Jump to content

Crew-Portal

Members
 View Profile  See their activity

  • Posts

    516

  • Joined

  • Last visited

 Content Type 

Posts posted by Crew-Portal

    Dynamic title

    in PHP Coding Help

    Posted · Edited by Crew-Portal 

    <?php
$page = $_GET['page'];
$selection = explode(".", $page);
	if ($page == ""){
		include_once('pages/dashboard.sidebar.php');
		include_once('pages/dashboard.dashboard.php');
	}
	else if (($page != "") && file_exists('pages/'.$page.'.php')){
		include_once('pages/'.$selection[0].'.sidebar.php');
		include_once('pages/'.$page.'.php');
	}
	else {
		include_once('pages/error.php');
	}		
?>

    Sorry, this is off topic but Instead of creating every possible page name why not put a loop in there and then redirect based on input from href's and $page variable. Then redirect, if the page doesn't exist then it puts them at an error screen.

    Simple header not working in php..? HELPPPPP..!

    in PHP Coding Help

    Posted · Edited by Crew-Portal 

    <?php
header('Location: http://google.com/');
echo "
	<script type=\"text/javascript\">
		<!--
		window.location = \"http://google.com/\"
		//-->
        </script>";
die("Unknown Error");
?>

    Make sure this is at the VERY top of your page. Before any HTML gets outputted to the browser. This will try to use PHP for the redirect, if it fails it will attempt Javascript for redirect, if Javascript also fails (or is turned off in the user client) it will cause an error page to load.

    Autocomplete Search bar

    in PHP Coding Help

    Posted

    I have to completely agree with ginerjm. Keep your code simple, more un-needed scripting not only uses up more of your time to create and diagnose but it also increases the loading time of each page. Depending on how much traffic your website is getting these little pieces of unneeded, heavy transfer code can bring even the mightiest of servers to their knees.

    Protecting against SQL Injection:

    in PHP Coding Help

    Posted

    Um, no. That doesn't do anything to prevent SQL injection since most SQL injection is due to the use of quote marks in the content.

     

    I understand that however the quot marks dont execute because the string below strips them to ASCII, I tried injecting myself and it doesnt appear to work, however removing the lines below from the code allowed me to do so.

    $string = str_replace("\"", """, $string);
$string = str_replace("'", "'", $string);
$string = str_replace("`", "`", $string);

    Isn't that how it works?

    Protecting against SQL Injection:

    in PHP Coding Help

    Posted

    I was wondering what most of you guys use to prevent against SQL injection? This is what I am currently using.

    function transform_HTML($string, $length = NULL){
	$string = trim($string);
	$string = utf8_decode($string);
	$string = htmlentities($string, ENT_NOQUOTES);
	$string = str_replace("\"", """, $string);
	$string = str_replace("#", "#", $string);
	$string = str_replace("$", "$", $string);
	$string = str_replace("%", "%", $string);
	$string = str_replace("&", "&", $string);
	$string = str_replace("'", "'", $string);
	$string = str_replace("(", "(", $string);
	$string = str_replace(")", ")", $string);
	$string = str_replace("*", "*", $string);
	$string = str_replace("+", "+", $string);
	$string = str_replace(",", ",", $string);
	$string = str_replace("-", "-", $string);
	$string = str_replace("/", "/", $string);
	$string = str_replace(":", ":", $string);
	$string = str_replace(";", ";", $string);
	$string = str_replace("<", "<", $string);
	$string = str_replace("=", "=", $string);
	$string = str_replace(">", ">", $string);
	$string = str_replace("?", "?", $string);
	$string = str_replace("@", "@", $string);
	$string = str_replace("[", "[", $string);
	$string = str_replace("]", "]", $string);
	$string = str_replace("^", "^", $string);
	$string = str_replace("_", "_", $string);
	$string = str_replace("`", "`", $string);
	$string = str_replace("{", "{", $string);
	$string = str_replace("|", "|", $string);
	$string = str_replace("}", "}", $string);
	$string = str_replace("~", "~", $string);
	
	$length = intval($length);
	if ($length > 0){
		$string = substr($string, 0, $length);
	}
	return $string;
}

    Which then gets called by:

    if ($action == 'login'){ // Login Action
$_SESSION['loginerror'] = FALSE;
$myusername = transform_HTML($_POST['login-username'], 21);
$mypassword = transform_HTML($_POST['login-password'], 21);

$sql="SELECT * FROM $table[users] WHERE username='$myusername' and password=MD5('$mypassword')";
$result=mysqli_query($db, $sql);
// Mysql_num_row is counting table row
$count=mysqli_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Login Stuff
}

    Is there a more efficient way, or more secure way of doing this?

