Jump to content


  • Posts

  • Joined

  • Last visited


Posts posted by pixy

  1. [quote author=redarrow link=topic=100639.msg397509#msg397509 date=1152934652]
    while ($row = mysql_fetch_assoc($result)) <<<<<<<<<<<<<<<<<<<<<<<<<
    [/quote] Whoa, I totally missed that. XD

    Also, if you are naming the fields specifically you can use mysql_fetch_array($result, MYSQL_NUM); and refer to $row[0] for the first row returned, $row[1], etc--I'm pretty sure it's supposed to be faster.
  2. Alrighty, well my escape_data funtion detects if magic_quotes is on, and fixes the info based on that.

    I'll remove addslashes, that makes sense that it doesn't work because of it. I've got localhost installed on my other computer so I'll try it later. Thank you [b]so much[/b] for your help. <333
  3. What error are you getting? Or are you just wanting for us to look at it and see if it's right?

    What I would do is check if the cookie IS NOT set, instead of if it is. That way you handle it first and die() the script...

    if (!isset($_COOKIE['my_site_id'])) {
        echo 'Dude, log your butt into the system!';
        header("location: loginpage.php");
    else {
        // Do what you want
  4. Well that way it returns TRUE if it worked and you know it's sucessfully, if it doesn't work then you handle the error.

    Honestly, I have put "or die(mysql_error());" but I always check if the query was sucessful first.

    What's better is to do something like...
    if (mysql_num_rows($result) != 0) {
      // do while loop
    else {
       echo 'There is nothing in the database that matches criteria.';

    Oh, and since you're using double quotes you don't have to due the concatenation . to put the mysql_error() with the message. I make a habbit of coding with single quotes since it's faster for the script to process when it doesn't have to parse for variables and code...
  5. ^ When I used only cookies I did md5() on their username and saw if it matched the md5($_COOKIE['user']), but someone could change that...

    Do you have to do anything like that with sessions? I just store $_SESSION['user'] as their username, uncoded...but it doesn't show up on their computer so they can't change it...right?

    And heckenschutze, why do you say that suppressing errors with @ is not lazy? O_O
  6. It doesn't go into a database, I'm doing this when it comes out. This is for a forum script I'm writing, and if I insert into the database the bbcode($msg) then it'll change it all in the database and when they go to edit a post it would show all the code--which I dont allow and strip out with htmlspecialchars();

    I have an escape_data() function I wrote that validates data to combat magic quotes...but I use that on EVERYTHING. O_O
  7. http://www.phpfreaks.com/forums/index.php?action=dlattach;topic=100627.0;attach=92

    Thats the link it gave me...

    Here's the part i was working on...
    // These patterns replace URL BB code
    $patterns = array();
            $replacements = array();

            $patterns[] = "#\[color=([^\"'<>]*?)\](.*?)\[/color\]#Ssi";
            $replacements[] = '<font color="\1">\2</font>';

            $patterns[] = "#\[size=([+-]?[0-9]{1,2})\](.*?)\[/size\]#Ssie";
            $replacements[] = '"<font style=\"font-size: ".createAbsFSizeFromRel(\'$1\').";\">".stripslashes(\'$2\')."</font>"';

            $patterns[] = "#\[font=([a-z\r\n\t 0-9]+)\](.*?)\[/font\]#Ssi";
            $replacements[] = '<font face="\1">\2</font>';

            $patterns[] = "#\[align=([a-z]+)\](.*?)\[/align\]#Ssi";
            $replacements[] = '<p align="\1">\2</p>';

        $patterns[] = "#\[url\]([a-z]+?://){1}([^\"'<>]*?)\[/url\]#Smi";
            $replacements[] = '<a href="\1\2" target="_blank">\1\2</a>';

            $patterns[] = "#\[url\]([^\"'<>]*?)\[/url\]#Smi";
            $replacements[] = '<a href="http://\1" target="_blank">\1</a>';

            $patterns[] = "#\[url=([a-z]+?://){1}([^\"'<>]*?)\](.*?)\[/url\]#Smi";
            $replacements[] = '<a href="\1\2" target="_blank">\3</a>';

            $patterns[] = "#\[url=([^\"'<>]*?)\](.*?)\[/url\]#Smi";
            $replacements[] = '<a href="http://\1" target="_blank">\2</a>';

            $patterns[] = "#\[email\]([^\"'<>]*?)\[/email\]#Smi";
            $replacements[] = '<a href="mailto:\1">\1</a>';

            $patterns[] = "#\[email=([^\"'<>]*?){1}([^\"]*?)\](.*?)\[/email\]#Smi";
            $replacements[] = '<a href="mailto:\1\2">\3</a>';

            $message = preg_replace($patterns, $replacements, $message);
            $message = addslashes($message);
    $message = nl2br($message);
    return $message;
  8. ^ I didn't know I mentioned time difference, but okie dokey.

    I have a question: Couldn't someone go in and edit their cookie? The whole reason I switched coding to sessions was because I didn't want someone to go into their cookie, edit the file, and try to log in as someone else...?
  9. ^ Its right where the signature would be in my last post:

    Re: Problem with BBCode
    « Reply #4 on: Today at 09:37:22 pm » Quote Modify Remove 

    Here, i attached it as text since it was messing up the boards... 

    [b]stuff.txt (5.17 KB - downloaded 0 times.)[/b]

    Report to moderator  IP
  10. When you go back to the index after logging out, refresh the page and see if it kicks you off. Then, the worst that can happen is they see the main page after logging out--but if they click something it will load that page and kick them off anyways.
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.