Jump to content

MadDawgX

Members
  • Posts

    40
  • Joined

  • Last visited

    Never

Everything posted by MadDawgX

  1. Okay that will work. Another thing, Im not sure about the securities of flash, but what if someone was able to get ahold of the link to the submitting page. Would they be able to manipulate a score? If so is there a way to prevent that?
  2. Hey, I have a flash game set up and a highscore table. I have it setup so upon completion of the game the user submits his/her score and it POSTS the data to a php file where it is added to the database. The problem is, it's not very secure. When submitted the user can refresh the page so that it adds the score again. Im also certain there are other insecurities with the system. So, I need suggestions on how I can make this as secure as possible. Thanks
  3. Ahh it's working now, I had a typo with my username in the path And thanks awpti for that correction Solved!
  4. Ok, I updated it and still no results Here's where I got the info from my host: http://www.bihira.com/vbulletin/showthread.php?t=323&highlight=Cron
  5. Ok, so I checked with my host I got an answer; here's the command: php /home/ufnwvwju/public_html/temp/cron_shares.php But it doesn't seem to be working? Here is cron_shares.php: // ******************************* // INITIALIZE // ******************************* session_start(); mysql_connect("localhost", "****", "****") or die(mysql_error()); mysql_select_db("ufnwvwju_sb") or die(mysql_error()); // ******************************* // CRON JOB // ******************************* $g_stats = mysql_query("SELECT * FROM sb_stats"); $stats_shares = mysql_result($g_stats,0,'stats_shares'); $stats_mbal = mysql_result($g_stats,0,'stats_mbal'); $share_value = number_format($stats_mbal / $stats_shares,4); $i_share = mysql_query("INSERT INTO sb_shares (shares_value) VALUES('$share_value')"); But the database is turning up empty?
  6. Ok, so say I have a script titled 'update.php' in the index of my website. When I goto my cpanel, I have an item called Cron Jobs which I then get to a page where I specify the command. So is this what I put? MINUTE HOUR DAY MONTH WEEKDAY COMMAND 10 * * * * update.php Or do I have to specify an exact path? Im on a shared server through Bihira.com btw
  7. Yeah that's what I figured, but wasn't sure. And no, I know absolutely nothing about them, never used them before... is it simple for something like this?
  8. Hey, How can I execute some PHP/MYSQL on an exact time basis (every 10 minutes) - Thanks
  9. Hey there, I have a variable storing a string that contains many strings with in it and are separated with *'s. How can i separate these values and store them in there own respective variables Eg. $var = "1*test1*test2*test3" How can I store the value 1 in $sep1 or test3 in $sep4 ?
  10. Hey there, Using the 'date' field in my Mysql Table, how do I: 1. Determine the current time/date in Php, which can go into that date field 2. Determine whether or not it is 24 hrs. after the value in the date field. - Thanx
  11. Hey there, I need an efficient way to store tons of images (just image names, not the file). Then, recored for every 24 hours, an IP address for everyone that has clicked on the LINK to the image. I was thinking Text Files would be a good choice, but I don't know how to go about this. - Thanx, MadDawgX
  12. Hey there, I've got some code to delete a file: It's basically just not working, so it won't show the file location which shows that file_exist isn't working. Though if the file is an image, it WILL display the image. So the problem is with file_exist, any help appreciated. <?php // Delete Message $Del = 0; if(isset($_GET['del'])) { $Del = $_GET['del']; } // Connect Database // ************* // Delete File if ($Del != 0) { // Check File $qCheck = "SELECT * FROM files WHERE id='$Del'"; $rCheck = mysql_query($qCheck) or die('Query failed.'.mysql_error()); if(mysql_num_rows($rCheck)==1) { // Delete File $FileLoc = mysql_result($rCheck,0,'loc'); $Filename = "/team/uploads/".$FileLoc; if (file_exists($Filename)) { echo $Filename; // DEBUG unlink($Filename); } echo "<img src='$Filename'>"; //DEBUG //$qDel = "DELETE FROM files WHERE id='$Del'"; //$rDel = mysql_query($qDel) or die('Query failed.'.mysql_error()); //header('Location: ***'); } else { //header('Location: ***'); } } else { //header('Location: ***'); } ?>
  13. <?php // Connect Database $Db = mysql_connect ('***********','twistere_solace','*******); mysql_select_db ('twistere_team',$Db); ?>
  14. It's just ['ffile'] becuase all the other ones start with 'f' ( ['fdes'] ['fname'] etc.) I've got no problem with it being file, but does it really matter?
  15. ahh my bad. Do you see an error?
