helraizer

in the register page the captcha does not show up. So I can't register, also the three users I registered last time now "do not exist". Sam

Ok, more information about the problem. Explanation: I have a main page for my shoutbox, which contains a form for a user to input a username, message, font(select menu), colour(select), which posts to itself and adds the information they just posted to the database, the image then takes this information and makes an image from it. In the main page there is an dynamically created image. showimage.php <?php $user_id = mysql_real_escape_string(htmlspecialchars($_GET['uid'])); $sqls = "SELECT username FROM user WHERE user_id='$user_id'"; $results = mysql_query($sqls) or die("error in sqls: " . mysql_error()); $rows = mysql_fetch_array($results); $counts = mysql_num_rows($results); $font = "palab.ttf"; $user = $rows['username']; $_SESSION['user'] = $user; $im = ImageCreate(230, 35); $black_a = imagecolorallocate($im, 0, 0, 0); $white_a = imagecolortransparent($im, $black); $white = ImageColorAllocate($im, 255, 255, 255); ImageFill($im, 0, 0, $white_a); Imagettftext($im, 15, 0, 10, 30, $white, $font, $user . "'s Shoutbox"); $grin = imagecreatefromgif("icon_lol.gif"); $blark = ImageColorAllocate($grin, 0, 0, 0); //$image = ImageCreate(660,240); // create the image canvas $image = ImageCreateFromGIF("660x240background2.gif"); $blue = ImageColorAllocate($image, 200, 200, 255); // prepare some blueness $black = ImageColorAllocate($image, 0, 0, 0); // ... and whiteness $cur_line_y = 60; // This stores how far down the image the current line will print $cur_line_x = 24; // This stores how far across the image the current line will print $pagecharwidth = 75; // this is the maximum length of the line before it wraps; $lineheight = 18; // This is how much to move down to print the next line $pagelinelimit = 1; // This is the maximum number lines of text that can be displayed //ImageString($image, 3, 15, $cur_line_y, trim(stripslashes($wordwrapped[0])), $black); $numberOfLines = $pagelinelimit; $sql = "SELECT * FROM user INNER JOIN tblcomments ON tblcomments.user_id=user.user_id INNER JOIN tblattributes ON tblcomments.id = tblattributes.id INNER JOIN tblip ON tblattributes.id = tblip.id WHERE tblcomments.user_id='$user_id' AND tblattributes.user_id='$user_id' AND tblip.user_id='$user_id' ORDER BY tblcomments.`id` DESC LIMIT 0,10"; $result = mysql_query($sql) or die("error in sql: " . mysql_error()); for ($i = 0; $i < $numberOfLines; $i++) { while ($row = mysql_fetch_array($result)) { $name = "[" . htmlspecialchars_decode($row['username']) . "] "; $font = $row['font']; $color = $row['color']; $line = htmlspecialchars_decode($row['comment']); if ($name == "[] ") { $name = ""; $line = $name . $line; } else { $line = $name . $line; } if ($color == "white" || $color == "yellow" || $color == "green" || $color == "orange" || $color == "aqua") { Imagettftext($image, 10, 0, $cur_line_x, $cur_line_y, getColor($color), getfont ($font), trim($line)); } elseif ($color != "white" || $color != "yellow" || $color != "green" || $color != "orange" || $color != "aqua") { Imagettftext($image, 10, 0, $cur_line_x, $cur_line_y, $white, getfont($font), trim($line)); } elseif ($font == "fixedsys" || $font == "Courbd" || $font == "arial" || $font == "timesnr" || $font == "calibri" || $font == "comicsans" || $font == "palab") { Imagettftext($image, 10, 0, $cur_line_x, $cur_line_y, getColor($color), getfont ($font), trim($line)); } else { Imagettftext($image, 10, 0, $cur_line_x, $cur_line_y, $white, "courbd.ttf", trim ($line)); } $cur_line_y += $lineheight; } } function getColor($color) { global $image; switch ($color) { case "white": return ImageColorAllocate($image, 255, 255, 255); case "yellow": return ImageColorAllocate($image, 255, 255, 0); case "green": return ImageColorAllocate($image, 0, 255, 0); case "orange": return ImageColorAllocate($image, 255, 127, 36); case "aqua": return ImageColorAllocate($image, 0, 255, 255); default: return ImageColorAllocate($image, 255, 255, 0); } } function getfont($font) { global $image; global $font; switch ($font) { case "fixedsys": return "fixedsys.ttf"; case "Courbd": return "courbd.ttf"; case "arial": return "arialbd.ttf"; case "calibri": return "calibrib.ttf"; case "comicsans": return "comicsans.ttf"; case "palab": return "palab.ttf"; default: return "palab.ttf"; } } ImageCopyMerge($image, $im, 20, 0, 0, 0, 230, 50, 100); header("Content-Type: image/gif"); // tell the browser what we're gonna give it imagegif($image); // paint the image in browser imagegif($image, "user/" . $user . ".gif"); //export as gif file ImageDestroy($image); // clean up resources ?> This is the code for the image, on the main page if the posted comment contains =D, , or =d a session is started $_SESSION['smile']; For this in shoutbox.php: <?php // tag only for highlighting $smiles = array('=D', "=d", "", ""); foreach($smiles as $smile) { if (preg_match("/$smile/i", $text)) { $_SESSION['smile'] = $smile; } } ?> I attempted to use, in showimage.php <?php if (isset($_SESSION['smile'])) { $smile = $_SESSION['smile']; if (preg_match("/$smile/i", $line)) { list(, , , , , , ,$left, $top) = imagettfbbox(10, 0, getfont($font), $smile); imagecopymerge($image, $grin, $left, $top, 0, 0, 15, 15, 100); } } ?> but to no avail, it didn't work; I even changed $left and $top in the imagecopymerge to 350 and 100, respectively. This would have shown if the image was being rendered ontop of the main image, but for some reason it didn't show up at all.. any ideas? Also, will that imagettfbbox(10, 0, getfont($font), $smile) return the coordinates for the '=D' in relation to its place in the line of text? If not, how would I get that to work? Hope that makes more sense, Sam

