MadTechie
-
Posts
9,409 -
Joined
-
Last visited
-
Days Won
1
Everything posted by MadTechie
-
if their sent from your scripts then you can but will probably need to change all the routines of you don't handle them yourself then your need some server software (from what i know)
-
Ahh ok sorry i added some reports for errors try the below, it should show the problem <?php session_start(); //error_reporting(E_ALL ^ E_NOTICE); // =========================== // whats my database info? // =========================== $host="localhost"; // Host name $username="*********"; // Mysql username $password="*********"; // Mysql password $db_name="*********"; // Database name // ========================== // lets connect! // ========================== mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // =========================== // what table? // =========================== $tablemembers="members"; $tableposts="posts"; $tablereplies="replies"; // etc. variables $id=$_REQUEST['viewtopic']; $myusername=$_SESSION['myusername']; // actions $viewtopic=$_REQUEST['viewtopic']; $action=$_REQUEST['action']; // end actions // ============================= // what goes in the header? // ============================= $mainsql="SELECT * FROM $tableposts ORDER BY id DESC"; $mainresult=mysql_query($mainsql) or die(mysql_error()); $sql1="SELECT * FROM $tableposts WHERE id='$id'"; $result1=mysql_query($sql1) or die(mysql_error()); $rows1=mysql_fetch_array($result1) or die(mysql_error()); $mydn="SELECT displayname FROM $tablemembers WHERE username = '$myusername'"; $mydisplayname=mysql_query($mydn) or die(mysql_error()); ?> <center> <?php if (mysql_num_rows($mydisplayname)>0) { while ($row = mysql_fetch_assoc($mydisplayname) or die(mysql_error())) { extract($row); if(isset($_SESSION['myusername'])){ echo "Welcome , $displayname | <a href='index.php?action=logout'>Logout</a>"; } } } elseif (!isset($_SESSION['myusername'])) { echo "<a href='index.php?action=login'>Login</a> | <a href='index.php?action=register'>Register</a>"; } echo "<br>Your Location: <a href='index.php'>ShaunsBoards</a>"; if(isset($_REQUEST['viewtopic'])) { echo " > <a href='index.php?viewtopic=".$rows1['id']."'>".$rows1['title']."<br><br>"; } elseif(isset($action)) { if($action == "post") { echo " > <a href='index.php?action=post'>Post New Topic</a>"; } elseif($action == "posttopic") { echo " > <a href='index.php?action=post'>Post New Topic</a>"; } elseif($action == "login") { echo " > <a href='index.php?action=login'>Login</a>"; } elseif($action == "register") { echo " > <a href='index.php?action=register'>Register</a>"; } elseif($action == "reply") { echo " > <a href='index.php?action=reply'>Reply To Topic</a>"; } } else { echo "<a href='index.php'></a>"; } $_SESSION['mydisplayname']=$displayname; // =============================== // actions // =============================== // -------------------------- // are they viewing a topic? // -------------------------- $_SESSION['mydisplayname']=$mydisplayname; if (isset($_REQUEST['viewtopic'])) { $id=$_REQUEST['viewtopic']; echo "<table width='100%' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#ffffff'> <tr> <td><table width='100%' border='0' cellpadding='3' cellspacing='1' bordercolor='1' bgcolor='#000000'> <tr> <td align='center' bgcolor='#ccddcc' colspan='2'><strong>".$rows1['title']."</strong> </tr> <tr> <td bgcolor='#F8F7F1' align='center'><strong>".$rows1['authordisplay']."</strong><br> <td bgcolor='#F8F7F1'>Date/Time : ".$rows1['datetime']."</td> </tr> <tr> <td bgcolor='#Ffffff' width='15%'>User information will eventually go in here. Area under construction.</td> <td bgcolor='#Ffffff'>".$rows1['content']."</td> </tr> </table></td> </tr> </table> <BR>"; $sql2="SELECT * FROM $tablereplies WHERE questionid='".$_REQUEST['viewtopic']."'"; $result2=mysql_query($sql2) or die(mysql_error()); while($rows5=mysql_fetch_array($result2) or die(mysql_error())) { echo "<table width='100%' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#ffffff'> <tr> <td><table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#000000'> <tr> <td bgcolor='#F8F7F1' align='center'><strong>".