lewis987
-
Posts
214 -
Joined
-
Last visited
Never
Everything posted by lewis987
-
never mind, Trim was in the wrong place,
-
Im trying out oop (for a change) and so far so good. only problem is im getting this; Fatal error: Can't use function return value in write context in ........./sources/functions.php on line 18 Line 18 reads: if(empty(trim($VARS[$key]))){ the full code is posted below: <?PHP class Fld_Vwr{ var $epoch; var $lastSQLStatment = ""; var $lastError = ""; var $DBUser = ""; var $DBName = ""; var $DBHost = ""; var $DBPass = ""; var $DBPort = ""; var $DB = ""; function StartDL($VARS){ $requiredVars = array("file_name", "title"); foreach($requiredVars as $key) { if(empty(trim($VARS[$key]))){ { $fail = TRUE; } } //Explode the name at the slash: $exp = explode("/", $VARS['file_name']); $name = "downloads/".$exp[count($exp)-1]; if(!@copy($VARS['file_name'], $name) || $fail === TRUE){ return false }else{ header('Content-Description: File Transfer'); header('Content-Type: application/zip'); header('Content-Disposition: attachment; filename='.urldecode($VARS['title']).".zip"); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($VARS['file_name'])); ob_clean(); flush(); readfile($name); ob_end_flush(); unlink($name); } } function hash_name($VAR2){ $epoch = time(); //Get PHP Version: $VER = phpversion(); $EXPLODE = explode(".", $VER); //Date stuff: $DATE_FORMATS = array("dmy","dny","jny","jmy","dmY","dnY","jnY","jmY"); $date_number = rand(0, (count($DATE_FORMATS)-1)); $date = date($DATE_FORMATS[$date_number]); //Time stuff: $real_time_formats = array("gis","His","Gis","his","gisu","Hisu","Gisu","hisu"); $real_time_number = rand(0,(count($real_time_formats) -1)); $real_time = date($real_time_formats[$real_time_number]); //Build String $STRING = str_shuffle($VAR2 . $Algos[$hash_number] . $date . $real_time . $this->epoch); $STRING = str_replace(",","", $STRING); $STRING = str_replace("_","", $STRING); $STRING = str_replace("+","", $STRING); $STRING = str_replace("-","", $STRING); $STRING = str_replace("(","", $STRING); $STRING = str_replace(")","", $STRING); if($EXPLODE[0] > "4"){ $hash = hash('whirlpool', $STRING); }else{ $hash = ""; while(strlen($hash) <= 96){ $hash .= md5(crc32(sha1(crc32(md5(sha1(md5(sha1($STRING))).md5(crc32(md5($STRING)))))))); } $hash = str_shuffle($hash); } return $hash; } function send_File($VARS){ $epoch = time(); $requiredVars = array("location", "file_types", "dir", "temp_dir", "get_var_1", "get_var_2", "get_var_3"); foreach($requiredVars as $key) { if(empty(trim($VARS[$key]))){ { return false; } } $epoch = $this->epoch; $folder = $LOCATION.urldecode($_GET[$VARS["get_var_1"]])."/".urldecode($_GET[$VARS["get_var_2"]])."/"; ///File ext/// $explode = explode(".",$_GET[$VARS["get_var_3"]]); $last = count($explode) - 1; $file_ext = strtolower($explode[$last]); if($VARS["file_types"][0] == "ANY"){ $ok = 1; }else{ //Check file ext: for($i = 0; $i < count($VARS["file_types"]); $i++){ if($file_ext == $VARS["file_types"][$i]){ $ok = 1; $i = 5000; }else{ $ok = 2; } } } if($ok == 2){ die("<div align=\"center\"><div class=\"error\"> Invalid file. <br />The file may exist, but the file extension is invalid. </div></div></body></html>"); } //Zip file name: $file = time().str_replace(" ","_",$_GET[$VARS["get_var_3"]]); $file = str_shuffle($file); //Add the extension on the zip folder. $zip_name = $dir.$file; $zip_name = str_replace("'","", $zip_name); $zip = new ZipArchive(); //Set the tempory file name: $tempFile = str_replace(" ","_",$_GET[$VARS["get_var_3"]]); $tempFile = $VARS["temp_dir"].$tempFile.$_SERVER['remote_addr'].$epoch; if(!@copy($folder.$_GET[$VARS["get_var_3"]], $tempFile)){ die("<div align=\"center\"><div class=\"error\"> Cannot copy file specified. <br />Please ensure it exists. </div></div></body></html>"); } if ($zip->open($zip_name.".zip", ZIPARCHIVE::OVERWRITE)!==TRUE) { exit("cannot create file.