Hi folks, I have a script that pulls user comments from a database, which works fine. It's an image based script so I'm trying to now add emoticons, for such as =D or =) To do this I plan to use list(,,,,,,$left,$top) for the imagettfbox of where =D or =) can be found in the text.. How would I get php to return the location of where the '=D' is in the text? Str_split wouldn't work well enough. How could I then, from getting the location of it, get it in a imagettfbbox to get the top left X and Y values for it in relation to the text? Hope that makes sense. Sam

From what I can see it's because you're using $fp = fopen("./stats.txt","w"); the "w" is what's causing it to reset, because as it says in the manual You want to use "a", which appends the file, so adds all the new data to the end of the existing instead of overwriting. $fp = fopen("./stats.txt","a"); Sam

I've posted about 4 comments, none of them have shown up. Why's that?

We can't view it because the link is on your IP address from when you posted it.. it will have changed by now. You should get something like DynDNS updater with client, which let's you choose a domain name similar to http://mysite.dnsalias.net/ it loads that site each time with the same name, no matter what your IP address. Sam

Anything? Any vunerabilities? Sam

It'd be very simple to write your own. Either flat file : php5 <?php $ip = $_SERVER['REMOTE_ADDR']; $filename = "hits.txt"; file_put_contents($filename, $ip, FILE_APPEND); $file = file("hits.txt"); $num = count($file); echo "This page has been viewed $num times"; ?> php4 $ip = $_SERVER['REMOTE_ADDR']; $filename = "hits.txt"; $fp = fopen($filename); fwrite($fp, $ip); fclose($fp); $file = file($filename); $num = count($file); echo "This page has been viewed $num times"; or with a database: assuming a table called hits with field IP(unique and primary key) $ip=$_SERVER['REMOTE_ADDR']; $sql = "REPLACE INTO `hits` (`IP`) VALUES ('$ip')"; $result = mysql_query($sql) or die("Error in sql: ".mysql_error()); $sql_a = "SELECT Count(ip) FROM `hits`"; $result_a = mysql_query($sql_a) or die("Error in sql_a: ".mysql_error()); $row = mysql_fetch_array($result_a); $num = $row['Count(ip)']; echo "this page has been viewed $num times"; Untested but should work. Only took maybe 3 minutes to write on the fly so just mess around with those. Unless you want an image based one.. Hope that helps Sam

Full path disclosure http://www.imperialized.net/shoutbox/shoutbox.php?page=1.275

Hi folks, I've implimented a number of new things for my shoutbox called JustShout! There is now a version called 'JustShout!Mini' that people can use on a standard myspace page with image and form. It does not require registration to post a comment but to get your own shoutbox you can register. Could you guys please beta test it for me? http://www.helraizer.co.uk/mychatbox/ and http://www.helraizer.co.uk/mychatbox/mini/ Thanks, Sam

