localhost
-
Posts
152 -
Joined
-
Last visited
Never
Posts posted by localhost
-
-
Back into php after about 6 months, trying to re learn alot, started making a quick program that just creates a random math problem, addition or multiplication with numbers 1-9 to verify wether it's a bot or not. So far I've got it generating random math problems with those variables as seen here:
http://74.70.230.229/verification/verify.php
Now I know I can make it so they must enter the answer and have it verify it, except for the part where I'm trying to figure out the answer to the question myself! In order to display the images for the numbers, I made the variable $keyone equal to images/filename.gif. Now I'm trying to convert it back to the number and then do the math, with horrible failure, wondering if anyone could give any advice.
Before you look at the code, I know it is EXTREMELY inefficient and awful, just something to get me back into the programming mindset.
Code:
<?php function randkey($length) { $pattern = "123456789"; for($i=0;$i<$length;$i++) { if(isset($key)) $key .= $pattern{rand(0,9)}; else $key = $pattern{rand(0,}; } return $key; } $keyone = randkey(1); $keytwo = randkey(1); // determine if its + or * $func_id = rand(0,1); if ($func_id==0) { $function = "+"; $function = "images/plus.gif"; } else { $function = "*"; $function = "images/multiply.gif"; } // end of + or * // convert the number into the number image if ($keyone=="1") { $keyone = "images/one.gif"; } elseif ($keyone=="2") { $keyone = "images/two.gif"; } elseif ($keyone=="3") { $keyone = "images/three.gif"; } elseif ($keyone=="4") { $keyone = "images/four.gif"; } elseif ($keyone=="5") { $keyone = "images/five.gif"; } elseif ($keyone=="6") { $keyone = "images/six.gif"; } elseif ($keyone=="7") { $keyone = "images/seven.gif"; } elseif ($keyone=="8") { $keyone = "images/eight.gif"; } elseif ($keyone=="9") { $keyone = "images/nine.gif"; } if ($keytwo=="1") { $keytwo = "images/one.gif"; } elseif ($keytwo=="2") { $keytwo = "images/two.gif"; } elseif ($keytwo=="3") { $keytwo = "images/three.gif"; } elseif ($keytwo=="4") { $keytwo = "images/four.gif"; } elseif ($keytwo=="5") { $keytwo = "images/five.gif"; } elseif ($keytwo=="6") { $keytwo = "images/six.gif"; } elseif ($keytwo=="7") { $keytwo = "images/seven.gif"; } elseif ($keytwo=="8") { $keytwo = "images/eight.gif"; } elseif ($keytwo=="9") { $keytwo = "images/nine.gif"; } // end of number to number image conversion // display in image the problem - x (+or*) x echo "<img src=\"$keyone\"> <img src=\"$function\"> <img src=\"$keytwo\"> <br />"; // end of display ?> -
My registration script is only showing one error if there is one or more errors.
this is the script, thanks for any help you can provide:
[code]
<?php
define("IN_OMEGA", true);
$omega_root_path = "./";
include($omega_root_path."base.php");
if (isset($_POST['submit']))
{
$username = htmlspecialchars(trim($_POST['username']));
$password = md5(crypt(htmlspecialchars(trim($_POST['password'])), strlen($_POST['password'])));
$confpass = md5(crypt(htmlspecialchars(trim($_POST['confpass'])), strlen($_POST['confpass'])));
$email = htmlspecialchars(trim($_POST['email']));
$errors = array();
if (empty($username))
{
$errors[] = "Username field is empty";
} elseif (empty($password))
{
$errors[] = "Password field is empty";
} elseif ($password!=$confpass)
{
$errors[] = "Passwords do not match";
} elseif (empty($email))
{
$errors[] = "E-Mail Address field is empty";
}
$error_count = sizeof($errors);
$error_phrase = (($error_count)==1) ? "<strong>There was a problem with your registration attempt:</strong><br />" : "<strong>There were some problems with your registration attempt:</strong><br />";
if (($error_count)==0)
{
$create_user = sql_query("INSERT INTO " . USERS_TABLE . " (`user_groupid`, `username`, `password`, `email`, `login_key`, `reg_date`, `reg_ip`, `user_lastactivity`) VALUES ('" . $sitedata['default_ugid'] . "', '" . $username . "', '" . $password . "', '" . $email . "', '" . crypt($username, rand(15,3648)) . "', '" . mktime() . "', '" . $_SERVER['REMOTE_ADDR'] . "', '" . mktime() . "')");
} else {
echo $error_phrase;
foreach ($errors as $error)
{
echo "-" . $error . "<br />";
}
}
}
$template = new template("templates/" . $sitedata['template_dir'] . "/register.tpl");
$template->output();
?>
[/code] -
I want to secure these two as best as possible, for $_POST I am using htmlspecialchars, and trim. I want to refrain from using addslashes/stripslashes.