</body></html>"); } $zip->addFile($tempFile , $_GET[$VARS["get_var_3"]]); $zip->close(); unlink($TEMP); return $zip_name; } function send_Folder($VARS){ $epoch = time(); $requiredVars = array("location", "file_types", "dir", "temp_dir", "get_var_1", "get_var_2"); foreach($requiredVars as $key) { if(empty(trim($VARS[$key]))){ { return false; } } $epoch = $this->epoch; $folder = $LOCATION.urldecode($_POST[$GET_VAR_1])."/".urldecode($_POST[$GET_VAR_2])."/"; $open = opendir($folder); $i = 0; while(false !== ($file = readdir($open))){ if($file != "." || $file != ".."){ if($file_types[0] == "ANY"){ $files[$i] = $file; $i++; }else{ $EXPLODe = explode(".",$file); $last = count($EXPLODe) - 1; $file_ext = strtolower($EXPLODe[$last]); for($o = 0; $o < count($file_types); $o++){ if($file_ext == $file_types[$o] && is_dir($file) === FALSE){ $files[$i] = $file; $o = 100000; $i++; }else{ } } } } } //Create Zip Archive: //Create Zip Class Here: $zip = new ZipArchive(); //Make the Zip name here: $file = time().str_replace(" ","_", urldecode($_POST[$GET_VAR_2])); $file = str_shuffle($file); $file = str_replace("/","", $file); $zip_name = $dir.$file.".zip"; //Create the zip file: $res = $zip->open($zip_name, ZIPARCHIVE::OVERWRITE); if($res !== TRUE) { die("cannot open $zip_name. Ended with the error code: $res</body></html>"); } //Create loop to copy files to temp dir, add files and/or show error messages: for($i = 0; $i < count($files); $i++){ $FILE = str_replace(" ","_",$files[$i]); $TEMP = $temp_dir.$FILE.$_SERVER['remote_addr'].$epoch; if(!@copy($folder.$files[$i], $TEMP)){ echo("<div class=\"error\"> Cannot copy file specified. <br />Please ensure it exists and that it is the directory specified. </div>"); }else{ $zip->addFile($TEMP , $files[$i]); } } $zip->close(); //Remove all the files here: for($i = 0; $i < count($files); $i++){ $FILE = str_replace(" ","_",$files[$i]); $TEMP = $temp_dir.$FILE.$epoch; unlink($TEMP); } //Send the file name back to the script calling this file! return $zip_name; } function Clean_Dls(){ $time = time(); if(is_file("temp/REQ_time.txt") === TRUE){ $file_time = file_get_contents("temp/REQ_time.txt"); }else{ file_put_contents("temp/REQ_time.txt", $time); $file_time = $time; } //We need a limit for the file time, This can be changed, but we have set it to about a day. $limit = 60 * 60 * 24; if($file_time + $limit < $time){ //Try and open the downloads folder: $open = @opendir("downloads/"); while(FALSE !== ($file = readdir($open))){ if($file_time + $limit < filemtime("downloads/".$file)){ unlink("downloads/".$file); } } file_put_contents("temp/REQ_time.txt", $time); } } //Database stuff: function getError(){ print("Error!<br /> ".$this->lastError."<br />The SQL executed was: ".$this->lastSQLStatement); } function MyConnectOptions(){ $this->DBUser = "*************"; $this->DBPass = "***********"; $this->DBName = "*************"; $this->DBHost = "localhost"; $this->DBPort = ""; } function Connect(){ //Before we connect, We need to check the port variable to see if its set and is a number: if(ctype_digit($this->DBPort) === TRUE){ $this->DB = mysql_connect($this->DBHost.":".$this->DBPort, $this->DBUser, $this->DBPass) or die("MySQL Error:".mysql_error()); }else{ $this->DB = mysql_connect($this->DBHost, $this->DBUser, $this->DBPass) or die("MySQL Error:".mysql_error()); } mysql_select_db($this->DBName, $this->DB) or die("MySQL Error:".mysql_error()); } function Disconnect(){ mysql_close($this->DB) or die("MySQL Error:".mysql_error()); } function Insert($tbl){ //Sets all the variables: $cols = array(); $cols_use = array(); $values_use = array(); //We need to get ALL the columns from the table in $tbl; $pulledCols = mysql_query("SHOW COLUMNS FROM ".$tbl, $this->DB) or die("MySQL Error: ".mysql_error); while($columns = mysql_fetch_assoc($pulledCols)){ $cols[] = $columns['Field']; } foreach( $_POST as $key => $value){ if(in_array($key, $cols) && trim($value)){ if($value == "DATESTAMP"){ $value_use[] = "NOW()"; }else{ if(is_numeric($value) === TRUE){ $values_use[] = $value; }else{ $values_use[] = ( get_magic_quotes_gpc() ) ? "'".