Sorry for the double post. Fixed it now! Instead of using header() I sacrificed some speed and used a meta refresh to the redirect variable. So now it goes to my page, loads it - image and all, then goes back to their page, with the image all updated. Sam

If I've understood what you meant, you could use it like $myvar = "variables"; $var = <<<MYVARIABLE This is my variable containing 'single' quotes and "double" quotes. It also parses other $myvar I can have any characters in this variable, then to end it like this! MYVARIABLE; echo $var; It can be used like that. Sam

It's known as HEREDOC and it is generally used for long strings with both single and double quotes and variables. It means you don't need to escape anything so no \' \" or anything. I use it for long amounts of text with particular formats, like emails etc... Hope that helps? Sam

Back to the Beta Testing side of things, there is a big security flaw (XSS). You haven't protected any of your variabless so people can use executable scripts in the message field. Which could be potentially dangerous. Sam

Hi folks, I apologise for the thread title, couldn't think of a more suitable one. At the moment I have made a mini shoutbox that can be used on myspace, or similar. The image is then shown on the user's myspace and the form to post a comment can also be included too. As a hidden field they will put their myspace URL, which means that as soon as they post it goes to mysite but instantaneously redirects them to their myspace page. At the moment it does post the comment to the shoutbox... The problem I have is that on the site it posts to, normally holds/hosts the image (myspace_image.php) that pull the information from the database and adds it the shoutbox image (the image that is on their myspace). So since it doesn't load this picture before it is redirected when they post from myspace, their comment doesn't appear on the image until someone views/loads the myspace_image.php file even on the shoutbox page on my site.. Does anyone know how I can get around this? It somehow needs to load the image before it/as it redirects to their myspace, so that the comment appears on it. I tried <?php $browser = new COM("InternetExplorer.Application"); $handle = $browser->HWND; $browser->Visible = false; $browser->Navigate("http://www.helraizer.co.uk/mychatbox/mypsace_image.php5?uid=".$user_id); while ($browser->Busy) { com_message_pump(4000); } $browser->Quit(); ?> which should open up the page in a different browser/window, but that only works on a Windows server, mine is UNIX... so that doesn't work. Thanks for any suggestions, Sam

<?php $get_articles = "select id, alias, article from dirt_digger"; $get_articles_res = mysql_query($get_articles,$conn) or die(mysql_error()); while ($article_info = mysql_fetch_array($get_articles_res)) { $alias = $article_info[alias]; $title = $article_info[title]; $article = $article_info[article]; $display_block .= "<h1 class="title">$title</h1><br /> $article <br /><br />Author:<br /><strong>$alias</strong><br /><br />"; //line 13 } ?> the reason is here "<h1 class="title">$title</h1>... You should either escape the quotes \" or use ' because your php variable is within "" - $display_block = "..." so when you came to the class you used "" again, which escaped the php variable.. change it to <?php $display_block .= "<h1 class='title'>".$title."</h1><br />". $article . "<br /><br />Author:<br /><strong>".$alias."</strong><br /><br />"; ?> Sam

Hmm.. come to think of it, neither do I. I've taken that out now anyway. I think it's just force of habbit for protecting variables really.

When all your code is on one line it's hard to find line 13 but it's because you have this <?php $update_db = "insert into dirt_digger values ('', '$_POST[alias]', '$_POST[title]', '$_POST[article]') or die(mysql_error()); mysql_query($update_db,$conn) or die(mysql_error()); $msg = "Thanks for your dirt, <strong>$_POST[alias]</strong>. Your support and help wiht exposing Hempfield is appreciated!"; ?> should be <?php $update_db = "insert into dirt_digger values ('', '$_POST[alias]', '$_POST[title]', '$_POST[article]')" or die(mysql_error()); // added second/end quote marks. mysql_query($update_db,$conn) or die(mysql_error()); $msg = "Thanks for your dirt, <strong>$_POST[alias]</strong>. Your support and help wiht exposing Hempfield is appreciated!"; ?>

That's an interesting idea and I'll keep it in mind but the user would have to decide then and there where they want to host the shoutbox on their site and post the URL for me to save it in an array. This limits things because then if they change the location they would have to repost the location and thus update the array each time. Sam Any other ideas?