What else should I use? -
you mean like...
[code]
<?php
session_start();
if ($_SESSION['name'])
{
include('incfile');
} else {
include('otherincfile');
$_SESSION['name'] = "value";
}
?>
[/code]
??? -
Pardon?
-
I was hoping someone could help me out with this, it is pretty self-explanatory.
[code]
$sentence = "i wanna make the beginning letter capital only.";
// $words is now an array
$words = explode(" ", $sentence);
foreach ($words as $word)
{
$word = strtoupper(substr($word, 1, 1));
echo $word;
}
[/code]
This outputs:
AAHEEAN
Thanks for any help you can give. -
Basically, I know there are tons of free things where you put in your html and it encodes it with javascript so it still works but makes it ridiculously difficult for others to edit. Well...I need this to work with a php function, so I can do encodehtml($input); and have it return the input encoded.
Any help? Thanks! -
I want to know how to secure my scripts from as much as I possibly can...
for $_GET
$_POST
so far for POST I use htmlentities and mysql real escape string...and for $_GET i have nothing.
thanks
-dan -
thanks! works perfect!
-
my users online script is only displaying one user even if two are active in the past 5 minutes...any ideas?
script:
[code=php:0]$FiveMinutes = time()-300;
$UsersOnline = Query("Select * From `users` Where `LastActive` >= '" . $FiveMinutes . "'");
while ($FetchUsers = FetchArray($UsersOnline)) {
$User = array($FetchUsers['Username']); }
$Template = new Template("templates/ForumStatistics.tpl");
$Template->Tags(array(
'MemberCount' => "$MemberCount",
'ThreadCount' => "$ThreadCount",
'PostCount' => "$PostCount",
'UsersOnline' => "" . implode(", ", $User) . ""));
$Template->Display();
[/code]
thanks! -
that is the exact code and i still get the error for input().
-
class_core.php
[code=php:0]
class Omega
{
var $Omega;
function Omega()
{
function Query($Query)
{
$Result = @mysql_query($Query);
if (!$Result)
{
echo mysql_error();
return false;
} else {
return $Result;
}
}
function FetchArray($SelectQuery)
{
$Result = @mysql_fetch_array($SelectQuery);
if (!$Result)
{
echo mysql_error();
return false;
} else {
return $Result;
}
}
function NumRows($Query)
{
$Result = @mysql_num_rows($Query);
if (!$Result)
{
echo mysql_error();
return false;
} else {
return $Result;
}
}
function Input($PostInput)
{
$Output = mysql_real_escape_string(htmlentities($PostInput));
if (!empty($PostInput))
{
return $Output;
} else {
echo 'OmegaInput(): Invalid or no string specified.';
exit();
}
}
}
}
?>
[/code]
text.php
[code=php:0]
<?php
require('include/class_core.php');
$Omega = new Omega();
$text = $Omega->Input($_POST['text']);
echo $text;
?>
<form action="<?php $PHP_SELF; ?>" method="post">
texT:
<input type="text" name="text" />
</form>
[/code]
I get the error:
Fatal error: Call to undefined function: input()
I want to be able to use that clsas core file and have $Omega->Function functions....
any ideas? i know it can be done i just forget how :P -
-
well basically, the strlen stuff, and the $error array isnt working! i have no idea why....sorry about not posting inside the code thing, i did but then i editted it to show updated code.