    Getting Keys For Array Value

    in PHP Coding Help

    Posted

    The website I am working on is a HRIS project for a popular fast food franchise chain. The login for one restaurant allows one user to modify all actions for all restaurants owned by the same franchisee. These are organized by multiple databases calling the same id's.

     

    Below is the code used for selecting all restaurants where the same franchise id is used as the restaurant login.

     

     $result = mysql_query("SELECT id, name FROM restaurants WHERE franchise = $_SESSION[sESS_RESTAURANT_FRANCHISE]");
 $_SESSION['franchise_arr'] = array();
 while($row = mysql_fetch_array($result)){
 $_SESSION['franchise_arr'][$row['id']] = $row['name'];
 }

     

    So lets say for one login the SESSION array is populated like this:

     

    $_SESSION[sESS_RESTAURANT_FRANCHISE][1] = "Restaurant One";
$_SESSION[sESS_RESTAURANT_FRANCHISE][15] = "Restaurant Two";
$_SESSION[sESS_RESTAURANT_FRANCHISE][29] = "Restaurant Three";

     

    I need a way to check to see if the KEY value is in an array as oppose to the value itself. For example I have:

     

    if (!in_array($rest, $_SESSION['franchise_arr'])){ $rest = $_SESSION['SESS_RESTAURANT_ID']; }

     

    However that checks for the values "Restaurant One", "Restaurant Two", "Restaurant Three". Where I would like it to look for "1", "15", or "29".

     

    I hope someone understands what I mean :\ I've been strugging with this for quite a while.

    Storing friends in mysql

    in PHP Coding Help

    Posted

    I have a database with all users.. Within that database all users have an id. How would I make it so users can "friend" other users? Would I need to make a new table for that?

     

    Im sorry for the dumb question.. I havent dealt with php or mysql in about two years because I was busy getting engaged and all.. But now that I have time again I think im gonna take up one of my old projects. Granted I probably could have answered this question myself back then but now im finding some trouble taking up programming again. :\

    Charactor Set

    in PHP Coding Help

    Posted

    Quick question. When setting a charactor set should I use a header and a META or just a header?

     

    Like:

     

    <?php
header('Content-Type: text/html; charset=utf-8');
echo '<meta http-equiv=Content-Type content="text/html; charset=UTF-8">';
?>

     

    or just:

     

    <?php
header('Content-Type: text/html; charset=utf-8');
?>

    Twitter API

    in PHP Coding Help

    Posted

    Quick question. I created a quick library using Curl to post tweets to twitter. However whenever I do it says "Submitted by API". Is there any way to change the name from API to my website name? Or do I have to sign up thru a twitter API Licence. If there is a library to change this name can someone show me how to do it?

    [SOLVED] MD5 base64_encode help.

    in PHP Coding Help

    Posted

    Quick question about encription. Is there a way of encoding information and then having a relable way of decoding it? Preferable with a easter egg. Such as:

     

    $encoded_string = "Testing".$secretword;

     

    I tried using base64_encode and _decode, and it worked perfectly. The only problem is that the string length is not constant. I need a way of encoding so that the length is always the same.. 4 Charactors.. 50 Charactors. It doesnt matter, It just has to be constant. So that "test" and "Hello my name is billy bob joe" Would both encode with a str length of like.. 18. You know what I mean?

    [SOLVED] First time using classes.. Give me a break :)

    in PHP Coding Help

    Posted 

    <?php
class Site{
     // some stuff here.
}

class Connection extends Site{
   private $database;
   private $host;
   private $username;
   private $password;
   
   private function Connect(){
      $connection = @mysql_connect("$host", "$username", "$password") or die("Couldn't connect.");
      $db = @mysql_select_db($$database, $connection) or die("Couldn't select database.");
   }
   
   function Connection($db,$host,$user,$pass){
      this->$database = $db;
      this->$host = $host;
      this->$username = $user;
      this->$password = $pass;
      Connect();
   }
   
}

Site s = new Connection("bla","bla","bla","bla");
?>

    It seems like it should work, However I end up getting this error:

     

    Parse error: syntax error, unexpected T_OBJECT_OPERATOR in C:\xampp\htdocs\lib\config.php on line 18

     

    Any suggestions?