$rows5['authordisplay']."</strong></td> <td bgcolor='#F8F7F1'>".$rows5['datetime']."</td> </tr> <tr> <td bgcolor='#ffffff' width='15%'>User information will eventually go in here. Area under construction.</td> <td bgcolor='#ffffff'>".$rows5['content']."</td> </tr> </table></td> </tr> </table><br>"; } if(session_is_registered(myusername)) { echo "<table width='400' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'> <tr> <form name='reply' method='post' action='index.php?action=reply'> <td> <table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#FFFFFF'> <tr> <td valign='top'><strong>Post</strong></td> <td valign='top'>:</td> <td><textarea name='content' cols='45' rows='3' id='content'></textarea></td> </tr> <tr> <td> </td> <td><input name='id' type='hidden' value='".$viewtopic."'></td> <td><input type='submit' name='Submit' value='Submit'> <input type='reset' name='Submit2' value='Reset'></td> </tr> </table> </td> </form>"; } else { echo "<a href='index.php?action=login'>Login</a> to reply to topics!"; } $sql3="SELECT views FROM $tableposts WHERE id='$id'"; $result3=mysql_query($sql3) or die(mysql_error()); $rows3=mysql_fetch_array($result3) or die(mysql_error()); $views3=$rows3['views']; if(empty($views3)) { $views3=1; $sql4="INSERT INTO $tableposts(views) VALUES('$views3') WHERE id='$id'"; $result4=mysql_query($sql4) or die(mysql_error()); } $addview=$views3+1; $sql5="update $tableposts set views='$addview' WHERE id='$id'"; $result5=mysql_query($sql5) or die(mysql_error()); exit; } // ================== // repeat vars // ================== $tablemembers="members"; $tableposts="posts"; $tablereplies="replies"; // etc. variables $id=$_REQUEST['viewtopic']; $myusername=$_SESSION['myusername']; // actions $viewtopic=$_REQUEST['viewtopic']; $action=$_REQUEST['action']; $mainsql="SELECT * FROM $tableposts ORDER BY id DESC"; $mainresult=mysql_query($mainsql) or die(mysql_error()); $sql1="SELECT * FROM $tableposts WHERE id='$id'"; $result1=mysql_query($mainsql); $rows1=mysql_fetch_array($result1) or die(mysql_error()); $mydn="SELECT displayname FROM $tablemembers WHERE username = '$myusername'"; $mydisplayname=mysql_query($mydn) or die(mysql_error()); //=============== // end vars //=============== // --------------- // action=post! // --------------- $action=$_REQUEST['action']; if(isset($action)) { if($action == "post") { echo "<br><br><table width='400' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'> <tr> <form id='post' name='post' method='post' action='index.php?action=posttopic'> <td> <table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#FFFFFF'> <tr> <td colspan='3' bgcolor='#E6E6E6'><strong>Create New Topic</strong> </td> </tr> <tr> <td width='14%'><strong>Title</strong></td> <td width='2%'>:</td> <td width='84%'><input name='title' type='text' id='title' size='50' /></td> </tr> <tr> <td valign='top'><strong>Post</strong></td> <td valign='top'>:</td> <td><textarea name='content' cols='50' rows='3' id='content'></textarea></td> </tr> <tr> <td> </td> <td> </td> <td><input type='submit' name='Submit' value='Submit' /> <input type='reset' name='Submit2' value='Reset' /></td> </tr> </table> </td> </form> </tr> </table>"; } if($action == "posttopic") { $title=$_REQUEST['title']; $content=$_REQUEST['content']; $author=$_SESSION['myusername']; $authordisplay=$displayname; $datetime=date("d/m/y h:i:s"); //create date time $sql6="INSERT INTO $tableposts(title, content, author, authordisplay, datetime)VALUES('$title', '$content', '$author', '$authordisplay', '$datetime')"; $result6=mysql_query($sql6) or die(mysql_error()); if($result6) { echo "<br><br>Successful<BR>"; echo "<a href=index.php>Go to forum index!