-
[code]$error = array();
if (isset($_POST['submit']) && !empty($_POST['user_name']) && !empty($_POST['pass1'])
&& !empty($_POST['pass2']) && !empty($_POST['email'])) {
// Define POST variables
$user_name = stripinput(trim($_POST['user_name']));
$pass1 = stripinput(trim($_POST['pass1']));
$pass2 = stripinput(trim($_POST['pass2']));
$email = stripinput(trim($_POST['email']));
$hide_email = stripinput(trim($_POST['hide_email']));
// Check if username is already in use
$sql_check_user = query("SELECT user_name FROM `" . $config['table_prefix'] . "members` WHERE user_name = '$user_name'");
$sql_num_user = num_rows($sql_check_user);
if ($sql_num_user >= 1) {
$error[] = 'Username ' . $user_name . ' already in use.';
}
if (strlen($user_name) < 4 || strlen($user_name) > 16)
{
$error[] = 'Username must be more than 4 characters, but less than 16. Your username is currently ' . strlen($user_name) . ' characters long.';
}
// Check if Email address is already in use
$sql_check_email = query("SELECT email FROM `" . $config['table_prefix'] . "members` WHERE email = '$email'");
$sql_num_email = num_rows($sql_check_email);
if ($sql_num_email >= 1) {
$error[] = 'Email Address ' . $email . ' already in use.';
}
if (strlen($email) < 12 || strlen($email) > 35)
{
$error[] = 'Email Address must be within 12 and 35 characters, your email is currently ' . strlen($email) . ' characters.';
}
// Make sure both passwords entered are identical
if ($pass1 != $pass2) {
$error[] = 'The passwords entered do not match.';
}
// Make sure Email address is in valid format
if (!eregi("[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}",$email)) {
$error[] = 'Email address format is not valid.';
}
// Encrypt password using sha1();
$password = sha1($pass1);
// Generate random activation key
$act = rand(1, 99999);
$act_key = md5($act);
// Create login key
$stepkey = randomkeys(32);
$step2 = base64_encode($stepkey);
$loginkey = md5(sha1($step2));
// Insert details into database table
if(count($error) > 0) {
foreach($error as $key => $value) {
$alert .= $value;
}
$sql_insert_user = query("INSERT INTO `" . $config['table_prefix'] . "members` (`user_name`, `password`, `email`, `regip`,
`hide_email`, `join_date`, `act_key`, `usergroupID`, `loginkey`) VALUES ('$user_name', '$password', '$email', '$ip_address', '$hide_email', '$time', '$act_key', '0', '$loginkey')");
$to=$email;
$subject="Thank you for signing up to site name !";
$header="From: Administration <$SITE_URL>";
$message="Your Activation link \r\n";
$message.="Click on this link to activate your account \r\n";
$message.="http://$SITE_URL/activate.php?key=$act_key";
$sentmail = mail($to,$subject,$message,$header);
if ($sentmail) {
$alert = "An email has been dispatched to $email in order to activate your user account.";
}
}
}[/code]
-
worked wonderfully! thanks!
-
i am using a dateline, so for making registered date, the regdate is mktime();
i can easily decode it by putting date("dateformat", $dateline);
so i am making a function to decode the time in my format...not sure why its not working, probably something simple.
