tomfmason

Actually that was pretty easy to add '/^\(?(\d{3})\)?[-\. ]?(\d{3})[-\. ]?(\d{4})$/' If you replace the phone filter's regex with that one it should match the following as well <?php echo nl2br(print_r($validation->validate('phone','555.555.1212'),true)); echo nl2br(print_r($validation->validate('phone','(555).555.1212'),true)); echo nl2br(print_r($validation->validate('phone','(555)555.1212'),true)); ?>

Here is an excerpt from a validation class for one of my old projects. <?php class Validation { public $default_filters = array( 'email' =>array( 'regex'=>'/^[^@]+@[a-zA-Z0-9._-]+\.[a-zA-Z]+$/', 'message'=> 'is not a valid email format' ), 'phone' => array( 'regex'=>'/^\(?(\d{3})\)?[- ]?(\d{3})[- ]?(\d{4})$/', 'message' => 'is not a valid US phone number format.' ), 'zip' => array( 'regex'=>'/(^\d{5}$)|(^\d{5}-\d{4}$)/', 'message'=>'is not a valid US zipcode format.' ) ); public $filter_list = array(); function Validation($filters=false) { if(is_array($filters)) { $this->filters = $filters; } else { $this->filters = array(); } } function validate($filter,$value) { if(in_array($filter,$this->filters)) { if(in_array('default_filter',$this->filters[$filter])) { $f = $this->default_filters[$this->filters[$filter]['default_filter']]; if(in_array('message',$this->filters[$filter])) { $f['message'] = $this->filters[$filter]['message']; } } else { $f = $this->filters[$filter]; } } else { $f = $this->default_filters[$filter]; } if(!preg_match($f['regex'],$value)) { $ret = array(); $ret[$filter] = $f['message']; return $ret; } return true; } } ?> You can use it like this: <?php $validation = new Validation(); echo nl2br(print_r($validation->validate('phone','555-555-1212'),true)); echo nl2br(print_r($validation->validate('phone','(555)-555-1212'),true)); echo nl2br(print_r($validation->validate('phone','555 555 1212'),true)); ?> It doesn't match something like 555.555.1212 though.

That is funny I wonder if that guy is our mod Pikachu2000?

checkout http://www.phpclasses.org/package/1532-PHP-Authenticate-PHPBB-users-with-site-login-system.html

what forum software are you using?

The level of security also depends on your host's setup(assuming shared host). If the session files are stored in a publicly readable directory such as /tmp (the default) and a little work I could hijack those sessions. As a general rule I would set the session_save_path <?php ini_set("session.save_path", "/path/to/your/sessions/"); session_start(); ?>

from the two snippets above it appears that some basic security fundamentals like sanitizing user input were missed . If I were you I would checkout Daniel's php security tutorial.

I completely agree with this. I was thinking that we should actually focus more of our attention on the non-registered users. There are several fairly large forum sites that follow that same model and it appears to be successful. Although getting those guys to talk numbers is hard if not impossible. Also, part of the reason for non relevant ads could be a feature within adwords called "remarketing" or something like that. Where people are shown ads relevant to their last search and or ads from advertisers that have flagged them as part of their "audience". This is one of the main reasons that we have been trying to find alternatives. Later today I will setup a private board and a new group "beta testers" for this.

And you really thought a full page ad was a good idea? Especially one that loads a movie and auto plays sound? Come on, you know better than that. Well, to be honest, I had no idea that those ads were even put up. That was something that Eric was trying out. My suggestion was to 1) reposition existing ads 2) attempt to find people interested in purchasing banners or text links(relevant hopefully) 3) use the more obtrusive type adverts for our organic search traffic instead of registered/logged in users.

