d22552000
-
Posts
535 -
Joined
-
Last visited
Never
Posts posted by d22552000
-
-
LOGIN CODE:
include('inc/conf.php'); //session started in here if (isset($_GET['login'])) { $login = clean($_POST['l']); mysql_connect(localhost,'root',''); $result=mysql_query("SELECT `ID` FROM `*`.`users` WHERE user='$login' AND pass='".md5($_POST['b'])."'") or die(mysql_error()); if(!mysql_num_rows($result)>0) { html('Error','Login Invalid',true); } else { session_regenerate_id(); $member=mysql_fetch_assoc($result); $_SESSION['MID']=$member['ID']; //Write session to disc session_write_close(); header("location: index.php?LID=".rand()); exit(); } }INDEX.PHP:
<?PHP include('inc/conf.php'); //session started in here if (!empty($_SESSION['MID'])) { header('location: login.php'); exit(); } html('Members Home','<div align="right"><a href="login.php?logout">Logout</a></div><br/>Welcome, '.$_SESSION['MIN'].'. Logged In!<br/><br/>Sorry, but we haven\'t made the user control panel yet ',true); ?>INC/CONF.PHP
<?PHP include('../html/html.php'); include('../../log.php'); $SELF = $_SERVER['PHP_SELF']; $HOST = $_SERVER['HTTP_HOST']; $RADD = $_SERVER['REMOTE_ADDR']; $RHST = $_SERVER['REMOTE_HOST']; $RPRT = $_SERVER['REMOTE_PORT']; $REFR = $_SERVER['HTTP_REFERER']; $REQU = $_SERVER['REQUEST_TIME']; $QURY = $_SERVER['QUERY_STRING']; $CONN = $_SERVER['HTTP_CONNECTION']; $USAG = $_SERVER['HTTP_USER_AGENT']; __log($SELF,$HOST,$RADD,$RHST,$RPRT,$REFR,$REQU,$QURY,$CONN,$USAG); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // some day in the past header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); session_start(); ?>and I get redirected back to the login page whats wrong?
-
++ does the same thing.... SET `downloads`++
-
still not updating dlcount, now it wont even come from 0 to 1 like it WAS doing..
FULL SOURCE:
<?PHP include('./HTML/html.php'); include('../log.php'); $SELF = $_SERVER['PHP_SELF']; $HOST = $_SERVER['HTTP_HOST']; $RADD = $_SERVER['REMOTE_ADDR']; $RHST = $_SERVER['REMOTE_HOST']; $RPRT = $_SERVER['REMOTE_PORT']; $REFR = $_SERVER['HTTP_REFERER']; $REQU = $_SERVER['REQUEST_TIME']; $QURY = $_SERVER['QUERY_STRING']; $CONN = $_SERVER['HTTP_CONNECTION']; $USAG = $_SERVER['HTTP_USER_AGENT']; __log($SELF,$HOST,$RADD,$RHST,$RPRT,$REFR,$REQU,$QURY,$CONN,$USAG); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // some day in the past header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); function getfile($TYPE,$B,$PATH) { mysql_query("UPDATE `filepirate`.`FILES` SET `Downloads`=`Downloads`+1 WHERE `ID`='$B'") or die(mysql_error()); $a=@file_get_contents('../dl.cnt'); $a++; @file_put_contents('../dl.cnt',$a); header('Content-Description: File Transfer'); header('Content-Length: '.filesize($PATH)); header('Content-type: '.$TYPE); header('Content-Disposition: attachment; filename="'.$B.'"'); readfile($PATH); } function eror($RET) { html('ERROR',$RET); die(); } $NAME = $_GET['id']; /* MYSQL CONNECTION */ mysql_connect(localhost,'root',''); $r = mysql_query("SELECT * FROM `filepirate`.`FILES` WHERE ID=$NAME;") or eror(mysql_error()); while(list($ID,$B,$PASS,$DESC,$TYPE,$DOWN)= mysql_fetch_row($r)) { $PATH = './Files/'.$ID; if (file_exists($PATH) && !empty($_GET['id'])) { if (!empty($PASS)) { if (!empty($_POST['pass'])) { if ($PASS==$_POST['pass']) { getfile($TYPE,$B,$PATH); } else { eror('Invalid Pass. Pass Not Right'); } } else { eror('No Password Entered'); } } else { getfile($TYPE,$B,$PATH); } } else { eror('Invalid File. File Not Here!'); } } ?>The type of my DOWNLOADS column in mysql is int(12)
-
no error, warning, or notice returned.
