pixy
-
Posts
295 -
Joined
-
Last visited
Never
Posts posted by pixy
-
-
[quote author=BillyBoB link=topic=100621.msg397498#msg397498 date=1152934020]
im saying how do u make the user login
so that u dont have to use the dredful ob_start();
[/quote]
Just put session_start(); at the top of the page. Ditch the cookies, and use sessions. They're more secure anyways. -
[quote author=redarrow link=topic=100639.msg397509#msg397509 date=1152934652]
while ($row = mysql_fetch_assoc($result)) <<<<<<<<<<<<<<<<<<<<<<<<<
[/quote] Whoa, I totally missed that. XD
Also, if you are naming the fields specifically you can use mysql_fetch_array($result, MYSQL_NUM); and refer to $row[0] for the first row returned, $row[1], etc--I'm pretty sure it's supposed to be faster. -
Dude, yea. Tell us what error you get.
-
Alrighty, well my escape_data funtion detects if magic_quotes is on, and fixes the info based on that.
I'll remove addslashes, that makes sense that it doesn't work because of it. I've got localhost installed on my other computer so I'll try it later. Thank you [b]so much[/b] for your help. <333 -
Anything to help, dear. Let me know if it works.
-
What error are you getting? Or are you just wanting for us to look at it and see if it's right?
What I would do is check if the cookie IS NOT set, instead of if it is. That way you handle it first and die() the script...
if (!isset($_COOKIE['my_site_id'])) {
echo 'Dude, log your butt into the system!';
header("location: loginpage.php");
}
else {
// Do what you want
} -
Well that way it returns TRUE if it worked and you know it's sucessfully, if it doesn't work then you handle the error.
Honestly, I have put "or die(mysql_error());" but I always check if the query was sucessful first.
What's better is to do something like...
if (mysql_num_rows($result) != 0) {
// do while loop
}
else {
echo 'There is nothing in the database that matches criteria.';
}
Oh, and since you're using double quotes you don't have to due the concatenation . to put the mysql_error() with the message. I make a habbit of coding with single quotes since it's faster for the script to process when it doesn't have to parse for variables and code... -
^ When I used only cookies I did md5() on their username and saw if it matched the md5($_COOKIE['user']), but someone could change that...
Do you have to do anything like that with sessions? I just store $_SESSION['user'] as their username, uncoded...but it doesn't show up on their computer so they can't change it...right?
And heckenschutze, why do you say that suppressing errors with @ is not lazy? O_O -
You need to do this...
if ($result) {
// do stuff
}
else {
echo mysql_error();
} -
It doesn't go into a database, I'm doing this when it comes out. This is for a forum script I'm writing, and if I insert into the database the bbcode($msg) then it'll change it all in the database and when they go to edit a post it would show all the code--which I dont allow and strip out with htmlspecialchars();
I have an escape_data() function I wrote that validates data to combat magic quotes...but I use that on EVERYTHING. O_O -
http://www.phpfreaks.com/forums/index.php?action=dlattach;topic=100627.0;attach=92
Thats the link it gave me...
Here's the part i was working on...
[code]
<?php
// These patterns replace URL BB code
$patterns = array();
$replacements = array();
$patterns[] = "#\[color=([^\"'<>]*?)\](.*?)\[/color\]#Ssi";
$replacements[] = '<font color="\1">\2</font>';
$patterns[] = "#\[size=([+-]?[0-9]{1,2})\](.*?)\[/size\]#Ssie";
$replacements[] = '"<font style=\"font-size: ".createAbsFSizeFromRel(\'$1\').";\">".stripslashes(\'$2\')."</font>"';
$patterns[] = "#\[font=([a-z\r\n\t 0-9]+)\](.*?)\[/font\]#Ssi";
$replacements[] = '<font face="\1">\2</font>';
$patterns[] = "#\[align=([a-z]+)\](.*?)\[/align\]#Ssi";
$replacements[] = '<p align="\1">\2</p>';
$patterns[] = "#\[url\]([a-z]+?://){1}([^\"'<>]*?)\[/url\]#Smi";
$replacements[] = '<a href="\1\2" target="_blank">\1\2</a>';
$patterns[] = "#\[url\]([^\"'<>]*?)\[/url\]#Smi";
$replacements[] = '<a href="http://\1" target="_blank">\1</a>';
$patterns[] = "#\[url=([a-z]+?://){1}([^\"'<>]*?)\](.*?)\[/url\]#Smi";
$replacements[] = '<a href="\1\2" target="_blank">\3</a>';
$patterns[] = "#\[url=([^\"'<>]*?)\](.*?)\[/url\]#Smi";
$replacements[] = '<a href="http://\1" target="_blank">\2</a>';
$patterns[] = "#\[email\]([^\"'<>]*?)\[/email\]#Smi";
$replacements[] = '<a href="mailto:\1">\1</a>';
$patterns[] = "#\[email=([^\"'<>]*?){1}([^\"]*?)\](.*?)\[/email\]#Smi";
$replacements[] = '<a href="mailto:\1\2">\3</a>';
$message = preg_replace($patterns, $replacements, $message);
$message = addslashes($message);
$message = nl2br($message);
return $message;
}
?>
[/code]
-
^ I didn't know I mentioned time difference, but okie dokey.
I have a question: Couldn't someone go in and edit their cookie? The whole reason I switched coding to sessions was because I didn't want someone to go into their cookie, edit the file, and try to log in as someone else...? -
Lol, you're funny.
-
I think you might have to use JOINS, but I honestly don't understand those for the LIFE of me. You could look them up in the mySQL manual for the syntax.
-
Mine's better, I got it out of a book. :D Well, I remembered reading it in a book, so you might have to fix my syntax.
Lol, just let us know if it worked. -
[quote author=BillyBoB link=topic=100621.msg397383#msg397383 date=1152924622]
just put the following code at the very top i promise it make the headers work anywhere
[code]
<?php
ob_start();
?>
[/code]
[/quote] Lol, it makes me laugh that you always suggest output buffering and everyone says not to use it. XD -
you could use this...
if ((isset($_COOKIE['user']) && (!strpos("$_SERVER['php_self']", "logout.php") {
echo 'You wanna log out?';
}
else {
echo 'You wanna log in?';
}
Just an idea. -
^ Its right where the signature would be in my last post:
Re: Problem with BBCode
« Reply #4 on: Today at 09:37:22 pm » Quote Modify Remove
--------------------------------------------------------------------------------
Here, i attached it as text since it was messing up the boards...
--------------------------------------------------------------------------------
[b]stuff.txt (5.17 KB - downloaded 0 times.)[/b]
Report to moderator IP -
When you go back to the index after logging out, refresh the page and see if it kicks you off. Then, the worst that can happen is they see the main page after logging out--but if they click something it will load that page and kick them off anyways.
-
I would think it's because the file is cached?
-
Why can't you make it a php page and do this:
[code]
<?php
echo '<meta http-equiv="refresh" content="5;url=link.php">';
?>[/code] -
To Akitchin, I tried doing that but whenever it went inside the table the font only affected the inside of that table...which didn't help.
I did find it though. It was all wonky and whatnot, but it's good now. Thanks for the help. <3 -
Here, i attached it as text since it was messing up the boards...
[attachment deleted by admin] -
This is my entire BBCode function...
I think you're going to have to look at the source of this, since the fact that i'm using BBCode is messing up the [ code ] stuff...
EDIT:
See my next post.
Next Sunday
in PHP Coding Help
Posted