of a few different ways to do it, just wondering what people use?
  18. $sql = mysql_query("SELECT * FROM userinformation WHERE `username`='".addslashes($_POST['username'])."' AND `password`='".addslashes($_POST['password'])."' LIMIT 1")or die(mysql_error()); As you're using mysql, you really should use mysql_real_escape_string instead of addslashes()
  19. Can you use an htaccess file to set it? Perhaps that would work?
  20. It's less effort for the server to load an image from the filesystem then get all that data from the database and reconstruct the image each time. The filesystem is made for files, that's what an image is. Yes, an image has data, but it's not the type of data that databases are made for. I think it's mostly personal preference.
  21. I've been stuck on this too. I can't figure out how to send a file via submitting a form via ajax, so if anyone can clarify that would be great.
  22. From the manual:http://us3.php.net/manual/en/ref.session.php#ini.session.gc-maxlifetime Note: If different scripts have different values of session.gc_maxlifetime but share the same place for storing the session data then the script with the minimum value will be cleaning the data. In this case, use this directive together with session.save_path. I think you'll need to set it in the php.ini, or on every single page, in order for it to work.
  23. How are you checking the cookie expiration time? I mean, what makes you say they're different times?
  24. See how the form action points to index? On index there is this code: // querystring args $page = intval(querystring("page")); $id = intval(querystring("id")); $num = intval(querystring("num")); $search = querystring("search"); $action = querystring("action"); $language = querystring("language"); $self="index.php?"; foreach (array_keys($_GET) as $key) { if ($key != "language") { $self.=$key."=".$_GET[$key]."&"; } } if (preg_match("/\&$/",$self)) { $self=substr($self,0,strlen($self)-1); } if ($language!="") { $_SESSION["LANGUAGE"] = $language; setcookie("Language", $language, time()+(60 * 60 * 24 * 365)); $query = @mysql_query("SELECT * FROM lang WHERE id='".$language."'"); $row = @mysql_fetch_array($query); $_SESSION["LANGNAME"] = strtolower($row["name"]); redirect($self); } What this does (I think) is creates the page it should go to based on the URL. IMO this seems pretty insecure, and it's a weird way of doing it. Anyway, there should be yet another file which does processing, because you have two forms which only have code to select data, I see no inserts, so there should be more. Honestly, this is too complicated for me to just pick up and help with, because of the structure I am unfamiliar with. If I were you, I would tell the original programmers to help support you somewhat, or try to get some money back, if they misled you about the ease of use for this code. Best of luck.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.