razta

Hey thanks for the help and all, but is there any need to be patronising?

Sorry, I was calculating the amount of entries, should have made that clearer. I think I will just let the table grow and see how it goes, if it becomes unmanageable then I will just delete it and start fresh and then look for a solution. Thank you very much for your thoughts and insight.

Thanks, I think this may be a viable solution. I don't know much about how much space or processing power mysql needs to store or query data. But if I store every query; alpha = 26 numeric = 10 Total = 36 (not including special chars and converting all to lowercase) 36 to the power of 36 = 1.06387359 × 10^56 That's one massive table, does it really not matter that it could possibly get that big?

Hi, I have a search engine on my PHP application and I want to store the top 50 searches. Now, If I store all query's then the table will get huge. If I limit the amount of query's to 50 and then count the recurring searches then any new query's that weren't in the original 50 won't be stored. Any ideas on how I might solve this problem? Thank you in advance. autonumber Search Count 1 wine 5 2 eggs 1 3 bacon 7

Fantastic! Thank you very much. I had something like this in mind but wasn't sure quite how to organise it. Thanks again.

Hello! I am building a web application and I'm not sure what the most efficient way of storing my data is. I have some experience with SQL however it seems obviously not enough. My table looks as follows: SELECT * FROM data; +----------+---------------------------+----------+------------------+------------------+ | id | name | tree | old_versions | latest_version | +----------+---------------------------+----------+------------------+------------------+ | 1 | MYSQL | CS | 1,1.1,1.2,1.3 | 1.5 | | 2 | PHP | 5.3 | 5.3.1,5.3.2 | 5.3.3 | | 3 | PHP | 5.2 | 5.2.1, 5.2.2 | 5.2.3 | | 4 | ASP | | | | +----------+---------------------------+----------+------------------+------------------+ Now what I want to do is add the release date to the 'old versions' and 'latest_version'. What's the best way to structure my database to do this? The data being output would be something like: LATEST: PHP 5.3 (released: 01/01/2010) PHP 5.3.1 (released: 01/01/2009) PHP 5.3.0 (released: 01/01/2008) Any help is much appreciated. Thank you.

Something so simple yet fundamental. Thank you very much for your help!

Hello, I am trying to match a regex and extract the data from the matched string that I want. I want to extract the Apache version only from the Apache website. So I am using the following raw sting to do the match: <li><a href="#apache22">2.2.15</a> (released 2010-03-06)</li> And the data I want from the above raw string is just the '2.2.15'. Here is the code related to this problem: // Match regex in grabbed HTML source preg_match('/<li><a\shref="#apache22">(\d\.\d\.\d?\d)<\/a>\s\(released\s\d\d\d\d-\d\d-\d\d\)<\/li>/', $grabPage, $regex_version); echo $regex_version[0]; I expected the above to output '2.2.15' instead it output '<li><a href="#apache22">2.2.15</a> (released 2010-03-06)</li>'. Any help appreciated. Thanks in advance.

Finally got it working! It was a problem with file/folder permissions in the end, just had to chmod 777 the files/folders that the web app needed access to. A tip for anyone doing the same: Output the cron job results to a file for debugging, i.e. "* * * * * yourcommand > output.txt" Thank you all for your help!

Hello all, Still having problems trying to get this to work. I created a user called 'cron' and give it root privs and a blank password. PHP under the user 'nodoby' creates the cron file and then tries to add it to the user cron's crontab. echo $scriptOutput = shell_exec('sudo crontab -u cron ' . $cronFile); The cron file is being made and with the correct formatting however it is not being added to the user cron's crontab. Any ideas? Thanks again!

Thanks for the reply. I will try a couple of your options and see if I can get something working. I will leave this topic unsolved for now as I may have further questions. Thanks again!

@abazoskib no joy with shell_exec() @thorpe Yes I do. Its a development machine I have on my network. Any idea what permissions Apache should have? Wouldn't giving it more permissions be a security issue? Thanks for your replys!

Hello all, I have a PHP script which makes a cron file from user input. When i try to run the cron job via system() the job doesn't run, I suspect it has something to do with permissions. Any ideas on how I would go about getting this to work? Here is the system() call: echo $scriptOutput = system('crontab ' . $cronFile, $retval); Thank you in advance for your help.

Thanks for the replys. I will have a look into buffering and see if that fixes my problem. Another quick question I have is would it be possible to send a command to a shell and then disconnect it from PHP? When I currently run a command my PHP page continualy loads until the command has finished, is there a way jut to send the command and not have PHP continuesly loading? Thanks again!

What was the error?