</a>"; } else { echo "ERROR"; } } if($action == "login") { echo "<br><br><table width='300' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'> <tr> <form name='form1' method='post' action='index.php?action=logincheck'> <td> <table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#CCDDCC'> <tr> <td colspan='3' align='center'><strong><font color='#336633'>ShaunsBoards Login </font></strong></td> </tr> <tr> <td width='78'>Username</td> <td width='6'>:</td> <td width='294'><input name='myusername' type='text' id='myusername'></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name='mypassword' type='password' id='mypassword'></td> </tr> <tr> <td> </td> <td> </td> <td><input type='submit' name='Submit' value='Login'> </td> </tr> <tr> <td align='center' colspan='4'><a href='index.php?action=register'>Register</a></td> </tr> </table> </td> </form> </tr> </table><br /><br /><br />"; } if($action == "logincheck") { $myusernamereq=$_REQUEST['myusername']; $mypasswordreq=$_REQUEST['mypassword']; $sql7="SELECT * FROM $tablemembers WHERE username='$myusernamereq' and password='$mypasswordreq'"; $result7=mysql_query($sql7) or die(mysql_error()); $count1=mysql_num_rows($result7); if($count1==1) { // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION['myusername'] = $_POST['myusername']; $_SESSION['mypassword'] = $_POST['mypassword']; echo "<br><br>Login Successful, <a href='index.php'>Go to forum index!</a>"; } else { echo "Wrong Username or Password"; } } if($action == "logout") { session_start(); session_destroy(); echo "<br><br>Logout Successful, <a href='index.php'>Go to forum index!</a>"; } if($action == "reply") { $id=$_REQUEST['id']; $sql8="SELECT MAX(answerid) AS Maxanswerid FROM $tablereplies WHERE questionid='$id'"; $result8=mysql_query($sql8) or die(mysql_error()); $rows8=mysql_fetch_array($result8); if ($rows8) { $Max_id = $rows8['Maxanswerid']+1; } else { $Max_id = 1; } $myusername=$_SESSION['myusername']; $mydisplayname=$displayname; $content=$_REQUEST['content']; $author=$myusername; $authordisplay=$displayname; $datetime=date("d/m/y H:i:s"); // create date and time $sql9="INSERT INTO $tablereplies(questionid, answerid, author, authordisplay, content, datetime)VALUES('$id', '$Max_id', '$author', '$authordisplay', '$content', '$datetime')"; $result9=mysql_query($sql9) or die(mysql_error()); if($result9) { echo "<br><br>Successful<BR>"; echo "<a href='index.php?viewtopic=".$id."'>View your answer</a>"; $sql10="UPDATE $tableposts SET replies='$Max_id' WHERE id='$id'"; $result10=mysql_query($sql10) or die(mysql_error()); } else { echo "ERROR"; } } if($action == "register") { echo "<br><br><table width='300' border='0' align='center' cellpadding='0' cellspacing='1' bgcolor='#CCCCCC'> <tr> <form name='register' action='index.php?action=registeruser' method='post'> <td> <table width='100%' border='0' cellpadding='3' cellspacing='1' bgcolor='#CCDDCC'> <tr> <td colspan='3'><strong><font color='#336633'>ShaunsBoards Register</font></strong></td> </tr> <tr> <td width='81' align='senter'>Username</td> <td width='3'>:</td> <td width='294'><input name='username' type='text' /></td> </tr> <tr> <td>Display Name</td> <td>:</td> <td><input name='displayname' type='text' /></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name='password' type='password' /></td> </tr> <tr> <td>Password Again</td> <td>:</td> <td><input name='password_again' type='password' /></td> </tr> <tr> <td>E-Mail</td> <td>:</td> <td><input name='email' type='text' /></td> </tr> <tr> <td> </td> <td> </td> <td><input type='submit' value='Register'></td> </tr> </table> </td> </form> </tr> </table>"; } if($action == "registeruser") { $username1 = $_REQUEST['username']; $displayname1 = $_REQUEST['displayname']; $password1 = $_REQUEST['password']; $pass_again1 = $_REQUEST['password_again']; $email1 = $_REQUEST['email']; if(empty($username1)) { die("You didn't enter a username!<br>"); } if(empty($displayname1)) { die("You didn't enter a username!<br>"); } if(empty($password1)) { die("You didn't enter a password!<br>"); } if(empty($pass_again1)) { die("You didn't confirm your password!<br>"); } if(empty($email1)) { die("You didn't enter your email!"); } $user_check = mysql_query("SELECT username FROM $tablemembers WHERE username='$username1'"); $do_user_check = mysql_num_rows($user_check); $display_check = mysql_query("SELECT username FROM $tablemembers WHERE displayname='$displayname1'"); $do_display_check = mysql_num_rows($display_check); $email_check = mysql_query("SELECT email FROM $tablemembers WHERE email='$email1'"); $do_email_check = mysql_num_rows($email_check); if($do_user_check > 0) { die("<br><br>Sorry, that username is in use.