$value."'" : "'".addslashes($value)."'"; } $cols_use[] = "`".$key."`"; } } } if( (sizeof($cols_use) == 0 ) || (sizeof($values_use) == 0)){ $this->lastError = "Error: There was no data passed!"; return false; }else{ $SQL = "INSERT INTO `".$tbl."` (".implode(",",$cols_use). ") VALUES (".implode(",",$values_use). ")"; if( @mysql_query($SQL, $this->DB)){ return true; }else{ $this->lastError = "Error: ".mysql_error(); $this->lastSQLStatement = $SQL; return false; } } } function Select($tbl, $col, $data){ //Ensure all the data has been populated: if(empty($tbl) || empty($col) || empty($data)){ //Throw error: $this->lastError = "Error: No tables and/or columns set!"; return false; } //Secure the data: $tbl = ( get_magic_quotes_gpc() ) ? $tbl : addslashes($tbl); $col = ( get_magic_quotes_gpc() ) ? $col : addslashes($col); $data = ( get_magic_quotes_gpc() ) ? $data : addslashes($data); if(is_array($col) === TRUE){ if(is_array($data) === TRUE && count($col) == count($data)){ //Build up the SQL here: $SQL = "SELECT * FROM `".$tbl."` WHERE "; for($i = 0; $i < count($col); $i++){ $SQL .= "`".$col[$i]."` = '".$data[$i]."'"; if($i + 1 != count($col)){ $SQL .= " AND "; } } }else{ $this->lastError = "Error: Invalid data sent"; return false; } }else{ $SQL = "SELECT * FROM `".$tbl."` WHERE `".$col."` = '".$data."';"; } if($Q = @mysql_query($SQL, $this->DB)){ $this->lastSQLStatement = $SQL; return $Q; }else{ $this->lastError = "Error: ".mysql_error(); $this->lastSQLStatement = $SQL; return false; } } function Delete($tbl, $col, $data){ //Ensure all the data has been populated: if(empty($tbl) || empty($col) || empty($data)){ //Throw error: $this->lastError = "Error: No tables and/or columns set!"; return false; } //Secure the data: $tbl = ( get_magic_quotes_gpc() ) ? $tbl : addslashes($tbl); $col = ( get_magic_quotes_gpc() ) ? $col : addslashes($col); $data = ( get_magic_quotes_gpc() ) ? $data : addslashes($data); if(is_array($col) === TRUE){ if(is_array($data) === TRUE && count($col) == count($data)){ //Build up the SQL here: $SQL = "DELETE FROM `".$tbl."` WHERE "; for($i = 0; $i < count($col); $i++){ $SQL .= "`".$col[$i]."` = '".$data[$i]."'"; if($i + 1 != count($col)){ $SQL .= " AND "; } } }else{ $this->lastError = "Error: Invalid data sent"; return false; } }else{ $SQL = "DELETE FROM `".$tbl."` WHERE `".$col."` = '".$data."';"; } if($Q = @mysql_query($SQL, $this->DB)){ return $Q; }else{ $this->lastError = "Error: ".mysql_error(); return false; } $this->lastSQLStatement = $SQL; } function Update($tbl, $upd_col, $upd_data, $def_col, $def_data){ //Ensure all the data has been populated: if(empty($tbl) || empty($upd_col) || empty($upd_data) || empty($def_col) || empty($def_data)){ //Throw error: $this->lastError = "Error: one of the vars wasn't populated!"; return false; } //Secure the data: $tbl = ( get_magic_quotes_gpc() ) ? $tbl : addslashes($tbl); $upd_col = ( get_magic_quotes_gpc() ) ? $upd_col : addslashes($upd_col); $upd_data = ( get_magic_quotes_gpc() ) ? $upd_data : addslashes($upd_data); $def_col = ( get_magic_quotes_gpc() ) ? $def_col : addslashes($def_col); $def_data = ( get_magic_quotes_gpc() ) ? $def_data : addslashes($def_data); $SQL = "UPDATE `$tbl` SET "; if(is_array($upd_col) === TRUE && is_array($upd_data) === TRUE){ if(count($upd_col) == count($upd_data)){ for($i = 0; $i < count($upd_col); $i++){ if($upd_data == "DATESTAMP"){ $upd_data = "NOW()"; } $SQL .= "`".$upd_col[$i]."` = '".$upd_data."' "; if($i + 1 != count($upd_col)){ $SQL .= ", "; } } }else{ $this->lastError = "Error: Invalid data sent."; return false; } }elseif(!is_array($upd_col) && !is_array($upd_data)){ $SQL .= "`".$upd_col."` = '".$upd_data."'"; }else{ $this->lastError = "Error: Invalid data sent."; return false; } if(is_array($def_col) === TRUE){ if(is_array($def_data) === TRUE && count($col) == count($data)){ //Build up the SQL here: $SQL .= " WHERE "; for($i = 0; $i < count($col); $i++){ $SQL .= "`".$def_col[$i]."` = '".$def_data[$i]."'"; if($i + 1 != count($col)){ $SQL .= " AND "; } } }else{ $this->lastError = "Error: Invalid data sent"; return false; } }else{ $SQL .= " WHERE `".$col."` = '".$data."';"; } if($Q = @mysql_query($SQL, $this->DB)){ return true; }else{ $this->lastError = "Error: ".mysql_error(); return false; } $this->lastSQLStatement = $SQL; } } ?>