Try: mysql_query("UPDATE players SET Password = '$Newp' WHERE Name = '$fname';"); Note the ;

Looks like it should work to me, give it a try.

Try commenting out: $filename = str_replace(" ","",$file); So it should look: // $filename = str_replace(" ","",$file); See if that works.

Can you not check and see if $_POSt["fname"] is in ChangePass.php?

Hi, Currently I am echoing the output of a system() call after the command has terminated, is there any way for PHP to echo the output in real time rather than wait for the command to finish? Here is what I am currently using: echo '<pre>'; $scriptOutput = system($command, $retval); echo '</pre>'; Thank you in advance.

Works great!! Thanks to everyone for the help!

Thank you for the reply roopurt18. I think im on the right track however theres still something im missing. function Guestbook(){ $query = "SELECT name, comment FROM guestbook"; $result = mysql_query($query); while($row = mysql_fetch_row($result)){ $name = $row[0]; $comment = $row[1]; } return "<b>Name</b> : {$name} <br>" . "<b>Message</b> : {$comment} <br><br>"; } Should I also stick the return in a loop?! Thanks again!

Hello, Im having a little trouble with the following: function Guestbook(){ $query = "SELECT name, comment FROM guestbook"; $result = mysql_query($query); while($row = mysql_fetch_array($result, MYSQL_ASSOC)){ return "<b>Name</b> : {$row['name']} <br>" . "<b>Message</b> : {$row['comment']} <br><br>"; } } When I call the Guestbook() function it only returns one comment and omits the rest. I have been playing with the code for hours, im sure theres a simple solution. Thanks in advance!

Hello, Im wanting to read a text file and then return the output in a loop until the EOF is reached. Here is the text file in question (PHPIDS log file): "local/unknown",2009-08-04T13:10:58+01:00,52,"xss csrf id rfe lfi sqli","REQUEST.name=%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fscript%3E GET.name=%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fscript%3E","%2Fdvwa%2Fvulnerabilities%2Fxss%2F%3Fname%3D%253Cscript%253Ealert%2528%2527xss%2527%2529%253B%253C%252Fscript%253E","127.0.0.1" "local/unknown",2009-08-04T13:35:24+01:00,12,"sqli id lfi","REQUEST.name=%27 GET.name=%27","%2Fdvwa%2Fvulnerabilities%2Fxss%2F%3Fname%3D%2527","127.0.0.1" And here is where I have got up to so far: function readLog(){ $Lines = file(PHPIDS_LOG.txt); $LineCount = count($Lines); $Data = array(); $i = 0; // Loop through each line foreach($Lines as $Value) { $Data[$i] = explode(",", $Value); // Increase the line index $i++; } return $Data[0][1]; } What im struggleing with is returning the $Data variable within a loop. Here is an example of how I wish the output to look: Unknown: local/unknown Date: 2009-08-04 Time: 13:10:58+01:00 [...] <hr> Unknown: local/unknown Date: 2009-08-04 Time: 13:10:58+01:00 [...] Thanks in advance.

Hello, Im trying to implement a Cross Site Request Forgery example into an open source project called Damn Vulnerable Web App. I am trying to implement a page that is vulnerable to CSRF that allows the admin to change his password. if (isset($_GET['Login'])) { // Admin login form $pass = $_GET['password']; $pass = mysql_real_escape_string($pass); $pass = md5($pass); $qry="SELECT * FROM `users` WHERE user='admin' AND password='$pass';"; $result=mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' ); if($result && mysql_num_rows($result) == 1){ // Login Successful $html .= ' <br><hr><br> Welcome to the password protected area admin. <br><br><br> <h3>Change your password:</h3> <br> <form action="#" method="GET"> New password:<br> <input type="password" AUTOCOMPLETE="off" name="password_new"><br> Confirm new password: <br> <input type="password" AUTOCOMPLETE="off" name="password_conf"> <br> <input type="submit" value="Change" name="Change"> </form>'; if (isset($_GET['Change'])) { // Change password $pass_new = $_GET['password_new']; $pass_conf = $_GET['password_conf']; if ($pass_new == $pass_conf){ $pass_new = mysql_real_escape_string($pass_new); $pass_new = md5($pass_new); $insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';"; $result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' ); $html .= "<pre> Password Changed </pre>"; mysql_close(); } else{ $html .= "<pre> Passwords did not match. </pre>"; } } } else{ //Login failed $html .= "<pre><br>Password incorrect.</pre>"; mysql_close(); } } The problem being that when the 'Change' form is submitted the form reverts back to the admin login rather than displaying the $html variables. Thank you in advance, Ryan