-
Posts
1,187 -
Joined
-
Last visited
-
Days Won
1
Posts posted by tibberous
-
-
Some servers have a setting that prevents sending mail from nobody, which might be the default.
Try using a from header, if your not already.
-
`touch test.txt`
Only works on Lindows, and other Lindows variants.
-
Thats where I bought my eATX case. I tried calling supermicro too, they said they think it is custom, which means that even if I get a case that's physically big enough, there is no guarantee that it's laid out right.
-
It's a 1U rackmount server, I'm colocating it off-site, so it needs to still be able to fit into the rack.
-
I have a motherboard that is 15 inches long, and have no idea what kind of case to buy for it. I think it might be eATX, but it seems like eATX stops at 13.5 inches. Does anyone know of a form factor that is 15 inches long? I got the server off of eBay.
-
If I were you, I would split it into four separate preg_matches, then use a preg_match_all to make sure the username before the : is the same as the username after the / in the last two examples.
-
If I am trying to get a single record from a database, by it's unique key, is there any reason to specify 'limit 1'? Now that I think about it, if the key is unique, then saying where key=anything should infer limit 1, an optimization that I would think mysql's designers would not have overlooked.
-
I have two tables, each with id's. These id's overlap. I could delete the id column and reinsert the records, but other records refer to these records by id.
Is there a good way to do this?
-
I have camtasia, but I was looking for a lightweight video editor that I could put my videos together with and maybe add in music. Looking for something with very little learning curve. Any suggestions?
-
...so even if they crack the hash they still don't know the pass.
The salts are to prevent hackers from using precompiled lookup tables against your database, and to a less extend to prevent them from creating their own. If you add a unique salt to each record records, it means that each password must be solved individually.
-
The ajax just keeps reading the value of the 3rd script (ie: the value of the processing record). When the ajax reads in a processing value of 1, then your done, so just say loaded or re-direct or whatever else it would make sense to do.
-
I finally said hell with it and just started to try and break my web app. I came up with this test:
'"< \“smart quotes” >"'
'"< \“smart quotes” >"'
'"< \“smart quotes” >"'
If my app could pass that through all it's fields, it was secure. The problem is that it blew it up. Alot.
So, I came up with the idea of keeping the data unescaped in the database, and to use escape functions to display the data based on the context I was using it. So, it was in an xml file, I'd go x($username), but if it was in a line of javascript code, I'd use e($username). And d was for the database, and h was for html.
I've used a ton of different methods, but this seems to be the cleanest way I've found. The functions themselves are simple too:
function x($input){ $input = str_replace(array('"', "'", "<", ">", "\r\n", "\n", chr(145), chr(146), chr(147), chr(148), chr(151)), array(""", "'", "<", ">", "\r", "\n", "'", "'", '"', '"', '-'), $input); return trim($input); }
How would you guys recommend to consistently escape data?
-
You should sent that to your accountant
-
He's sending me to a health spa type thing, which is cool, but I almost feel like he's playing too many RPG's. Like, "Trent is low on life points! -4 to programming. Take him to the health spa".
If I was a boss I think I'd just give people raises and days off - though when you think about it, you could send someone to the health spa like 20 times for less than a $5,000 a year raise -- and if they just used that raise to pay off bills, they might still be stressed at work.
Do your bosses do weird stuff?
-
What it does is go through the the subscripts until it hits one that it undefined, when then evaluates to false, when then breaks the loop.
So, yes, you are using an undefined offset... that is the point, and also why I code with notices turned off.
Add error_reporting(2). Or turn it off in WAMP... however you do that...
-
Does the code work? A notice isn't an error.
-
LOL.
while($dbarray = mysql_fetch_row($result)) for($t=1; $dbarray[$t]; $t++) echo "<input type=\"text\" name=\"".$dbarray[$t]."\" value=\"".$dbarray[$t]."\" /><br />";
-
Create a php page that calls your other PHP script from the command line as a background process, that way it won't timeout. Set the time limit of your 30 second script to 0 (infinite). Create a table with a record called processing, set it to false in the first script. Add a line to set it to true in your second script. Then make a php page that outputs the value of the processing record.
Now, either create a Flash app or some ajax that checks the processing flag by loading the check page. When the 30 second script finishes, it will change the value, the process reading script will return done, and the Ajax / Flash can then react.
Keep in mind browsers (internet explorer) like to cache shit, so when you reload the page to see if the process is done, don't just load "check.php", load "check.php?nocache="+Math.random().
-
I just watched the first 5 minutes, and would like to say that code ignighter looks gay. Just learn how to write good PHP and you won't need a framework.
-
-
I don;t believe this query will work... RESTAURANT is not a column name here...
Here's alink PFMaBiSmAd showed us yesterday.
http://www.eklekt.com/tutorials/mysql
Awesome!
-
I have a table with several types in an enum, lets say Stores, Offices and Restaurants.
I can order by desc, and get Offices, Restaurants, Stores. I can order by asc and get Stores, Restaurants, Offices.
Lets say though I wanted Restaurants, Stores, Offices. Is there a way I can say, return X, then Y, then Z?
-
Wrap the logic in a function, then use returns.
<?php function login(){ $username = mysql_real_escape_string($_POST['username']); $password = strtolower(mysql_real_escape_string($_POST['password'])); $email = mysql_real_escape_string($_POST['email']); if (! ((strlen($username) > 2) && (strlen($username) < 17))) return "User registration error: username length must be between 3 and 16 characters"; if (! ((strlen($password) > 5) && (strlen($password) < 17))) return "User registration error: password length must be between 6 and 16 characters"; if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$", $email)) return "User registration error: invalid email"; $userQuery = mysql_query("SELECT userID FROM user WHERE userID='$username'") or die(mysql_error()); if (!mysql_num_rows($userQuery)){ $password = md5($password); $userQuery = mysql_query("INSERT INTO user (userID, password, email) VALUES($username, $password, $email)") or die(mysql_error()); header("Location: login.php"); } return false; } if (isset($_POST['register'])) { $error = login(); } ?> <Html code for the user registration page follows>
That's the correct way to do it in PHP. You could also use try... catch statements, which is the correct way to do it in java, but will get you made fun of here.
-
Yeah, you never set $password equal to $_REQUEST['password'], you set it equal to "***". You have a password for the mysql database and a password for the user, but your getting them confused because you named them both password.
Another High School Site
in Website Critique
Posted
That's the best site I've ever seen posted here -- it is just an awesome layout.