<br>"); } if($do_display_check > 0) { die("<br><br>Sorry, that display name is in use.<br>"); } if($do_email_check > 0) { die("<br><br>That e-mail is already in use!<br>"); } if($password1 != $pass_again1) { die("<br><br>Sorry, you're passwords don't match.<br>"); } $insert = mysql_query("INSERT INTO $tablemembers (username, displayname, password, email) VALUES ('$username', '$displayname', '$password', '$email')"); if(!$insert) { die("<br><br>There's little problem: ".mysql_error()); } echo "<br><Br>".$username1.", you are now registered. Thank you!<br><a href=index.php?action=login>Login</a> | <a href=index.php>Index</a>"; } exit; } // -------------- // forum index! // -------------- echo "</center> <br /><br /> <table width='90%' border='0' align='center' cellpadding='3' cellspacing='1' bgcolor='#000000'> <tr> <td width='40%' align='center' bgcolor='#CCDDCC'><strong>Topic</strong></td> <td width='20%' align='center' bgcolor='#CCDDCC'><strong>Author</strong></td> <td width='15%' align='center' bgcolor='#CCDDCC'><strong>Views</strong></td> <td width='13%' align='center' bgcolor='#CCDDCC'><strong>Replies</strong></td> <td width='13%' align='center' bgcolor='#CCDDCC'><strong>Date/Time</strong></td> </tr>"; while($rowsindex=mysql_fetch_array($mainresult)) { // Start looping table row echo "<tr> <td bgcolor='#FFFFFF'><a href='index.php?viewtopic=".$rowsindex['id']."'>".$rowsindex['title']."</a><BR></td> <td align='center' bgcolor='#FFFFFF'>".$rowsindex['authordisplay']."</td> <td align='center' bgcolor='#FFFFFF'>".$rowsindex['views']."</td> <td align='center' bgcolor='#FFFFFF'>".$rowsindex['posts']."</td> <td align='center' bgcolor='#FFFFFF'>".$rowsindex['datetime']."</td> </tr>"; } echo "<tr> <td colspan='5' align='right' bgcolor='#CCDDCC'>"; if(isset($_SESSION['myusername'])) { echo "<a href='index.php?action=post'><strong>Create New Topic</strong></a><br>"; } else { echo "<a href='index.php?action=login'>Login</a> to start topics!"; } ?> </center>
-
erm.. well $tablereplies isn't set can you post the error please
-
whats the error?
-
so you want to send an email with an image.. so thats a html email with attachments look up phpmailer
-
Ahh good point, it is running on a unix system but maybe moved to a different *nix system or a windows one, i am trying my best to allow the system to work on all i don't want to use system() or exec() if possible hence the error handeling would be ok (stopping the error is better, i don't mean increase the memory but capture the error ) i hope that makes sence
-
try this if (eregi("^([A-Za-z0-9\.\'\-]+)$", stripslashes($name)))
-
<?php $regexp = '/^[\sa-zA-Z0-9]+$/'; // Matches one or more alphanumeric characters ?> \s = whitespace (\w+\s?) may work as well
-
i have a php script thats can run out of memory (basically the user overloads it), Now i plan to fix this but for now i wanted to manage the error, in my script i added <?php echo memory_get_usage()."-".memory_get_peak_usage(true)."<br />"; ?> into the loop and basically wanted to either handle the error or break the loop, but i can't seam to work out either 1. how to find the max amount of memory i can use or 2. capture the error. the error that displays is
-
cool, can you please click solved to save others opening this thread to help then find its already resolved solved is bottom left
-
read the pinned post headers no more needs to be said!
-
something like this ? <?php $con = mysql_connect("localhost", "xxx", "xxx"); if (!$con) { die('Could not connect: ' . mysql_error()); } $value4 = ($_POST['value2'] - $_POST['value3']); mysql_select_db("db", $con); $sql="INSERT INTO ATS2007 (value1, value2, value3, value4) VALUES ('{$_POST['value1']}','{$_POST['value2']}','{$_POST['value3']}','$value4'" ;if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } of course you could use ('{$_POST['value1']}','{$_POST['value2']}','{$_POST['value3']}','($_POST['value2'] - $_POST['value3'])'" but the 1st one it easier for debugging
-
[SOLVED] Please help! This is not code begging!