-
I was thinking something like this: $requiredVars = array("location", "file_types", "dir", "temp_dir", "get_var_1", "get_var_2", "get_var_3"); $arrayCount = count($requiredVars); for($i = 0; $i < $arrayCount; $i++){ if(empty(trim($VAR[$requiredVars[$i]]))){ return false; } } It has the same effect...
-
Im trying to optimize some code i've written up, the thing is, i need to check if an array that is sent to a function has the right keys set. At the minute im using an if elseif statement and it looks ugly. Im wondering if its faster and more practical settings a numbered array with the names of keys that are required and checking it in a loop. Is that more practical?
-
I dont totally understand you, BUT, you can try this: $DB = new DB; #Change DB to the class that the function is contained in; $name = "blah"; $result = $DB->getMemberAndLocationByName($name); print_r($result); //You can use a loop instead of printing everything out in a oner. I think thats your question solved;
-
Resolved myself.
-
Im trying to make a download site that always zips files, I can get the part for individual files to work flawlessly. The problem is (im using a music folder as an example) that when the user clicks the "download album" button. The function below creates the username and is meant to open or create (dependant if the file exists). The error is that its not creating the file at all. But the same code for the individual file works. Im confused, both functions are below so you can see what each function does. *NOTE* send_File is MEANT to use $_GET and send_Folder is meant to use $_POST; $folder returns what I want it to; send_File(): function send_File(){ global $LOCATION; global $file_types; global $dir; global $temp_dir; global $GET_VAR_3; global $GET_VAR_2; global $GET_VAR_1; global $epoch; $folder = $LOCATION.urldecode($_GET[$GET_VAR_1])."/".urldecode($_GET[$GET_VAR_2])."/"; ///File ext/// $EXPLODe = explode(".",$_GET[$GET_VAR_3]); $last = count($EXPLODe) - 1; $file_ext = strtolower($EXPLODe[$last]); if($file_type[0] == "ANY"){ $ok = 1; }else{ //Check file ext: for($i = 0; $i < count($file_types); $i++){ if($file_ext == $file_types[$i]){ $ok = 1; $i = 5000; }else{ $ok = 2; } } } if($ok == 2){ die("<div align=\"center\"><div class=\"error\"> Invalid file. <br />The file may exist, but the file extension is invalid. </div></div></body></html>"); } //Zip file name: $file = time().urldecode($_GET[$GET_VAR_3]); $file = str_shuffle($file); //Add the extension on the zip folder. Remove ' from the name $zip_name = $dir.$file; $zip_name = str_replace("'","", $zip_name); $zip = new ZipArchive(); //Set the tempory file name: $FILE = str_replace(" ","_",$_GET[$GET_VAR_3]); $TEMP = $temp_dir.$FILE.$_SERVER['remote_addr'].$epoch; if(!@copy($folder.$_GET[$GET_VAR_3], $TEMP)){ die("<div align=\"center\"><div class=\"error\"> Cannot copy file specified. <br />Please ensure it exists and that it is the directory specified. </div></div></body></html>"); } if ($zip->open($zip_name.".zip", ZIPARCHIVE::CREATE)!==TRUE) { exit("cannot create file.</body></html>"); } $zip->addFile($TEMP , $_GET[$GET_VAR_3]); $zip->close(); unlink($TEMP); return $zip_name; } send_Folder(): function send_Folder(){ global $LOCATION; global $file_types; global $dir; global $temp_dir; global $GET_VAR_2; global $GET_VAR_1; global $epoch; $folder = $LOCATION.urldecode($_POST[$GET_VAR_1])."/".urldecode($_POST[$GET_VAR_2])."/"; $open = opendir($folder); $i = 0; while(false !