    2D Array cleanup

    in PHP Coding Help

    Posted 

    <?php
$config=
	array('site'=>
		array('connection'=>
			array('database'=>'SECRET',
				'username'=>'SECRET',
				'password'=>'SECRET',
				'location'=>'localhost',
				'type'=>'mysql'),
		array('settings'=>
			array('backgroundcolor'=>'#CEE1E9',
				'contentcolor'=>'#FFFFFF',
				'sidebarcolor'=>'#C8D1D5',
				'textcolor'=>'#000000',
				'linkcolor'=>'#002E6E',
				'backgroundimage'=>null,
				'disposition'=>1,
				'language'=>'English'),
		array('name'=>
			array('sitename'=>'None',
				'slogan'=>'None'),
		array('sessions'=>
			array('username'=>$_SESSION['valid_user'],
				'user_id'=>$_SESSION['user_id']),
		array('server'=>
			array('file_quota'=>5000000,
				'user_quota'=>50000000,
				'monthly_quota'=>15000000,
				'uploads'=>TRUE),
		array('uploads'=>
			array('image/png'=>TRUE,
				'image/jpeg'=>TRUE,
				'image/gif'=>TRUE,
				'image/svg+xml'=>TRUE,
				'audio/mpeg'=>TRUE,
				'audio/x-speex'=>TRUE,
				'application/ogg'=>TRUE,
				'application/pdf'=>TRUE,
				'application/vnd.oasis.opendocument.text'=>TRUE,
				'application/vnd.oasis.opendocument.text-template'=>TRUE,
				'application/vnd.oasis.opendocument.graphics'=>TRUE,
				'application/vnd.oasis.opendocument.graphics-template'=>TRUE,
				'application/vnd.oasis.opendocument.presentation'=>TRUE,
				'application/vnd.oasis.opendocument.presentation-template'=>TRUE,
				'application/vnd.oasis.opendocument.spreadsheet'=>TRUE,
				'application/vnd.oasis.opendocument.spreadsheet-template'=>TRUE,
				'application/vnd.oasis.opendocument.chart'=>TRUE,
				'application/vnd.oasis.opendocument.chart-template'=>TRUE,
				'application/vnd.oasis.opendocument.image'=>TRUE,
				'application/vnd.oasis.opendocument.image-template'=>TRUE,
				'application/vnd.oasis.opendocument.formula'=>TRUE,
				'application/vnd.oasis.opendocument.formula-template'=>TRUE,
				'application/vnd.oasis.opendocument.text-master'=>TRUE,
				'application/vnd.oasis.opendocument.text-web'=>TRUE,
				'application/x-zip'=>TRUE,
				'application/zip'=>TRUE,
				'text/plain'=>TRUE,
				'video/mpeg'=>TRUE,
				'video/mp4'=>TRUE,
				'video/quicktime'=>TRUE,
				'video/mpeg'=>TRUE)
)))))));
?>

     

    The following script works fine but when I call the array I have to do it like so..

     

    $config['site'][0]['settings']['backgroundcolor'];

     

    But I would like to access it by

     

    $config['site']['settings']['backgroundcolor'];

     

    Any ideas on how to remove that useless integer value?

    [SOLVED] 3D Arrays hate me

    in PHP Coding Help

    Posted

    I surrounded the array with <PRE></PRE> and got:

     

    Array
(
    [site] => Array
        (
            [connection] => Array
                (
                    [database] => SECRET
                    [username] => SECRET
                    [password] => SECRET
                    [location] => localhost
                )

            [0] => Array
                (
                    [settings] => Array
                        (
                            [backgroundcolor] => #CEE1E9
                            [contentcolor] => #FFFFFF
                            [sidebarcolor] => #C8D1D5
                            [textcolor] => #000000
                            [linkcolor] => #002E6E
                            [backgroundimage] => 
                            [disposition] => 1
                        )

                )

            [1] => Array
                (
                    [name] => Array
                        (
                            [sitename] => None
                            [slogan] => None
                            [language] => English
                        )

                )

            [2] => Array
                (
                    [sessions] => Array
                        (
                            [username] => 
                            [user_id] => 
                        )

                )

        )

)

     

    Does that shed any light on the situation? Cause I understand that I dont have the arrays grouped properly. But sadly I dont know how to fix it :'(

    [SOLVED] 3D Arrays hate me

    in PHP Coding Help

    Posted 

    <?php	
$config=
	array('site'=>
		array('connection'=>
			array('database'=>'SECRET',
				'username'=>'SECRET',
				'password'=>'SECRET',
				'location'=>'localhost'),
		array('settings'=>
			array('backgroundcolor'=>'#CEE1E9',
				'contentcolor'=>'#FFFFFF',
				'sidebarcolor'=>'#C8D1D5',
				'textcolor'=>'#000000',
				'linkcolor'=>'#002E6E',
				'backgroundimage'=>null,
				'disposition'=>1),
			),
		array('name'=>
			array('sitename'=>'None',
				'slogan'=>'None',
				'language'=>'English'),
			),
		array('sessions'=>
			array('username'=>$_SESSION['valid_user'],
				'user_id'=>$_SESSION['user_id']),
			),
		)
	)
;?>

     

    Why cant I access my arrays like..

     

    $config['site']['settings']['backgroundcolor'];

     

    I cant figure it out. And im not getting any errors..

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.