marksie1988

i use css on my website which works fine in ff 2.0 and ff1.0 and ie but when i look at my site in ff3.0 all looks well on the first page but if you go to another page the css will not load. the only problem is i cant use @import which fixes the problem as i use a javascript which alows me to change the stylesheet for different themes any ideas on why ff3.0 doesnt like this?

why did you think this ?

How much did you pay? They screwed you... looking at there portfolio all there sites are like this :S cant say i would pay a penny for them

if($nt=mysql_fetch_assoc($rt)){ $pic=$nt[pic]; // name class and mark will be printed with one line break at the end $dir = "/home/******/public_html/****/login/userpics/"; $dest = $dir.$pic; unlink($dest); }

no sessions are involved ok i have now managed to get it all working after using the print_r for some reason the $user was getting the wrong username so i changed that and it now works but i now get an error for the chmod Warning: chmod() [function.chmod]: Operation not permitted in /home/*****/public_html/*****/login/userpics/delimg.blc on line 19 would i need to use chown?

i9 have changed that to assoc but doesnt change a thing i have echoed $pic and nothing is shown but as i said before if i change the if statement to a while then the $pic works but $dir loops

when i use that code i get Warning: chmod() [function.chmod]: Operation not permitted in /home/*****/public_html/*****/login/userpics/delimg.blc on line 16 Warning: unlink(/home/*****/public_html/*****/login/userpics/) [function.unlink]: Is a directory in /home/*****/public_html/*****/login/userpics/delimg.blc on line 17 also if i echo $dest it doesnt add the image just the directory :S EDIT: Also if i change the if statement to while then the $pic will echo but the $dir will loop

$pic simply contains a picture name which is the users name and then the file extension e.g. mine would be marksie1988.png

i have the following script <?php include("../../login/include/session.blc");//i assume this is your database connection? $user = (int)$_GET['user']; //type casting to ensure it is an integer $upload = urldecode($_GET['upload']); $query = "SELECT * FROM users WHERE username = $user"; $result = mysql_query ($query); while ($row = mysql_fetch_array($result)) { $pic = $row['pic']; unlink($pic); } $query = "UPDATE `users` SET `pic` = '' WHERE `username` = $user"; $result = mysql_query($query) or die(mysql_error()); header("location:$upload");//forward the user to the destination ?> when the user wants to change there picture they click a link which will run the above script, but what is happening is i get this error Warning: unlink() [function.unlink]: open_basedir restriction in effect. File() is not within the allowed path(s): (/home/marksie:/usr/lib/php:/usr/local/lib/php:/tmp) in /home/****/public_html/****/login/userpics/delimg.blc on line 17 so i went and changed the while to an if and then added the full path to my script as follows <?php include("../../login/include/session.blc");//i assume this is your database connection? $user = (int)$_GET['user']; //type casting to ensure it is an integer $upload = urldecode($_GET['upload']); $query="select * from users"; // query string stored in a variable $rt=mysql_query($query); // query executed echo mysql_error(); if($nt=mysql_fetch_array($rt)){ $pic=$nt[pic]; // name class and mark will be printed with one line break at the end $dir = "/home/*****/public_html/****/login/userpics/"; $dest = $dir.$pic; unlink($dest); } $query = "UPDATE `users` SET `pic` = '' WHERE `username` = $user"; $result = mysql_query($query) or die(mysql_error()); header("location: ../".$upload);//forward the user to the destination ?> but then i get the following and if i echo the $pic it no longer works where as when it was a while statement it did work Warning: unlink(/home/****/public_html/****/login/userpics/) [function.unlink]: Is a directory in /home/marksie/public_html/blacklime/login/userpics/delimg.blc on line 17 please could someone help with this as i dont know where im going wrong

ok i have done found quite a few things wrong but no one has been helping me to stop the xss issue dont suppose anyone knows?

OK i have now blocked most of this (removed the whois too much hassle) but i don't know how to block the following thing could someone point me in the right direction or show me how to do it?