-
ya, no popup blocker LOL. it returns "errors on page" no matter wht I do
and NO MATTER WHAT I DO window iwll not tell me the errors
I even have "show me info for every script error" checked.
-
I have a mysql call in a php function that says WHERE id=$id downloads=downloads+1 and it doesnt work:
mysql_query("UPDATE `*`.`FILES` SET `Downloads`=`Downloads`+1 WHERE `files`.`ID` = '$B';");Downloads only goes upto 1 and won't go over 1...
-
newWindow('status2.php','Status')
that wont even work
No errors, no popup, COMPLETELY IGNORED.
but all my other onsubmit actions run fine...
-
.. no it doenst.
I just recently upgraded my ISP, and at a low 5MBIT upload speed,. I get ulimited B/w (80TB /m) and who the hell uses 80TB on a 5MBIT connection!?
-
how do I open a new window using the onsubmit clause?
I want the following:
no toolbar,
no directory,
no location,
no status,
no scrollbar,
height 150
width 500
yes resizable
url=status.php
title=Upload Status.
Every time I try to make a new window in js, I get js errors (errors on page) so ya, if you could plex help..
-
hmm as far as ""ftp://user:pass@ftp.com/path/to/files/file name§♪/[◄♀ΩV65♦.pdf"" goes,
you dont want the user and pass, you could always do a javascript to hide hte user/pass:
//THIS CODE IS GO.PHP:
<?PHP
header('location = "ftp://user:pass@ftp.com/path/to/files/'.$file.'";');
?>
//CODE FOR BLA.PHP
<?PHP
//stuff in php
?>
<!-- HTML STUFF --!>
<a href="go.php?FILE">FILE</a>
<!-- HTML STUFF --!>
<?PHP
//stuff in php
?>
-
-
since he is using $_REQUEST, this is POST and GET.
Change ALL Your forms to submit to POST instead of GET
... <form method="POST" ...
-
It really isn't working too well, so hey, I tried this out...
I made a script to query the name field in teh database of files for any file starting with a single letter chosen. "X%" would search for everythign beginning with an X. (in mysql terms a % is a wildcard*) My current code can be found below, it sucks balls, yes, but I could not think of a better way to do it.
It currently searches and returns no results no matter what, although all of my files currently in the database do not have capital letters so maybe iI should search for both the upercanse and lowercase letters for an input? (X and x). But how would I do this? I am using RANGE to make the HTML inks for it, and I THINK I am doing the page stepping properly by saying LIMIT (perpage),(startnum);
<?PHP if (!empty($_GET['go'])) { $mysearch =$_GET['go']; $mysearch = trim($mysearch); if (!$mysearch || $mysearch=='') html('Search, No Results!','No Results Were Returned!'); if (strlen($mysearch)>2) html('Hacking Attempt Detected, THIS IS NOT THE SEARCH!.'); /* MYSQL CONNECTION */ mysql_connect(localhost,'root',''); $page = 1 + $_GET['p'] * 25; $sql = "SELECT * FROM `*`.`files` "; $sql.= "WHERE `Name` LIKE '$mysearch%' LIMIT 25,$page"; $result = mysql_query($sql); if (!$result) html('No Results!','No Results Were Returned!'); $RET = '<font size="3">Returned '.$num_books.' Results</font> <TABLE width="95%"> '; while(list($ID,$Name,nul,$Description,nul,$Downloads)= mysql_fetch_row($result)) { $RET.= " <TR><TD><a href='./FORM/Files.php?download&id=$ID'>$Name</a></TD><TD>$Description</TD><TD>$Downloads</TD></TR> "; } $RET.= '</TABLE>'; } $REM = $RET; $REE=''; foreach (range('1', '9') as $letter) { $REE.= '<A HREF="?go='.$letter.'">'.$letter.'</A> '; } foreach (range('A', 'Z') as $letter) { $REE.= '<A HREF="?go='.$letter.'">'.$letter.'</A> '; } $RET = $REE.$REM; echo $RET; ?>So , even though my code SUCKS, why doesn't it work?
BTW, I am aware that I have not outputted the page selection dropdown yet.