== ($file = readdir($open))){ if($file != "." || $file != ".."){ if($file_types[0] == "ANY"){ $files[$i] = $file; $i++; }else{ $EXPLODe = explode(".",$file); $last = count($EXPLODe) - 1; $file_ext = strtolower($EXPLODe[$last]); for($o = 0; $o < count($file_types); $o++){ if($file_ext == $file_types[$o] && is_dir($file) === FALSE){ $files[$i] = $file; $o = 100000; $i++; }else{ } } } } } //Create Zip Archive: //Create Zip Class Here: $zip = new ZipArchive(); //Make the Zip name here: $file = time().str_replace(" ","_", urldecode($_POST[$GET_VAR_2])); $file = str_shuffle($file); $zip_name = $dir.$file.".zip"; //Create the zip file: if ($zip->open($zip_name, ZipArchive::CREATE) !== TRUE) { die("cannot open $zip_name.</body></html>"); } //Create loop to add files and/or show error messages: for($i = 0; $i < count($files); $i++){ $FILE = str_replace(" ","_",$files[$i]); $TEMP = $temp_dir.$FILE.$_SERVER['remote_addr'].$epoch; if(!@copy($folder.$files[$i], $TEMP)){ echo("<div align=\"center\"><div class=\"error\"> Cannot copy file specified. <br />Please ensure it exists and that it is the directory specified. </div></div>"); }else{ $zip->addFile($TEMP , $files[$i]); } } $zip->close(); //Remove all the files here: for($i = 0; $i < count($files); $i++){ $FILE = str_replace(" ","_",$files[$i]); $TEMP = $temp_dir.$FILE.$epoch; unlink($TEMP); } //Send the file name back to the script calling this file! return $zip_name; } Any help or code optimization is appreciated.
-
yea... i uploaded the wrong copies... but they will remain until i finish making some extra features...
-
it should... i dont see why i wont..t... what about if you press enter??
-
just to let ya know... yea i see them both...
-
//Edit: ok... i never realised that with AJAX you have to make a new var per xmlrequest thing... so now it should all work, the shouts seem to work 100% here, with enter AND with the shout button. So now everything *should* work without a problem Post any errors here *Note: I know that the "Invite user" on your own chat room doesnt work, thats my next task!
-
sorry unidox, forgot to edit it again.. and as for FF not posting... i dont know where the problem is... i can get it to post shouts when im on 127.0.0.1 (localhost)
-
aight... got it to work in IE, FF, and opera with both pressing enter AND pressing the button Safari is the exception... the enter button way doesnt work... but i dont care at this present moment! uploading new files now!
-
Fiddlesticks (dont wanna swear) but ive been using $_POST in the data.php file instead of $HTTP_RAW_POST_DATA... so damned cheesed off... haha
-
Cookies are to keep the user logged in if they close the browser and sessions are used to keep the user logged in until they close their session or they have been inactive for more than 15 minutes (i think)
-
Here is my AJAX... so if you can find a problem with it, please say // JavaScript Document function createRequestObject() { var xmlHttp; try { work2 = 'Internet Explorer'; xmlReq = new ActiveXObject("Msxml2.XMLHTTP"); work = 1; } catch (e) { try { xmlReq = new ActiveXObject("Microsoft.XMLHTTP"); work = 1; } catch (e) { try { work2 = 'Firefox, Opera 8.0+, Safari'; xmlReq = new XMLHttpRequest(); work = 1; } catch (e) { work = 2; } } } if(work == 1){ return xmlReq; }else{ alert("Your browser does not support AJAX!"); } } // Set all variables here var http = createRequestObject(); var http2 = createRequestObject(); var t = ""; var c = 0; var shout = ""; var ip = ""; var uid = ""; var i = ""; function Load(size, rid, uid) { t = setTimeout('Refresh('+rid+')',0); i = setTimeout('invites('+uid+')', 0); document.getElementById('makeSmaller').innerHTML = '<input name="downSize" type="button" value="-" onclick="MakeSmaller('+size+')" />'; document.getElementById('makeLarger').innerHTML = '<input name="upSize" type="button" value="+" onclick="MakeLarger('+size+')" />'; //Get the pointer to automatically goto the text box: document.getElementById('shout').focus(); } function Refresh(rid) { clearTimeout(t); var params = 'act=refresh&rid='+rid; http.open('post', 'data.php', true); http.