Full Path Disclosure: http://blconline.co.uk/inc/right.blc Full Ptah Disclosure: http://blconline.co.uk/inc/footer.blc Full Ptah Disclosure: http://blconline.co.uk/inc/footer.blc ok i have done this now but i have no idea how to stop this one Fatal error: Call to a member function isMod() on a non-object in /home/marksie/public_html/blacklime/inc/right.blc on line 58

Block this directory; http://blconline.co.uk/adsys/. ok thanks i have fixed this now

how would i fix this issue?

Hey guys please beta test my website for security vulnerabilities and how i could fix any if its a quick fix www.blconline.co.uk Thanks Steve

oo thankyou i was going to see if i could do that instead

Thanks for all the input i am now looking into selective themes so that the theme can be changed to what you prefer to stop anoyances and i will make sure that this works correctly when i have chance to code it Is a no-no. You need to make it work for all the major browsers. Besides, I'm already using Firefox: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9b2) Gecko/2007121120 Firefox/3.0b2 IMO it's too dark. Also, when I see a menu like yours I expect to be able to click anywhere on the "button" seeing as there are stripes going to the right, yet I have to move to the text itself to click it. and i agree that it should work with all browsers and it should do the only reason that it thinks yours isnt firefox is because its the new version which isnt yet in my script as its only a beta, also when using IE it says it isnt compatible but it is, i just havent got around to changing that yet as for the menu i will look at a way to make the whole button clickable instead of just the text

i coded most of it with help from here, this is the most i have ever done on a website was a very large learning curve but i wanted to understand php

well i have been working on this site for a while still not all working yet though, you can see what is still to be done in the dev section all constructive criticism welcomed http://www.blconline.co.uk EDIT: a test account with the username: demo123 and password: demo123 has been setup for you to test thanks Steve

i have tried variouse ways to watermark the image but cant seem to get it working, i have the below script which uploads and resizes the image and i am trying to get it to add a watermark after it resizes but everything i try doesnt work, i was wondering if someone could give me help with this as i am strugling to find something that will work with my script on the net or im just looking in the wrong places. <?php include("../login/include/session.blc"); $directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']); $uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'userpics/'; $uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.form.blc'; $uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.success.blc'; $fieldname = 'file'; $errors = array(1 => 'php.ini max file size exceeded', 2 => 'html form max file size exceeded', 3 => 'file upload was only partial', 4 => 'no file was attached'); isset($_POST['submit']) or error('the upload form is needed', $uploadForm); ($_FILES[$fieldname]['error'] == 0) or error($errors[$_FILES[$fieldname]['error']], $uploadForm); @is_uploaded_file($_FILES[$fieldname]['tmp_name']) or error('not an HTTP upload', $uploadForm); @getimagesize($_FILES[$fieldname]['tmp_name']) or error('only image uploads are allowed', $uploadForm); $temp_filename = $_FILES[$fieldname]['name']; $ext = explode('.',$temp_filename); $ext = $ext[count($ext)-1]; $temp_filename = time()."-".$session->username.".".$ext; $now = time(); while(file_exists($uploadFilename = $uploadsDirectory.$temp_filename)) { $now++; } $username = $session->username; mysql_query ("UPDATE users SET pic = '$temp_filename' WHERE username = '$username'"); @move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename) or error('receiving directory insuffiecient permission', $uploadForm); $uploadFilename = $uploadsDirectory.$temp_filename; $ext = strtolower($ext); if($ext == "jpg" || $ext == "jpeg" || $ext == "pjpeg") { $originalImage = imagecreatefromjpeg($uploadFilename); } elseif($ext == "png") { $originalImage = imagecreatefrompng($uploadFilename); } elseif($ext == "gif") { $originalImage = imagecreatefromgif($uploadFilename); } list($width, $height) = getimagesize($uploadFilename); if($width >= $height){ $ratio = $width/$height; $newWidth = 144; $newHeight = $newWidth/$ratio; } else{ $ratio = $height/$width; $newHeight = 120; $newWidth = $newHeight/$ratio; } $tempImage = imagecreatetruecolor($newWidth, $newHeight); imagecopyresampled($tempImage, $originalImage, 0, 0, 0, 0, $newWidth, $newHeight, $width, $height); imagejpeg($tempImage, $uploadFilename, 80); imagedestroy($tempImage); header('Location: ' . $uploadSuccess); function error($error, $location, $seconds = 5) { header("Refresh: $seconds; URL=\"$location\""); echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n". '"http://www.w3.org/TR/html4/strict.dtd">'."\n\n". '<html lang="en">'."\n". ' <head>'."\n". ' <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n". ' <link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n". ' <title>Upload error</title>'."\n\n". ' </head>'."\n\n". ' <body>'."\n\n". ' <div id="Upload">'."\n\n". ' <h1>Upload failure</h1>'."\n\n". ' <p>An error has occured: '."\n\n". ' <span class="red">' . $error . '...</span>'."\n\n". ' The upload form is reloading</p>'."\n\n". ' </div>'."\n\n". '</html>'; exit; } ?>