-
thanks, I knew there was a way but I couldnt find it, I tried array_list but it was depricated and list was the wrong thing.
thanks there dude
-
I am making a simple # and A-Z (a-z) php document to print out page links,
I am kinda too lazy tro type out <A href="?go=A">A</a> for EVERY letter of teh alphabet ,. numbers, and the latin-16 alphabet (╦╥L▀╘╙╒╓).
-
you can't. It is just how you are displaying the results. this is simply teh vertical space or the newline character WITHOUT the carriage return.
This happens when from php you output \n WITHOUT \r first (\r\n) Do STR_REPLACE('\n','\r\n',$RESULT);
-
I dont know if anyone has noticed yet but in PHP 4 you CANNOT use "$_COOKIE" you have to use "$_HTTP_COOKIE_VARS"
-
you cuold always have the links redirect as follows:
"ftp://user:pass@ftp.com/path/to/files/file name§♪/[◄♀ΩV65♦.pdf"
as long as things are in brackets, spaces won't be changed to _ or %20.
-
who doesnt... some people don't know how to do any different uploads besides HTTP, BTW we do mass site moves and have a very large buffer...
I guess I will have to use PERL to handle the upload.. *sigh* I really hate perl. ANyways, I set the limites back down to 1GB,512MB, and 500MB. Unfortunetely really.
I am also allowing 4GB max post size cause the multi-upload form allows 10 files and I know some people will upload uncompressed videos (800-1200 MB) per file...
-
Fatal error: Allowed memory size of 262144 bytes exhausted (tried to allocate 393216 bytes) in C:\wamp\www\phpmyadmin\libraries\common.inc.php on line 770
is now what I get in my PHPMYADMIN, does PHP not allow 4GB file uploads?!?!?!?
-
*BUMP* this is on my site and it has had over 300 complaints about hte search nto working the last 2 hours. If you could please help it would REALLY be aprceiated.
BTW I get these errors EVEN when I dont include log or html in it, I get it when I do the BARE guts of this.
THE FUNNIEST PART is that my file upload section STILL WORKS, and it has a password and description text field, as well as 5 file input fields, and they upload with no errors.
-
1. I AM NOT SENDING ANY HEADERS IN MY SCRIPT!!!
2. This only happens in my search script SINCE I changed the max post length in php.ini
3. I have more than 4GB of ram, and my virtual memory page file is 3x4GB page files.
ERROR:
Warning: Unknown: POST Content-Length of XX bytes exceeds the limit of -1048576 bytes in Unknown on line 0 Warning: Cannot modify header information - headers already sent in Unknown on line 0
sometimes it says "exceeds the limit of 0 bytes" in the output...
where XX is a number of bytes from 3-30 depending on the user's search...
PHP.INI CHANGED VALUES:
;;;;;;;;;;;;;;;;;;; ; Resource Limits ; ;;;;;;;;;;;;;;;;;;; max_execution_time = 480 ; Maximum execution time of each script, in seconds max_input_time = 960 ; Maximum amount of time each script may spend parsing request data memory_limit = 4096M ; Maximum amount of memory a script may consume (16MB) ;;;;;;;;;;;;;;;;; ; Data Handling ; ;;;;;;;;;;;;;;;;; ; ; Maximum size of POST data that PHP will accept. post_max_size = 4095M ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; ; ; Maximum allowed size for uploaded files. upload_max_filesize = 4090M
FULL PHP CODE:
<?PHP //search.php: include('./HTML/html.php'); include('../log.php'); $SELF = $_SERVER['PHP_SELF']; $HOST = $_SERVER['HTTP_HOST']; $RADD = $_SERVER['REMOTE_ADDR']; $RHST = $_SERVER['REMOTE_HOST']; $RPRT = $_SERVER['REMOTE_PORT']; $REFR = $_SERVER['HTTP_REFERER']; $REQU = $_SERVER['REQUEST_TIME']; $QURY = $_SERVER['QUERY_STRING']; $CONN = $_SERVER['HTTP_CONNECTION']; $USAG = $_SERVER['HTTP_USER_AGENT']; __log($SELF,$HOST,$RADD,$RHST,$RPRT,$REFR,$REQU,$QURY,$CONN,$USAG); if (!empty($_POST['search'])) { $mysearch =$_POST['search']; $mysearch = trim($mysearch); if (!$mysearch || $mysearch=='') html('Search, No Results!','No Results Were Returned!'); if (strlen($mysearch)<2) html('Search, Small Terms','The terms you used to search are too small. Three characters minimum.'); if (!strpos($mysearch,'%')===false) html('Search, Bad Results','Your search terms had one or more % (percent) characters in it. This is not allowed.'); /* MYSQL CONNECTION */ mysql_connect(localhost,'root',''); $sql = "SELECT * FROM `filepirate`.`files` "; $sql.= "WHERE `Name` LIKE '%$mysearch%' "; $sql.= "OR `Description` LIKE '%$mysearch%'"; $result = mysql_query($sql); if (!$result) html('Search, No Results!','No Results Were Returned!'); $num_books = mysql_num_rows($result); if ($num_books ==0) html('Search, No Results!','No Results Were Returned!'); $RET = '<h2>Search<br/><font size="3">Returned '.$num_books.' Results</font></h2> <TABLE width="75%"> <TR><TH>File Name</TH><TH>Description</TH><TH>Downloads</TH></TR> '; while(list($ID,$Name,$P,$Description,$T,$Downloads)= mysql_fetch_row($result)) { $RET.= " <TR><TD><a href='./FORM/Files.php?download&id=$ID'>$Name</a></TD><TD>$Description</TD><TD>$Downloads</TD></TR> "; } $RET.= '</TABLE>'; } else { $RET = '<h2>Search</h2><form action="search.php" method="POST">Search Term(s): <input type="text" name="search" /></form>'; html('Search!',$RET); } html('Search Returned '.$num_books.' Results.',$RET); ?>HTML.PHP CODE:
<?PHP //html/html.php <?PHP function css() { echo 'A HUGE AMOUNT OF CSS WITH ALL THE \' ESCAPED.'; exit(); } function html($TITLE,$RET,$BASE=false,$SHIT=false,$ECT="") { $a=@file_get_contents('../pl.cnt'); $a++; file_put_contents('../pl.cnt',$a); $last=@file_get_contents('lastview'); $a = time() + microtime() / 10; file_put_contents('lastview',$a); $last = time() + microtime() - $last + microtime() / 10; $RET = str_replace('{{last}}',round($last,5),$RET); echo 'A HUGE AMOUNT OF HTML WITH ALL THE \' ESCAPED'; if ($BASE) { echo 'A HUGE AMOUNT OF HTML WITH ALL THE \' ESCAPED'; } else { echo 'A HUGE AMOUNT OF HTML WITH ALL THE \' ESCAPED'; } if ($SHIT) { echo ''A HUGE AMOUNT OF JAVASCRIPT WITH ALL THE \' ESCAPED''; } echo 'A HUGE AMOUNT OF HTML WITH ALL THE \' ESCAPED'; if ($BASE) { echo 'A HUGE AMOUNT OF HTML WITH ALL THE \' ESCAPED'; } echo 'A HUGE AMOUNT OF HTML WITH ALL THE \' ESCAPED'; exit(); } ?>LOG.PHP:
<?PHP function __log($SELF,$HOST,$RADD,$RHST,$RPRT,$REFR,$REQU,$QURY,$CONN,$USAG) { /* MYSQL CONNECTION */ mysql_connect(*****); $SQL = "INSERT INTO `*`.`logs` ( `PHP_SELF`, `HTTP_HOST`, `REMOTE_ADDR`, `REMOTE_PORT`, `HTTP_REFERER`, `REQUEST_TIME`, `QUERY_STRING`, `HTTP_CONNECTION`, `HTTP_USER_AGENT` ) VALUES ( '$SELF', '$HOST', '$RADD', '$RPRT', '$REFR', NOW( ) , '$QURY', '$CONN', '$USAG' );"; mysql_query($SQL); mysql_close(*****); } ?>I was told that sizes had to be in order of (largest to smallest) : mem_size, post_size, file_size;
I was told that if it was not in this order it would not catch post errors.
-
if you would use a cathcer, use cookies as a fallback casue any self respecting person wouldnt waste time with hiden inputs
-
always remember BEDMAS
everything in life follow bedmass, devide is before addition, so it iwll do devide first unless you put it in brackets (B) woot, I guess it helps that im in grade 9
[SOLVED] login script not setting session
in PHP Coding Help
Posted
it was a really stupid error
in index php I was redirecting to login only if they were logged in
I had:
if (!empty
and I should have had
if (empty
I figured this out becasue the index worked when I restarted the browser.