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); http.setRequestHeader("Content-length", params.length); http.setRequestHeader("Connection", "close"); // Open PHP script for requests http.onreadystatechange = function(){ if(http.readyState == 4 && http.status == 200){ var response = http.responseText; if(response) { // UPDATE ajaxTest content document.getElementById('results').innerHTML = ''; document.getElementById('results').innerHTML = response; } } } http.send(params); t = setTimeout('Refresh('+rid+')',1000); } function Shout(shout, ip, uid, rid){ if(shout == ""){ alert("Error: Shout was left empty!"); }else{ clearTimeout(t); var params = 'act=shout&shout='+shout+'&ip='+ip+'&uid='+uid+'&rid='+rid; http.open('post', 'data.php', true); http.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); http.setRequestHeader("Content-length", params.length); http.setRequestHeader("Connection", "close"); // Open PHP script for requests http.onreadystatechange = function(){ if(http.readyState == 4 && http.status == 200){ var response = http.responseText; if(response) { // UPDATE ajaxTest content document.getElementById('results').innerHTML = response; } } } http.send(params); document.getElementById('shout').value = ''; t = setTimeout('Refresh('+rid+')',0); } } function MakeLarger(size){ size = size + 50; size2 = size + 50; if(size < 500){ if(size2 > 400){ document.getElementById('makeLarger').innerHTML = '<input disabled="disabled" name="upSize" type="button" value="+" onclick="MakeLarger('+size+')" />'; }else{ document.getElementById('makeLarger').innerHTML = '<input name="upSize" type="button" value="+" onclick="MakeLarger('+size+')" />'; } } document.getElementById('results').style = 'height:'+size+'px; width:750px; overflow: scroll;'; document.getElementById('makeSmaller').innerHTML = '<input name="downSize" type="button" value="-" onclick="MakeSmaller('+size+')" />'; } function MakeSmaller(size){ size = size - 50; size2 = size - 50; if(size > 0){ if(size2 > 0){ document.getElementById('makeSmaller').innerHTML = '<input name="downSize" type="button" value="-" onclick="MakeSmaller('+size+')" />'; }else{ document.getElementById('makeSmaller').innerHTML = '<input name="downSize" disabled="disabled" type="button" value="-" onclick="MakeSmaller('+size+')" />'; } } document.getElementById('results').style = 'height:'+size+'px; width:750px; overflow: scroll;'; document.getElementById('makeLarger').innerHTML = '<input name="upSize" type="button" value="+" onclick="MakeLarger('+size+')" />'; } function invites(uid){ clearTimeout(i); var params = 'act=invites&uid='+uid; http2.open('post', 'data.php', true); http2.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); http2.setRequestHeader("Content-length", params.length); http2.setRequestHeader("Connection", "close"); // Open PHP script for requests http2.onreadystatechange = function(){ if(http2.readyState == 4 && http2.status == 200){ var response = http2.responseText; if(response) { // UPDATE ajaxTest content document.getElementById('inv').innerHTML = ''; document.getElementById('inv').innerHTML = response; } } } http2.send(params); i = setTimeout('invites('+uid+')',2000); } This is my data.php page (the page that does everything): <?PHP include("config.php"); if(defined("SCRIPT")){ if(isset($_POST['act'])){ if($_POST['act'] == "refresh"){ if(isset($_POST['rid'])){ $RID = $_POST['rid']; }else{ $RID = 1; } $SQL = "SELECT * FROM `shouts` WHERE `room_id` = '{$RID}' ORDER BY `id` ASC"; $Q = mysql_query($SQL); $Run1 = mysql_num_rows($Q); if($Run1 > 0){ //Do a while loop to get all results and do a query to get the member's username: while($DATA = mysql_fetch_assoc($Q)){ //Build query to run to get the username of the member that sent the info: $SQL = "SELECT * FROM `users` WHERE `id` = '".$DATA['user_id']."';"; //Run Query: $Q2 = mysql_query($SQL); //Ensure that the user exists first: if(mysql_num_rows($Q2) === 1){ }else{ //Since the user doesnt exist, remove shout from database: mysql_query("DELETE FROM `shouts` WHERE `id` = '".