[code=php:0]
function decodeTime($dateline)
{
date("m-d-Y h:i A", $dateline);
return $dateline;
}
[/code]
any ideas? -
mainframe:
[code]
</td>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<link href="../templates/default/default.css" rel="stylesheet" type="text/css" />
</head>
<td width="1%"> </td>
<td width="82%" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="15" height="26" ><img src="../templates/default/images/left.jpg" width="15" height="26" /></td>
<td height="26" class="catgb"><span class="catname"> Welcome to your Admin Panel </span></td>
<td width="15" height="26"><img src="../templates/default/images/right.jpg" width="15" height="26" /></td>
</tr>
</table>
<table width="100%" border="0" cellpadding="7" cellspacing="1" bordercolor="#FFFFFF" bgcolor="#BCBCBC" class="cattable">
<tr>
<td width="5%" bordercolor="#BCBCBC" bgcolor="#FFFFFF"><div align="left">
<p>Welcome to the administration panel {USERNAME},</p>
<p> </p>
<p>Here you can configure your forum, members, see statistics, and much more! </p>
<p> </p>
<table width="100%" border="0" class="maintext">
<tr>
<td width="25%" bordercolor="#BCBCBC" bgcolor="#FFFFFF">Total Members: </td>
<td width="25%" bordercolor="#BCBCBC" bgcolor="#FCFCFC">{MEMBER_COUNT}</td>
<td bordercolor="#BCBCBC" bgcolor="#FFFFFF">Total Accounts Unconfirmed:</td>
<td width="25%" bordercolor="#BCBCBC" bgcolor="#FCFCFC">{ACCOUNT_UNCONFIRMED}</td>
</tr>
<tr>
<td bordercolor="#BCBCBC" bgcolor="#FFFFFF">Total Threads: </td>
<td bordercolor="#BCBCBC" bgcolor="#FCFCFC">{THREAD_COUNT}</td>
<td bordercolor="#BCBCBC" bgcolor="#FFFFFF">Users celebrating their birthday today:</td>
<td bordercolor="#BCBCBC" bgcolor="#FCFCFC">{BDAY_COUNT}</td>
</tr>
<tr>
<td bordercolor="#BCBCBC" bgcolor="#FFFFFF">Total Posts: </td>
<td bordercolor="#BCBCBC" bgcolor="#FCFCFC">{POST_COUNT}</td>
<td width="25%" bordercolor="#BCBCBC" bgcolor="#FFFFFF">Total Banned Users:</td>
<td bordercolor="#BCBCBC" bgcolor="#FCFCFC">{BANNED_COUNT}</td>
</tr>
<tr>
<td bordercolor="#BCBCBC" bgcolor="#FFFFFF">.Omega BB Version: </td>
<td bordercolor="#BCBCBC" bgcolor="#FCFCFC">.Omega BB Beta 1 </td>
<td bordercolor="#BCBCBC" bgcolor="#FFFFFF">Latest Version:</td>
<td bordercolor="#BCBCBC" bgcolor="#FCFCFC">Yes</td>
</tr>
<tr>
<td bordercolor="#BCBCBC" bgcolor="#FFFFFF">PHP Version: </td>
<td bordercolor="#BCBCBC" bgcolor="#FCFCFC">{PHP_VERSION}</td>
<td bordercolor="#BCBCBC" bgcolor="#FFFFFF">How many new members today:</td>
<td bordercolor="#BCBCBC" bgcolor="#FCFCFC">{MEMBERS_TODAY}</td>
</tr>
<tr>
<td bordercolor="#BCBCBC" bgcolor="#FFFFFF">MySQL Version: </td>
<td bordercolor="#BCBCBC" bgcolor="#FCFCFC">{MYSQL_VERSION}</td>
</tr>
</table>
</div></td>
</tr>
</table>
<br />
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="15" height="26"><img src="../templates/default/images/left.jpg" width="15" height="26" /></td>
<td height="26" class="catgb"><span class="catname"> Admin Notes </span></td>
<td width="15" height="26"><img src="../templates/default/images/right.jpg" width="15" height="26" /></td>
</tr>
</table>
<table width="100%" border="0" cellpadding="4" cellspacing="1" bordercolor="#FFFFFF" bgcolor="#BCBCBC" class="cattable">
<tr>
<td width="5%" bordercolor="#BCBCBC" bgcolor="#FFFFFF"><div align="left">
<p>Here you can store Admin Notes for yourself and other admins.</p>
<p>
<center>
<form action="{FORMACTION}" method="POST">
<textarea name="admin_notes" cols="120" rows="5">{ADMIN_NOTES}</textarea>
<br />
<input type="submit" name="submit" value="Save" />
</form>
</center>
</p>
</div></td>
</tr>
</table> <p> </p></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td colspan="3"><div class="footer"><div align="center">Powered by <a href="http://dotomega.com">dotOmega</a><br>
Copyright © 2006 <a href="http://dotomega.com">dotOmega Group</a></div></div></td>
</tr>
</table>
</p>
</body>
</html>
[/code]
leftframe:
[code]
<br />
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<link href="../templates/default/default.css" rel="stylesheet" type="text/css" />