all i need to know is where the gd should be added as i cant figure it out as im n00b to this

Hi, i have a script that allows my users to upload am image onto my website, i am looking at modifying it so that it can resize the image and then add a watermark to it, i know that i need to use gd to do this but have never used gd before and dont know where to add the gd code into my script. i have guessed also that once i know how to add the gd for resizing the image i will be able to work out the watermark for myself so where do i add gd script and what would i need to resize >??? my code is below. <?php include("../login/include/session.blc"); $directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']); $uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'userpics/'; $uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.form.blc'; $uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.success.blc'; $fieldname = 'file'; $errors = array(1 => 'php.ini max file size exceeded', 2 => 'html form max file size exceeded', 3 => 'file upload was only partial', 4 => 'no file was attached'); isset($_POST['submit']) or error('the upload form is needed', $uploadForm); ($_FILES[$fieldname]['error'] == 0) or error($errors[$_FILES[$fieldname]['error']], $uploadForm); @is_uploaded_file($_FILES[$fieldname]['tmp_name']) or error('not an HTTP upload', $uploadForm); @getimagesize($_FILES[$fieldname]['tmp_name']) or error('only image uploads are allowed', $uploadForm); $now = time(); while(file_exists($uploadFilename = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name'])) { $now++; } $username = $session->username; $pic = $now.'-'.$_FILES[$fieldname]['name']; mysql_query ("UPDATE users SET pic = '$pic' WHERE username = '$username'"); @move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename) or error('receiving directory insuffiecient permission', $uploadForm); header('Location: ' . $uploadSuccess); function error($error, $location, $seconds = 5) { header("Refresh: $seconds; URL=\"$location\""); echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n". '"http://www.w3.org/TR/html4/strict.dtd">'."\n\n". '<html lang="en">'."\n". ' <head>'."\n". ' <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n". ' <link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n". ' <title>Upload error</title>'."\n\n". ' </head>'."\n\n". ' <body>'."\n\n". ' <div id="Upload">'."\n\n". ' <h1>Upload failure</h1>'."\n\n". ' <p>An error has occured: '."\n\n". ' <span class="red">' . $error . '...</span>'."\n\n". ' The upload form is reloading</p>'."\n\n". ' </div>'."\n\n". '</html>'; exit; } ?> please help a poor sole

yes i could do this but i wanted something that i would be able to edit alot easier than those types i have used them before and there too complex to edit for me and sometimes when i install a mod or something it overwrite the file i changed!

i want to have a simple forum on my website a bit like the one on myspace, i have found a few tutorials and they do work but they dont have different boards/categories. if anyone knows of a tutorial that allows for boards/categories that would help here is a link to the myspace ones incase you would like an example http://forums.myspace.com/?fuseaction=forums.home i would also like it to have the administration ability so that after i have changed it to intergrate with my login system then i can delete a post if necissary Thanks Steve EDIT: i would like one for PHP as i dont know ASP and my site is in php

i fixed it now thanx for the mysql statement