$DATA['id']."' LIMIT 1;"); } } } //Re-Run first query so we know that all the shouts are up-to-date but add a limit of 15: $Q = mysql_query("SELECT * FROM `shouts` WHERE `room_id` = '{$RID}' ORDER BY `id` DESC LIMIT 0,20"); //Check to make sure there are still shouts in the shoutbox: if($Run1 > 0 && mysql_num_rows($Q) > 0){ $OUTPUT = "<table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\">"; //Make $i 1 so we start with the right color: $i = 1; //Run while loop to build up output: while($DATA = mysql_fetch_assoc($Q)){ //Build query to run to get the username of the member that sent the info: $SQL = "SELECT * FROM `users` WHERE `id` = '".$DATA['user_id']."';"; //Run Query: $Q2 = mysql_query($SQL); //Build Result set: $DATA2 = mysql_fetch_assoc($Q2); $USERNAME = $DATA2['username']; if($i == 1){ $OUTPUT .= "<tr style=\"background-color: #faa;\"> <td style=\"width: 50px; vertical-align:top\">".$USERNAME."</td> <td style=\"width: 5px; vertical-align:top\">- </td> <td>".$DATA['shout']."</td> </tr>"; $i = 2; }else{ $OUTPUT .= "<tr style=\"background-color: #aaffaa;\"> <td style=\"width: 50px; vertical-align:top\">".$USERNAME."</td> <td style=\"width: 5px; vertical-align:top\">- </td> <td>".$DATA['shout']."</td> </tr>"; $i = 1; } } $OUTPUT .= "</table>"; }else{ //Show that there isnt any shouts in the table: $OUTPUT = '<div align="center"> <div style="border: #0f0 thin solid; background-color:#afa; width:250px;"> There are no shouts yet! </div> </div>'; } echo $OUTPUT; //Check if the act variable is for a shout: }elseif($_POST['act'] == "shout"){ //Ensure that the user ID is secure and an int: if(is_numeric($_POST['uid']) == TRUE){ //Secure the User ID: $ID = mysql_real_escape_string(htmlentities($_POST['uid'])); //Edit the shout so that the whole shout is secure: $SHOUT = mysql_real_escape_string(strip_tags(htmlentities($_POST['shout'], ENT_QUOTES))); $SHOUT = str_replace("<", "<", $SHOUT); $SHOUT = str_replace(">", ">", $SHOUT); //Secure IP: $IP = mysql_real_escape_string(htmlentities(strip_tags($_POST['ip']), ENT_QUOTES)); //Secure Room ID: $ROOM_ID = mysql_real_escape_string(htmlentities($_POST['rid'])); //Add BBCode to the shout: //Build SQL $SQL = "SELECT * FROM `bbcode`;"; //Run SQL $Q5 = mysql_query($SQL); if(mysql_num_rows($Q5) > 0){ //Build result set: while($DATA = mysql_fetch_assoc($Q5)){ //Edit the shout to make the bbcode to html: $SHOUT = preg_replace($DATA['find'], $DATA['replace'], $SHOUT); } } //Add smilies to the shout: //Build SQL $SQL = "SELECT * FROM `smilies`;"; //Run SQL $Q7 = mysql_query($SQL); if(mysql_num_rows($Q7) > 0){ //Build result set: while($DATA = mysql_fetch_assoc($Q7)){ //Edit the shout to make the smiley code to html: $SHOUT = str_ireplace($DATA['find'], $DATA['replace'], $SHOUT); } } //Build SQL to check the room id: $SQL = "SELECT * FROM `rooms` WHERE `id` = '{$ROOM_ID}';"; //Run Query: $Q = mysql_query($SQL); //Ensure the room exists: if(mysql_num_rows($Q) > 0){ //Build SQL: $SQL2 = "SELECT * FROM `users` WHERE `id` = '".$ID."';"; //Run SQL: $Q2 = mysql_query($SQL2); //Ensure that the user exists: if(mysql_num_rows($Q2) === 1){ //Build result set: $DATA = mysql_fetch_assoc($Q2); //Get username: $USERNAME = $DATA['username']; }else{ $ERROR = 1; } }else{ $ERROR = 2; } }else{ $ERROR = 3; } if($ERROR == 0){ //Build SQL to insert the shout: $SQL3 = "INSERT INTO `shouts` (`id`, `user_id`, `shout`, `room_id`) VALUES (NULL, '{$ID}', '{$SHOUT}', '{$ROOM_ID}');"; //Run above query: $Q3 = mysql_query($SQL3); }else{ echo $ERROR; } }elseif($_POST['act'] == "regUsername"){ //check that the username is unique: $USERNAME = mysql_real_escape_string(htmlentities($_POST['name'], ENT_QUOTES)); if(strlen($USERNAME) > 0){ $SQL = "SELECT * FROM `users` WHERE `username` = '{$USERNAME}';"; $Q = mysql_query($SQL); if(mysql_num_rows($Q) > 0 || strlen($USERNAME) < 4){ if(strlen($USERNAME) < 4){ echo 4; }else{ echo 3; } }else{ echo 2; } }else{ echo 1; } }elseif($_POST['act'] == "regPassword"){ //Check to see if password is long enough: if(strlen($_POST['pwd']) == 0){ echo 1; }elseif(strlen($_POST['pwd']) > 5){ echo 2; }else{ echo 3; } }elseif($_POST['act'] == "regCode"){ if(!isset($_POST['cre'])){ echo 1; }elseif($_POST['cre'] == $_POST['org']){ echo 2; }else{ echo 3; } }elseif($_POST['act'] == 'invites'){ if(ctype_digit($_POST['uid']) === TRUE){ $SQL = "SELECT * FROM `invites` WHERE `to` = '{$_POST['uid']}' AND `status` = '1';"; $Q = mysql_query($SQL); if(mysql_num_rows($Q) > 0){ $RESULT = mysql_fetch_assoc($Q); echo("<table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\">"); echo("<tr>"); echo("<th width=\"33%\">From:</th> <th>Room:</th> <th width=\"33%\"></th>"); echo("</tr>"); for($i = 0; $i < mysql_num_rows($Q); $i++){ //Get username: $SQL2 = "SELECT * FROM `users` WHERE `id` = '{$RESULT['from']}';"; $Q2 = mysql_query($SQL2); if(mysql_num_rows($Q2) === 1){ $RESULT_SET = mysql_fetch_assoc($Q2); //Show layout: echo("<tr>"); echo("<td align=\"center\"> {$RESULT_SET['username']} </td> <td align=\"center\"> {$RESULT['room_id']} </td> <td> <form action=\"?\" method=\"post\"> <input name=\"accept_inv\" type=\"submit\" value=\"Accept Invite\" /> <input name=\"decline_inv\" type=\"submit\" value=\"Decline Invite\" /> </form> </td>"); echo("</tr>"); }else{ //Delete Invitation: } } echo("</table>"); }else{ echo("There are no invites for you yet."); } } }else{ echo ("Invalid Action!"); } }else{ echo ("ERROR"); } }else{ die("HACKING ATTEMPT!"); } ?>
-
press the shout button rather than pressing enter... theres a problem with the onsubmit thing with the form, but it works 100% in opera... ok... i guess your using firefox or IE (somehow both are affected with the same problem)... i dont know much about javascript, but it looks like theres something wrong with my code somewhere... Safari has a problem with onsubmit and Opera is 100%
-
fixed helraizer
-
its posting shouts here... its the onsubmit part of my code that isnt working... i have to try in FF and IE, but i know that in safari, if you hit enter it doesnt work... and for the captcha image... its all good GD has been enabled... at long last... now just to finish of the invitation system
-
yea i know about those types... but ive asked my host to enable it, so hopefully it will be... but i will add a little bit of code in the reg script to check if the GD library is enabled or not and load the right captcha...
-
ok unidox, that error is fixed, i forgot to re-edit the config file... and for helraizer my host doesnt support GD so i need to think of a new way of making a captcha image...
-
ok... fixed majority of bugs i found... and i have added access type into the create chat room, so now you can set it to only allow users you invite. Another thing is, the invite function doesnt work as of yet, but it is oon going too... i have a few things to add onto the main page where the shoutbox is kept to allow the user to view all recent invites and choose what one to accept! Fixes and optimizations: Power users is now 100% functional aswell... only i get that privellege . AJAX side seems to be working well... (fixed bug that coreye found where you can execute your own shouts into the shoutbox from "data.php"). Smilies and BBCode is now fully supported but not yet added to the database. Password support for open chats is now more effiecent. Invite function is now partial functional... Todo: Layout and design has yet to be completed.
-
undergoing bug fixes at the minute... fixing up the AJAX side of things... i will have it fixed asap... in the middle of adding a new feature for it...
-
ok... that site done my head in with its ads... so now ive got a better one... New Address
-
aight... well i never really put much effort into the register script... so yea... its going to be weak! and your the second person to say that :S but it works all ok here on opera and safari and IE...