  16. Okay, the paging system I use works so that this file is included inside a table under the index.php file. Using the id and page to organize the files. So this would be id=3 and page=4 (4.php) $Upload = 0; // Upload File if (isset($_POST['ffile'])) { // File Values $UploadFile = $_POST['ffile']; $UploadPath = "uploads/"; $UploadPath = $UploadPath . basename($_FILES['ffile']['name']); // New File if (isset($_POST['fcat']) and isset($_POST['fname']) and isset($_POST['fdes'])) { if(move_uploaded_file($_FILES['ffile']['tmp_name'],$UploadPath)) { $Upload = 1; } else { $Upload = 3; } } } // Header echo "<table width='90%' height='2%' cellspacing='0' cellpadding='0' class='Head'>"; echo "<tr>"; echo "<td class='Head'>Upload File"; echo "<hr size='2' color='#CCCCC'>"; echo "</td>"; echo "</tr>"; echo "</table>"; f ($Upload == 0) { // Draw Categories echo "<table align='center' bordercolor='#000000' border='1' width='100%' cellpadding='3'"; echo "style='margin: 0px; padding: 0px; border-collapse: collapse; border-color:#000000;'>"; // Title echo "<tr bgcolor='#313131' class='textNormSmall'>"; echo "<td colspan='3'>Upload File</td>"; echo "</tr>"; // Body echo "<tr class='textNormSmallItalics'><td>"; echo "<form action='index.php?id=3&page=4' method='post' enctype='multipart/form-data'>"; echo "<table valign='top' class='textNormSmall' align='left'>"; echo "<tr><td width='100'>Category:</td><td width='100'>"; echo "<select class='textNormSmall' name='fcat'>"; echo "<option>$LogUsername</option>"; $qProject = "SELECT name FROM projects"; $rProject = mysql_query($qProject) or die('Query failed. ' . mysql_error()); while ($rowProject = mysql_fetch_assoc($rProject)) { $ProjectName = $rowProject['name']; echo "<option>$ProjectName</option>"; } echo "</select>"; echo "</td></tr>"; echo "<tr><td width='100'>Name:</td><td width='200'>"; echo "<input class='textNormSmallItalics' name='fname' maxlength='40' type='text'>"; echo "</td></tr>"; echo "<tr><td width='100'>File:</td><td width='100'><input name='ffile' type='file' /></td></tr>"; echo "<tr><td width='100'>Overwrite:</td><td width='100'><input name='fover' type='checkbox'/></td></tr>"; echo "<tr><td width='100'>Description:</td><td width='100'>"; echo "<textarea class='textNormSmallItalics' name='fdes' rows='12' cols='60'></textarea>"; echo "</td></tr>"; echo "</table>"; echo "<br><center><input name='Submit' type='submit' value='Upload' /></center>"; echo "</form>"; echo "</td></tr>"; echo "</table>"; } elseif ($Upload == 1) { // Get File Id $qFileId = "SELECT id FROM files WHERE loc='$UploadFile'"; $rFileId = mysql_query($qFileId) or die('Query failed. ' . mysql_error()); $FileId = mysql_result($rFileId,0,'id'); echo "<div align='center' class='textNormSmall'>"; echo "<b><i><a href='index.php?id=3&page=2&file=$FileId'>File Uploaded. Click here to view the File.</a></i></b>"; echo "</div>"; } elseif ($Upload == 2) { $Error = "<div class='outError'>You do not have permission to edit overwrite this File!</div>"; echo "<center><table height='50' width='300'><tr><td>$Error</td></tr></table></center>"; } elseif ($Upload == 3) { $Error = "<div class='outError'>Error! Could not upload File</div>"; echo "<center><table height='50' width='300'><tr><td>$Error</td></tr></table></center>"; }
  17. Okay, I've now got: <form action='index.php?id=3&page=4' method='post' enctype='multipart/form-data'> And the input field and upload code is the same. It now just sorta refreshes the page, and doesn't even display an error message.
  18. Hey there, Im having some problems uploading a file using a form. Here's what I got: if (isset($_POST['ffile'])) { $UploadPath = "uploads/"; $UploadPath = $UploadPath . basename($_FILES['ffile']['name']); if(move_uploaded_file($_FILES['ffile']['tmp_name'],$UploadPath)) { $Upload = 1; } else { $Upload = 3; } And the file part of the form is: <input type='file' name='ffile'/> $Upload is returning 3 which the debug message for Upload Failed. Also, $UploadPath is only returning "uploads/" Any help appreciated.
  19. Hey there, I need some help on an issue. I've create a Team Control Panel which has a File Management System where team members can upload files to the server. My problem is, I want to be able to only make these files accessible from inside the Control Panel when the user is logged in. Obviously don't want any outsiders getting our top secret files So how would I got about this?
  20. Okay, unix_timestamp() didn't work but NOW() did. Thanx.
  21. Didn't work. Isn't unix_timestamp() a MYSQL function. I got the error:
  22. Hey there, I'm having some problems on updating a timestamp field (active) in my Table (users). Here's what I got: // QUERY - Get User Data $qUserData = "SELECT * FROM users WHERE name='$LogUsername'"; $rUserData = mysql_query($qUserData) or die('Query failed. ' . mysql_error()); // Get Data $LogId = mysql_result($rUserData,0,'id'); // QUERY - Update Last Active $qLastLog = "UPDATE users SET active=unix_timestamp() WHERE id='LogId'"; $rLastLog = mysql_query($qLastLog) or die('Query failed. ' . mysql_error()); It just doesn't work. A couple things: 1. $LogId is returing 1 which is correct. 2. Nothing is affected in the active field of the row with id of 1. - Thanx
  23. Hey there. What's wrong with the following syntax: $qPost = "INSERT INTO chat (cat,by,rank,mes) VALUES ('$ChatPage','$LogUsername','$LogRank','$NewChat')"; $rPost = mysql_query($qPost) or die('Query failed. ' . mysql_error()); It's throwing:
  24. Okay, well the column type is date, so would that mean the first option is probably best?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.