thryb

That would be a good place to start. http://www.phpfreaks.com/tutorials/68/0.php

Ok so that doesnt mean my code is buggy or anything ? Its more like server/link/connexion issue ?

Hi guys, Anyone ever get this error from a mysql_connect? Warning: mysql_connect() [function.mysql-connect]: Lost connection to MySQL server at 'reading authorization packet', system error: 0 in /var/*www/web2/web/comment_post.php on line 163 I tried to look at the error on internet but there is not much discussion about it, nothing on the forum either. If anyone have any hint on this one please let me know. This problem doesnt happen all the time, we got an email today from a customer getting that.

Allright, Ill give a try! Never seen it before, Ill look for it. Thanks much!

thats what I was thinking, just wanted to be sure there was no other fast way right in mysql or pma. Thanks Neo

Or that but why would you want to use 2 DB ?

You dont really want to use multiple DB for that, juste use 2 different Table Tbl_Male Tbl_Female store in there.

2 database limit mean you can create 2 database for you site, If they didnt put any size restriction on the DB then you actually can use as much table as you want, wich mean you can use prefix to separate your table from a website a & b. IE: [MyTable] a_ExampleID a_ExampleName ... b_ExampleID b_ExampleName ... Thats not the best, but it work well and keep you out of confusion. Was that you question ?

Good day, Is there an easy way to insert a list of country (from a txt file) in a mysql database? Or does it have to be done one by one (I doubt it ). Thanks in advance!

Thats very smart, if whoever that tested it get reported... never thought about that ?!

I dont think this is an appropriate place to talk about how to hack with XSS there is a lot of doc on xss hacking on the net, just google it.

Oh didnt know that, and in that case, the xss is made from right after index.php like this one, there is no $_GET really right ? How can you fix it? Sorry I dont wanna bum someone else post but since we're on it

what do you mean by fixed with a single word ? htmlentities Dont you need to parse and replace the chars and stuff ?

ouhahaha Thanks Ob that was H.I.L.A.R.I.O.U.S lolol Seriously, awesome.

Ok I found out ... thanks both of you for your help! Didnt think about the .htaccess, there was one of my $_GET that wasnt htmlspecialchars and I forgot it was directed by my htaccess Thanks again for your help

Yes that I understand, but in that case http://www.domain.com/file/"><marquee><h1>vulnerable there is no variable posted? or is it simply $_GET['']?

Hi guys, Lets say there is a xss vuln in my script at http://www.domain.com/file/"><marquee><h1>vulnerable How can I fix it ? I have no trouble with fixing the one that affect a variable ie file.php?var=xxx But how do I fix the one right at the end of a file like the one up here? I dont get the /">. Thanks in advance!

kk tx Agent, gonna fix this

how do you fix the path disclosure please?

Can anyone test www.writebush.com we put it online but im not sure if its secure. See if there is any bugs/sql injection etc. Thanks

Sorry I found it, just had to use boolean but add my own operator ... duh. $sql = "SELECT * FROM Comment WHERE MATCH(CommSubject, CommText, PartCountry, PartCity) AGAINST ('*".$searchstring."*' IN BOOLEAN MODE) ORDER BY CommDT DESC";

Hey guys, Im having a litle problem with a query, I was reading about searching in multiple field with non exact match and the query should look like this in FULLTEXT $sql = "SELECT * FROM Comment WHERE MATCH(CommSubject, CommText, PartCountry, PartCity) AGAINST ('".$searchstring."') ORDER BY CommDT DESC"; The thing is I dont want the user to use boolean expression is the look for lets say Sold insteed of Soldier but if I try it with only sold, I get no query result. Does anyone have an idea what is wrong with it ? Thanks in advance.

google it http://www.google.ca/search?hl=en&q=php+login+page+tutorial&meta=

oki I use eral escape all the time to be safe, will look at strip_tags thanks for your answers!

naw, its not that I need to secure it right now, still in alpha phase. But Id like to know if there is something we can find as a first mesure before betaing it