MadTechie replied to Delaran's topic in PHP Coding Help
try if in a php block echo "<input type="text" name="conam" value=".$_GET['cid'].">"; or if in a html block <input type="text" name="conam" value="<?php echo $_GET['cid']; ".> -
lol my bad <?php $result1 = mysql_query("SELECT user_id, job_id FROM jobs WHERE done = '0'"); while($row1 = mysql_fetch_array( $result1 )) { $user_id = $row1['user_id']; $job = $row1['job_id']; if($job == '1') { $wages = '5'; } else { $wages = '0'; } $result2 = mysql_query("SELECT money FROM users WHERE user_id = '$user_id'"); while($row2 = mysql_fetch_array( $result2 )) { $money = $row2['money']; $earnings = $money + $wages; $sql = "UPDATE users SET money = '$earnings' WHERE user_id = '$user_id'"; mysql_query($sql); $sql = "UPDATE jobs SET done = '1' WHERE job_id = '1' AND user_id = '$user_id'"; mysql_query($sql); } } ?>
-
[SOLVED] Firefox says that code not 'redirecting properly'
MadTechie replied to soulscriber's topic in PHP Coding Help
oops change if(!isset($_GET['key'])) to if(!isset($_GET['key'])) { -
using ("HTTP_REFERER") will work but not in the index.php as the header is like the user manually entered the address, so i would say store ("HTTP_REFERER") in a session (from the files they tried to access and not the index.php) hope that helps
-
[SOLVED] Firefox says that code not 'redirecting properly'
MadTechie replied to soulscriber's topic in PHP Coding Help
what about <?php ob_start(); if(!isset($_GET['key'])) //tests to see if there is a Google query in referring URL and if so assigns referring keywords to $keywords, //otherwise $keywords="Subscription" by default. $query_part=strstr($_SERVER['HTTP_REFERER'], "q="); $param_array=explode('&', $query_part); foreach ($param_array as $param) { if ($param{0} == 'q') // if first char is q, it's your google query. { $word_string = substr($param, 2); // strip 'q=' $keywords = str_replace('"', '', urldecode($word_string)); } elseif ($param{0} !== 'q') { $keywords="Subscription"; } } }else{ //redirects visitor to page with referring keyword appended to URL ob_end_clean(); header("Location: urltest.php?key=$keywords"); } ?> -
think about it.. it bruteforce + md5.. simple as that i think this thread should be closed now, as were walking a line i think!!
-
try <?php $result = mysql_query("SELECT user_id, job_id FROM jobs WHERE done = '0'"); while($row = mysql_fetch_array( $result )) { $user_id = $row['user_id']; $job = $row['job_id']; if($job == '1') { $wages = '5'; } else { $wages = '0'; } $result = mysql_query("SELECT money FROM users WHERE user_id = '$user_id'"); while($row = mysql_fetch_array( $result )) { $money = $row['money']; $earnings = $money + $wages; $sql = "UPDATE users SET money = '$earnings' WHERE user_id = '$user_id'"; mysql_query($sql); $sql = "UPDATE jobs SET done = '1' WHERE job_id = '1' AND user_id = '$user_id'"; mysql_query($sql); } } ?>
-
[SOLVED] Firefox says that code not 'redirecting properly'
MadTechie replied to soulscriber's topic in PHP Coding Help
not working... please explain ? errors ? try <?php ob_start(); //tests to see if there is a Google query in referring URL and if so assigns referring keywords to $keywords, //otherwise $keywords="Subscription" by default. $query_part=strstr($_SERVER['HTTP_REFERER'], "q="); $param_array=explode('&', $query_part); foreach ($param_array as $param) { if ($param{0} == 'q') // if first char is q, it's your google query. { $word_string = substr($param, 2); // strip 'q=' $keywords = str_replace('"', '', urldecode($word_string)); } elseif ($param{0} !== 'q') { $keywords="Subscription"; } } //redirects visitor to page with referring keyword appended to URL ob_end_clean(); header("Location: urltest.php?key=$keywords"); ?> -
without any code i would say.. theirs a bug in it!!
-
as i said above move the } it should work
-
see here (same idea) if you want someone you do the work for you see here
-
<?php $result = mysql_query("SELECT user_id, job_id FROM jobs WHERE done = '0'"); while($row = mysql_fetch_array( $result )) { $user_id = $row['user_id']; //<--So this will only be the last result $job = $row['job_id']; } ///<--Ermm shouldn't this be \/ if($job == '1') { $wages = '5'; } else { $wages = '0'; } $result = mysql_query("SELECT money FROM users WHERE user_id = '$user_id'"); while($row = mysql_fetch_array( $result )) { $money = $row['money']; } $earnings = $money + $wages; $sql = "UPDATE users SET money = '$earnings' WHERE user_id = '$user_id'"; mysql_query($sql); $sql = "UPDATE jobs SET done = '1' WHERE job_id = '1' AND user_id = '$user_id'"; mysql_query($sql); //HERE ?>
-
looks good boo_lolly