Hi folks, I am setting up a form for users to post shouts for their shoutbox from their site (external from mine), so on their form there is a hidden field named "redirect". On my page I have this code. if(isset($_POST['redirect'])) { $redirect = htmlspecialchars($_POST['redirect']); header("Location:".$redirect); exit; } else {} but this leaves it open to XSS and Header Injection.. How can I protect against this effectively? Thanks, Sam

Hi folks, I am making a spreadsheet for a foreign exchange bureau, on the loading of the page it asks the operator to add the day's exchange rates. I have the following code in Excel VBA Private Sub Worksheet_Open() Worksheets("Rates").Activate 'GBP to Euro Dim varInput As String varInput = InputBox("Please enter today's rates from GBP to EUR", "Exchange Rates", "e.g. 0.765") Range("C11").Select If(varInput = "") Then Selection.Value = Range("C11").Value Elseif(varInput = "e.g. 0.765") Then MsgBox "Please enter a proper value.", vbOkOnly, "System Message" Else Selection.Value = varInput 'GBP to American Dollars Dim varInput As String varInputa = InputBox("Please enter today's rates from GBP to USD", "Exchange Rates", "e.g. 0.765") Range("C12").Select If(varInputa = "") Then Selection.Value = Range("C12").Value Elseif(varInputa = "e.g. 0.765") Then MsgBox "Please enter a proper value.", vbOkOnly, "System Message" Else Selection.Value = varInputa 'GBP to Japanese Yen Dim varInputb As String varInputb = InputBox("Please enter today's rates from GBP to YEN", "Exchange Rates", "e.g. 0.765") Range("C13").Select If(varInputb = "") Then Selection.Value = Range("C13").Value Elseif(varInputb = "e.g. 0.765") Then MsgBox "Please enter a proper value.", vbOkOnly, "System Message" Else Selection.Value = varInputb 'GBP to Canadian Dollars Dim varInputc As String varInputc = InputBox("Please enter today's rates from GBP to CAD", "Exchange Rates", "e.g. 0.765") Range("C14").Select If(varInputc = "") Then Selection.Value = Range("C14").Value Elseif(varInputc = "e.g. 0.765") Then MsgBox "Please enter a proper value.", vbOkOnly, "System Message" Else Selection.Value = varInputc 'GBP to Australian Dollars Dim varInputd As String varInputd = InputBox("Please enter today's rates from GBP to AUD", "Exchange Rates", "e.g. 0.765") Range("C15").Select If(varInputd = "") Then Selection.Value = Range("C15").Value Elseif(varInputd = "e.g. 0.765") Then MsgBox "Please enter a proper value.", vbOkOnly, "System Message" Else Selection.Value = varInputd End Sub That works perfectly, but at the moment if the value is the default value of the InputBox ("e.g. 0.765") it just throws up the error message and then moves on to the next part. How would I make it so that, without having to repeat the first bit of code (inputbox code) each time, if the elseif statement is executed it gives the error message (msgbox) and then prompts them again to enter a value for the same rate? Hope that makes sense, Sam

