trink
-
Posts
35 -
Joined
-
Last visited
Never
Posts posted by trink
-
-
Assuming SHA1 is secure on its own is very very bad practice, let alone an all-around horrible idea, and that goes with any hash function.
First off, SHA1 has already been broken, collisions can be made, there are also rainbow tables out there. Not only this, but I would always suggest making the string to be hashed larger than the resulting digest. Since you know the size of the resulting digest (SHA1 is 140-bit) I'd suggest creating some sort of salt in there, some key to strengthen the resulting digest.
$key = 'jfioepafipo4jeigphaue4gfASE$*(GTA)($GFAUEW$I)GFAHEPGdrjsiv;arshvuialnuiafhuaiewpguzdjlgvd;'; //random 632-bit string because I'm paranoid $hash = sha1($key.$input);
To compare just use the same key.
-
Passwords are only encrypted via SHA1, or is there something else in there to strengthen the digests?
-
I definitely just noticed my error there, it would be file_put_contents, my bad.
Ok try this
<?php $newfile = 'result.txt'; $files = glob('C:\path\to\files\*.txt'); foreach($files as $file) file_put_contents($newfile, file_get_contents($file) . "\n", FILE_APPEND); ?>EDIT:
Just noticed that AbraCadaver posted essentially the same code, and his would be better than mine, seeing as how his incurs only one filewrite, and mine incurs multiple. The more you know.
-
$strSQL = "SELECT * FROM EmployeeInfo, Absence ORDER BY Name WHERE Name='NameSelect'";
should be
$strSQL = "SELECT * FROM EmployeeInfo, Absence ORDER BY Name WHERE Name='{$_POST['NameSelect']}'";And your last query still has nothing that will tell it which account to access, it's just telling it this:
Select the absence date from the tables where the account is equal in both tables, so it'll select essentially everything that has matching rows in each table.
Try something like this
$result = mysql_query("SELECT AbsDate FROM EmployeeInfo, Absence WHERE Absence.Account = EmployeeInfo.Account AND Absence.Account = (SELECT Account FROM EmployeeInfo WHERE Name = '{$_POST['NameSelect']}')"; -
Look up the glob() function, that might be what you're looking for.
-
Yes LOL!!!!!!
boy, here i was thinking I could get one over your heads! GOD WHAT WAS I THINKING ZOMG LOL!
I had
if($id = 4;) { do something }lol god im silly
I detect an error in your syntax.
-
<?php $x = array( file_get_contents('file1'), file_get_contents('file2'), file_get_contents('file3') ); file_write_contents('final_file', implode("\n", $x)); ?>That should do the trick.
-
That select would have to have a name, IE
<select name="blah">
Then on the page that it posts to, just use $_POST['blah'] to get the value of the selected option.
-
I'm working with PHP on a Windows 2k3 server, and I have a script that is called via AJAX that has to run a shell_exec() command. I've given Read and Execute permissions for the IUSR_ and IWAM_ accounts on cmd.exe, but nothing has come of it.
The problem is that when I call shell_exec(), exec(), system(), or any command that performs an execution of a program, it hangs. If I deny permissions to IUSR_ and IWAM_ then it returns an empty string and exits. I've tried it on exec() as well and the script will finish up as expected, but will not execute the command that I'd like it to execute. We are currently using PHP 5.2.4.
Would an upgrade to 5.2.9 fix this? Could this be a problem with coding? Could it be a problem with Windows? Or is this a much larger monster than I first thought?
Any help would be greatly appreciated.
-
Change the content-type in the header to a fake one that would normally prompt the user.
-
I originally said natsort() without thinking, it would be ksort(), my bad.
-
I'm trying to create a friends list type deal, and I'd like to know if there is any possible way of checking whether a user is online or not. Each user has an active session which contains their privileges and whatnot.
Is there any way that when the user closes the window and the session eventually ends that it could perform a mysql query?
-
I got all that, and so I thought the problem was something a bit different, but it turns out it was the host's problem with the ftp. Thanks
-
Sounds good. How would I do that?
Thanks
-
If you Post them to the next page i'm sure its possible or if the page is blank you could include the page
How would I post them to the next page?
$_CONFIG is an array, and I'd like to post it so that I can get it on the next page with $_POST
How would I go about doing that?
I don't want to use hidden inputs, and I don't want to do it via the URL.
Any tips?
Thanks
-
It redirected the page, but it didn't keep all the variables. Is there any way to keep all the variables stored when it redirects?
-
I've been searching all over for this and for some reason, I can't find anything viable.
I found http_redirect on http://us3.php.net/manual/en/function.http-redirect.php, and I used it on my page, and it returned this. Fatal error: Call to undefined function: http_redirect().
What would I do to redirect the user to a page AND keep the variables that were set?
-
Alright, that worked, thanks a lot!