</head>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="17%" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="15" height="26"><img src="../templates/default/images/left.jpg" width="15" height="26" /></td>
<td height="26" class="catgb"><span class="catname"> <a href='' class='headings'>Board Settings</a></span></td>
<td width="15" height="26"><img src="../templates/default/images/right.jpg" width="15" height="26" /></td>
</tr>
</table>
<table width="100%" border="0" cellpadding="4" cellspacing="1" bordercolor="#FFFFFF" bgcolor="#BCBCBC" class="cattable">
<tr>
<td width="5%" bordercolor="#BCBCBC" bgcolor="#FFFFFF"><div align="left"><a href=''>Change and Configure</a></img> </div></td>
</tr>
</table>
<br />
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="15" height="26"><img src="../templates/default/images/left.jpg" width="15" height="26" /></td>
<td height="26" class="catgb"><span class="catname"> <a href='' class='headings'>Forum Settings</a></span></td>
<td width="15" height="26"><img src="../templates/default/images/right.jpg" width="15" height="26" /></td>
</tr>
</table>
<table width="100%" border="0" cellpadding="4" cellspacing="1" bordercolor="#FFFFFF" bgcolor="#BCBCBC" class="cattable">
<tr>
<td width="5%" bordercolor="#BCBCBC" bgcolor="#FFFFFF"><div align="left"><a href=''>Create new forum</a> <br />
<a href=''>Manage Forums</a> <br />
<a href=''>Forum Permissions</a></div></td>
</tr>
</table>
<br />
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="15" height="26"><img src="../templates/default/images/left.jpg" width="15" height="26" /></td>
<td height="26" class="catgb"><span class="catname"> <a href='' class='headings'>Member Control</a></span></td>
<td width="15" height="26"><img src="../templates/default/images/right.jpg" width="15" height="26" /></td>
</tr>
</table>
<table width="100%" border="0" cellpadding="4" cellspacing="1" bordercolor="#FFFFFF" bgcolor="#BCBCBC" class="cattable">
<tr>
<td width="5%" bordercolor="#BCBCBC" bgcolor="#FFFFFF">
<div align="left">
<a href=''>Edit user </a> <br />
<a href=''>Find user</a> <br />
<a href=''>Delete user</a><br />
<a href=''>Ban user</a>
</div>
</td>
</tr>
</table> <p> </p></td>
</tr>
</table>
[/code] -
[code]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<link href="../templates/default/default.css" rel="stylesheet" type="text/css" />
</head>
<frameset rows="*" cols="212,*" framespacing="1" frameborder="no" border="1">
<frame src="menu.php" name="leftFrame" scrolling="auto" noresize="noresize" id="leftFrame" title="leftFrame" />
<frame src="main.php" name="mainFrame" scrolling="auto" id="mainFrame" title="main" />
</frameset>
<noframes><body>
</body>
</noframes></html>
[/code]
In every link I have, its just a href=link, no target. but if i load the admin index in mainFrame, then I have two leftframes!!!
-
anybody? its pretty important...
-
I have an administration panel coded by the wonderful Adrian, only, when it redirects to another location, it only redirects the right frame! I have tried using header location, window.location, document.location. No matter what it will always redirect the main frame there, and leave the left frame! Can anyone help? I don't think this requires you to see the frame script, but if you think it would help, ask and I will show it.
- Dan -
well right now i have it so on registration it creates a random number 1-9999999 and then md5's it. that is their loginkey, the cookie that is created, its content is userid-loginkey, so like '213-f761938942d1c06c9fb4b2d1644d147f'
Do you think this is secure enough? -
Well this is for forum software, so we cannot make it so they need to install something just to use it!
-
right now on my website, if you have a cookie editor, you can edit the user_name cookie from any username, to any username and act like anyone! I need to know how I can encrypt it so the user won't be able to change it without it messing up the cookie entirely. but I need it so I can decrypt it so I can display the username, unless there is another way?
Please post back.
bot spammer verification system
in PHP Coding Help
Posted
EmperorJazzy, is there anyway you could provide the code for your method?