*bumpage* Anyone got any ideas? Sam

Hi folks, I have a perfectly functioning login and logout script but it has one flaw... It is all done by sessions.. I have this code login.php <?php if (isset($_POST['submit'])) { if ($_POST['user'] == "" || $_POST['pass'] == "") { $errors[] .= _INCORRECT; } else { } $username = mysql_real_escape_string(htmlspecialchars($_POST['user'])); $password = mysql_real_escape_string(md5(sha1($_POST['pass']))); $_SESSION['user'] = $username; $_SESSION['pass'] = $password; $date = date("Y-m-d G:i:s"); $sql = "SELECT * FROM `web86-chatbox-1`.`user` WHERE `user`.`username`='$username' AND `user`.`password`='$password'"; $result = mysql_query($sql); $row = mysql_fetch_array($result); $count = mysql_num_rows($result); if ($count == 1) { if($row['active'] == 0) { echo ('<div class="ddgb_entrybox"> <table width="100%" border="0" cellspacing="8" cellpadding="0"> <tr> <td width="42%" align="right" valign="top"></td> <td align="center" valign="top"> <h2> ' . _ERROR . '</h2><ul> <li> ' . _INACTIVE . '</li> </ul> <br><br><br> </td> </tr> </table> </div>'); } else { $sqli = "UPDATE user SET user.logged_in = 1 WHERE username='$username' AND password='$password'"; $resulti = mysql_query($sqli); $sqlx = "UPDATE user SET last_login = '$date' WHERE username='$username' AND password='$password'"; $resultx = mysql_query($sqlx); unset($_SESSION['logged']); $_SESSION['login'] = 1; session_register("user"); session_register("pass"); $_SESSION['user'] = $username; $_SESSION['pass'] = $password; header("Location: index.php5"); exit(); } } else { echo ('<div class="ddgb_entrybox"> <table width="100%" border="0" cellspacing="8" cellpadding="0"> <tr> <td width="42%" align="right" valign="top"></td> <td align="center" valign="top"> <h2> ' . _ERROR . '</h2><ul> <li> ' . _LOGIN . '</li> </ul> <br><br><br> </td> </tr> </table> </div>'); } if (isset($_POST['submit']) && $errors[0] != null) { echo ' <div class="ddgb_entrybox"> <table width="100%" border="0" cellspacing="8" cellpadding="0"> <tr> <td width="42%" align="right" valign="top"></td> <td align="center" valign="top">'; echo "<h2>" . _ERROR . "</h2><ul>"; foreach ($errors as $f) { echo "<li>" . $f . "</li>"; } echo "</ul>"; echo '<br><br><br> </td> </tr> </table> </div>'; } } ?> and with logout.php <?php if(isset($_SESSION['login'])) { $username = $_SESSION['user']; $password = $_SESSION['pass']; $_SESSION['logged'] = 1; $sqli = "UPDATE user SET user.logged_in = 0 WHERE username='$username' AND password='$password'"; $resulti = mysql_query($sqli) or die("Error with sql: ".mysql_error()); unset($_SESSION['login']); echo ('<div class="ddgb_entrybox"> <table width="100%" border="0" cellspacing="8" cellpadding="0"> <tr> <td width="42%" align="right" valign="top"></td> <td align="center" valign="top"> <h2> '. _SUCCESS . '</h2><ul> <li> '. _LOGGED_OUT . '</li> </ul> <br><br><br> </td> </tr> </table> </div>'); } else { die('<div class="ddgb_entrybox"> <table width="100%" border="0" cellspacing="8" cellpadding="0"> <tr> <td width="42%" align="right" valign="top"></td> <td align="center" valign="top"> <h2> '. _ERROR . '</h2><ul> <li> '. _LOGGED_IN . '</li> </ul> <br><br><br> </td> </tr> </table> </div>'); } ?> At the bottom of each page I have <?php $user = $_SESSION['user']; $pass = $_SESSION['pass']; $sql_f = "SELECT COUNT(logged_in) FROM user WHERE logged_in='1'"; $result_f = mysql_query($sql_f) or die("Error in part sql_f: ".mysql_error()); $row = mysql_fetch_array($result_f); $online = $row['COUNT(logged_in)']; $sql_g = "SELECT COUNT(user_id) FROM user"; $result_g = mysql_query($sql_g) or die("Error in part sql_g: ".mysql_error()); $rows = mysql_fetch_array($result_g); $total = $rows['COUNT(user_id)']; if ($online == 1 ) { echo "<div align='left'><center>There is currently ". $online . " user online.</center></div>"; } else { echo "<div align='left'><center>There are currently ". $online . " users online.</center></div>"; } if ($total == 1 ) { echo "<div align='left'><center>There is currently ". $total . " user registered.</center></div>"; } else { echo "<div align='left'><center>There are currently ". $total . " users registered.</center></div>"; } ?> The problem is that when the user logs in, the value 'logged_in' on the database is set to 1, so the bottom of the page says "there is currently 1 user online", which is fine. But only when they go to 'logout.php' does it change 'logged_in' back to 0, so if the user closes the window before going to logout.php the database is still set to 1, but they have been logged out.. so the bottom still says "there is currently 1 user online", even though no one is logged in. How would I make it that if $_SESSION['login'] is unset on any page, then 'logged_in' is set back to 0? I can imagine it's if(!isset($_SESSION['login']) { $sql = "UPDATE user SET user.logged_in = 0"; $result = mysql_query($sql) or die("Error in SQL part 1: ".mysql_error()); } but how would I form the WHERE claus? I can't use $_SESSION['user'] and $_SESSION['pass'] because they won't be set... Any ideas? Thanks, Sam

Make the IP address the primary key, or at least if not primary key, make it unique. That way it can only be in the database once, therefore it fits your problem. Sam

Why on Earth have you used all your php in < > tags? <if=.. </endif>.. i've never seen that syntax before... that could just be me but still.. To add the keywords in php use <?php $sql = "INSERT INTO (`file_id`,`filename`,`gallery_id`,`album_id`,`file_title`,`keyword`,`categories`) VALUES (NULL,'$filename','$gallery_id','$album_id','$file_title','$keyword','$category')"; //NULL assuming the id is auto_increment $result = mysql_query($sql) or die("Error in sql: ".mysql_error()); ?> Sam