I just realized something. It will always exit with my example above since the script is checking if it is running from within it's self. An alternative would be to use this as a separate script that calls the actual cron script if it isn't running. For example: <?php exec("ps aux |grep foo.php", $command_output, $result); $parts = explode(" ", $command_output[0]); if($parts[count($parts) -1] == "foo.php" && $parts[count($parts) -2] != "grep") { exit; } else { exec("php /path/to/your/cronscript"); }

You would want to do something like this: <?php exec("ps aux |grep foo.php", $command_output, $result); $parts = explode(" ", $command_output[0]); if($parts[count($parts) -1] == "foo.php" && $parts[count($parts) -2] != "grep") { exit; } ?> You would obviously need to replace "foo.php" with the name of your cron script

ok here is an example that I use to check and see if one of my servers is running tomfmason$ ps aux |grep server.py 1001 2739 0.0 6.6 67136 17500 pts/5 Sl+ Nov23 3:30 /usr/bin/python /usr/bin/twistd -ny server.py 1001 16590 0.0 0.2 3904 540 pts/10 D+ 11:39 0:00 grep server.py The first result shown there is my server. Meaning that it is indeed running. From the cmd you would want to do something like this server$ ps aux |grep yourscript.php If that returns anything other than the second line from my example above your script is indeed running and you can simply exit the cron script.

You could use the ps(process status) command in your cron script to check if the cron is still running from a previous task and exit if it is. That would seem like the easiest solution.

What problem are you having? Do you see any errors? Basically I don't really understand what your question is here.

projectWonderful looks like it may be worth looking into. Thanks for the suggestion

I agree this is getting a bit old. Listen guys, we are having a fairly serious issue here. This site, at the moment, barely covers it's hosting costs and sometimes it doesn't even do that. Eric has went out of pocket more times than I can count to cover these gaps. He has said to me several times: "It is a good thing I own the servers. Otherwise I don't think we could keep the site online" or something to that effect. We all know that sites/applications that estimate a website's value are almost always off but most say that phpfreaks should be making several hundred US everyday. However, most of the time it barely makes 1/4 of that in a month. I bet Eric would be elated if he was able to bring in even a fraction of that every month. After speaking with Eric about this last month I have been actively trying to find relevant businesses to purchase banners and or text links. The issue is that there just doesn't seem to be much interest and when someone does express interest they are wanting them for next to nothing. So, that is why he has been trying to find better alternatives to adsense. I personally feel like they don't report impressions correctly and I believe Eric could confirm this after setting up openx. On top of inaccurate reporting they also display irrelevant ads most of the time. I have known Eric for a long time now and like to think I know him pretty well. He is not a money hungry person at all. He doesn't need the revenue from this site but he also doesn't want to continue covering the costs and getting nothing in return. I can understand how the dog food ads could be annoying but starting posts just bitching and not offering an alternative helps no one. So, in a nut shell, either help come up with a solution or STFU as we try to keep this community online. Constructive criticism is welcome but hostility isn't. There is a big difference between reporting usability issues and just bitching about it.

To make my life easier I generally use phpmailer.

Actually the more I think about it the more I think that this caused by an insecure include. something like the following is horribly insecure: <?php $page = $_GET['page']; include $page; ?> with anything even remotely as insecure as that and if proc is available I can pwn a site(possibly a server) in just a matter of minutes with a crafted http request.

FTP is not the only way. Actually, his host should have measures in place to prevent FTP brute forcing and if not I recommend a switch immediately. You most likely have an insecure file upload script. Do you have access to the access logs for your site? Generally the first step in recovering a compromised site is to look through your access logs line by line to nail down the source of the problem. Another potential problem is insecure includes and especially so if your host allows remote includes.

str_replace should do what you are wanting. Assuming I am understand what you are needing. <?php $str = "This is @some string that contains http://foo.com several of @the things you were wanting removed http://bar.com"; $replace = array('@','http://'); echo str_replace($replace," ",$str); ?> outputs: This is some string that contains foo.com several of the things you were wanting removed bar.com

You could use str_replace to replace those with spaces

Also, it is worth noting the returned result is an array of stdclass objects not an array of arrays. See http://php.net/manual/en/function.json-decode.php for more info

A quick google search came up with this - http://www.ajaxcrud.com/

You can simply loop over the results like so: <?php require ("RecursiveTwitterSearch.php"); $rts = new RecursiveTwitterSearch('paintball mask'); foreach($rts->recursive_results() as $result) { echo $result->text . "<br />"; } ?>

This topic has been moved to PHP Coding Help. http://www.phpfreaks.com/forums/index.php?topic=315828.0