-
$_CONFIG=array(); global $_CONFIG; $loadconfig=@file('config.php'); foreach($loadconfig as $config){ $configkey=substr(trim($config),0,strpos($config,'=')); $configval=substr(trim($config),(strpos($config,'=')+1)); $_CONFIG[$configkey]=$configval; } function getconfig($getkey){ return $_CONFIG[$getkey]; } function changeconfig($changekey,$changevalue){ foreach($_CONFIG as $configchangekey=>$configchangevalue){ if ($configchangekey == $changekey){ $changeconfig.=$configchangekey.'='.$changevalue.chr(10); }else{ $changeconfig.=$configchangekey.'='.$configchangevalue.chr(10); } } fwrite($changewriteconfig=fopen('config.php','w'),trim($changeconfig)) && fclose($changewriteconfig); } if(!$_CONFIG['online']){ die("Not online."); } -
Yes, it loads correctly, because when I check the array with print $_CONFIG['online'] it returns 1. The problem lies somewhere else, is maybe "global $_CONFIG;" setting it as a non-array variable?
-
Alright, new problem.
I've done all that and whatnot, and changed the name to $_CONFIG.
So it looks like this.
$_CONFIG=array(); global $_CONFIG; $loadconfig=@file('config.php'); foreach($loadconfig as $config){ $configkey=substr(trim($config),0,strpos($config,'=')); $configval=substr(trim($config),(strpos($config,'=')+1)); $_CONFIG[$configkey]=$configval; }When I run it though a foreach or a while list each loop, it says its not an array...
When I get data from it, such as $_CONFIG['online'], or when I print_r it, it rerturns data like an array.
The foreach loop is as such:
foreach($_CONFIG as $configchangekey=>$configchangevalue){ //stuff goes here }Any tips on this problem?
Thanks
-
global $currentconfig; worked. Thanks!
-
I've got a problem with an array, and I'm not sure exactly why my script isn't working.
I'm pretty new with arrays, so that could be the reason right there.
My script look like this
function getconfig($getkey){ return $currentconfig[$getkey]; }In the array, the online key is set to 1.
I am trying to get the 'online' key, so I use getconfig('online'); but it doesn't return anything.
If I use print $currentconfig['online']; it prints "1".
Any tips?
Thanks a lot.
-
It ran into a loop of death.
Basically I've got this:
function strxpos($xtext,$xchar,$xpos){ $nrchars=substr_count($xtext,$xchar); $pshchar=strpos($xtext,$xchar); $owut=0; for($numon=1;$numon <= $xpos;$numon++){ $result=strpos($xtext,$xchar,$owut); $owut=(strpos($xtext,$xchar,$owut) + 1); } return $result; } function gettokenbynum($gtok1,$gtok2,$gtok3){ if($gtok2 != counttokens(trim($gtok1,$gtok3),$gtok3)){ if($gtok2 == 1){ return substr(trim($gtok1,$gtok3),0,strpos(trim($gtok1,$gtok3),$gtok3)); }else{ return substr(trim($gtok1,$gtok3),(strxpos(trim($gtok1,$gtok3),$gtok3,($gtok2 - 1)) + 1),strpos(substr(trim($gtok1,$gtok3),(strxpos(trim($gtok1,$gtok3),$gtok3,($gtok2 - 1)) + 1)),$gtok3)); } }else{ return substr(trim($gtok1,$gtok3),(strrpos(trim($gtok1,$gtok3),$gtok3) + 1)); } }And this is the script that calls those functions. (those functions are located in atok.class.php.
include 'atok.class.php'; $banhandle=@fopen("bans.txt", "r"); $ipban=@fread($banhandle, @filesize("bans.txt")); @fclose($banhandle); $num=1; while(gettokenbynum(gettokenbynum($ipban,$num,';'),1,'|')){ $xipban=gettokenbynum(gettokenbynum($ipban,$num,';'),1,'|'); $reason=gettokenbynum(gettokenbynum($ipban,$num,';'),2,'|'); $bannum=$num; if(eregi($xipban,$_SERVER['REMOTE_ADDR'])){ die("You have been banned from jukebot by an admin for the reason: ".$reason."<br>Go to IRC on the server irc.deltaanime.net in the channel #punk to appeal for an unban.<br>If you do not have an IRC client installed you can use <a href=\"http://chat.deltaanime.net\" class=\"link\">DAIRC Webchat</a>. (Channel: #punk)<br>WHEN YOU APPEAL FOR AN UNBAN REMEMBER THIS NUMBER (YOUR BAN NUMBER): ".$bannum); } $num++; }And I've run out of ideas, which is actually fairly easy for me to do.
Any help again would be greatly appreciated, and although it didn't work, I do appreciate the feedback btherl.
Dynamic Drop Down Box
in Javascript Help
Posted
Well to do it on the page itself, you're looking more at JavaScript/JQuery. If you want to do it after the submit, I'd suggest something like this:
if($_POST['box1'] === $_POST['box2'] || $_POST['box1'] === $_POST['box3'] || $_POST['box2'] === $_POST['box3']){ die('You cannot make the same selection twice'); }