helraizer
-
Posts
401 -
Joined
-
Last visited
Posts posted by helraizer
-
-
With the $_GET for page. use
$page = htmlspecialchars($_GET['page']); //use your variables there.
Which will change < and > to < and > which means that the XSS will not work.
also do
if(is_numeric($post) { //code to display page of that number, either 1 or 2 in your case } else { //code here to give error message to user - if page is not numeric. This will be if it is text or if it is an array. }Hope that helps,
Sam
-
Array
http://www.bjjnews.org/TUF/index.php?page[]
Fatal error: Unsupported operand types in /home/bjjnews/public_html/TUF/pagetest.php on line 96XSS
-
If you have your email openly on your site, unprotected (with @ and . rather than [at] and [dot] or similar) then it could well be a spam bot, else it could well be some one just testing it.
Sam
-
Thanks for the suggestions and finding the issues. Registration is only allowed for Graduate students. We do manual verification and then activate account. Thats why it takes 24 hours for activation.
Regarding GET protection.. Can you please give me an idea how to do it? I'm just a business student.. Don't have much in depth knowledge in PHP...
Can i use PHP strip_tags() function to do that?
Any more issues please let me know. Thank you!
If you have say $user = $_GET['user']; then instead use $user = htmlspecialchcars($_GET['user']); - That'll change < or > into < or > thus rendering xss obsolete.
Sam
-
http://clients.futuresolutions.com/fsi/usr/login
Notice: Undefined offset: 1 in /services/www/clients.futuresolutions.com/fsi/Modules/user/user.php on line 25
Notice: Undefined offset: 1 in /services/www/clients.futuresolutions.com/fsi/Modules/user/user.php on line 35
http://clients.futuresolutions.com/fsi/content/page/services%22%3E
Warning: Smarty error: unable to read resource: "/services/www/clients.futuresolutions.com/fsi/Modules/page/template/services">.tpl" in /services/www/clients.futuresolutions.com/fsi/Includes/Smarty/Smarty.class.php on line 1095http://clients.futuresolutions.com/fsi/content/user/login
Notice: Undefined index: password2 in /services/www/clients.futuresolutions.com/fsi/Modules/user/user.php on line 50
-
An annoyance, more than a problem, is that during registration you ask for the user's country twice, and yet still ask for zip code. England for one doesn't use Zip codes. so how can they possibly be verified?
I've registered now, it may take up to 24 to activate my account, if they'll activate it, that is.
Sam
-
XSS -
http://iupgbsa.info/profile.php?user=%22%3E%3Cmarquee%3E%3Ch1%3Evunerable%3C/h1%3E%3C/marquee%3E
- need to protect GET variables.
http://iupgbsa.info/profile.php?user=15
Just to name a few
-
this code:
<?php $img = imagecreate(150,35); $black = imagecolorallocate($img, 0,0,0); imageFill($img, 0, 0, $black); $im = imagecreatefrompng("14t0kxy.png"); $white = imagecolorallocate($im, 255,255,255); $trans_white = imagecolortransparent($im, $white); imagecopymerge($img, $im, 0,0,0,0,150,35,100); header("Content-type: image/png"); imagepng($img); imagepng($img, "image.png"); imagedestroy($img); imagedestroy($img); ?>produces this:
Slight oddity with the pink text but you get the idea.
Sam
-
If you want the white colour transparent you'd do this:
$im = imagecreatefrompng("images/" . $goals[$goal]); // create image $white = imagecolorallocate($im, 255,255,255); //define a colour $trans_white = imagecolortransparent($im, $white); // define the colour as transparent.then to your last question:
look up imagecopymerge, that allows you to insert one image ontop of another, at varying levels of transparency (0 being invisible, 50 being faded in, 100 being the exact image on the main image.
Hope that helps.
Sam
-
The normal look:
The broken look:
-
how would i find the difference with just the age variable? ???
Say you had a database with all users in it, you'd have username, name, surname, title etc.. you'd also have an age column. Then pull from the database the age from the person doing the adding (user1) and that of the person being added (user2).
So something like
if($user1_age>18 && $user2_age<18) { echo "You can't add a user under 18 for legal reasons!"; }Something like that.
Although, you might want to refine your ages.. at the moment a 19 year old can't add a 17 year old. That's not anything dodgy at all.
and it limits people.this
if($user1_age>25 && $user2_age<16) { echo "You can't add a user under 16 for legal reasons!"; }would probably be better.
Sam
-
Hi folks,
I have a file for my chatbox called data.line, which the posts are in the layout
CHATBOXTEXT 7 username=helraizer 1202416953 ip=86.140.73.183 color=yellow font=palab message=bit of a bug, I admit ### username=Helraizer 1202420235 ip=86.140.73.183 color=yellow font=palab message=Teeeeeeesting ### username=Fjar 1202420306 ip=81.77.39.76 color=yellow font=palab message=I love you, my Sam ### username=helraizer 1202420637 ip=81.77.39.76 color=aqua font=palab message=I love you too, my Fjar!! <3 ###
This is fine, when you post a comment it posts your data like this from a form using this code
index.php (only relavent code shown)
<?php $text = htmlspecialchars(stripcslashes($_POST['input'] . "\n")); $username = htmlspecialchars(stripslashes($_POST['username'])); $color = $_POST['color']; $font = $_POST['font']; $ip = $_SERVER['REMOTE_ADDR'] . "\n"; $ip1 = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); $_SESSION['username'] = $username; $_SESSION['color'] = $color; $current_time = mysql_real_escape_string(time()); $data[] = "\n".trim("\nusername=".htmlspecialchars_decode(substr($username, 0, 10)) . "\r"); $data[] = trim($current_time) . "\r"; $data[] = "ip=".trim($ip1) . "\r"; $data[] = "color=".trim($color) . "\r"; $data[] = "font=".trim($font) . "\r"; $data[] = "message=".htmlspecialchars_decode(trim(substr($text, 0, 75)) . "\r"); $data[] = trim("###"); //followed by later $datal = file_get_contents("data.line"); if (stristr($datal, $_SERVER['REMOTE_ADDR'])) { echo "<a href='http://helraizer.dnsalias.net/Chat/index.php5?action=delete'><b>Delete your post</b></a>"; $_SESSION['a'] = 1; if (isset($_SESSION['a']) && $_GET['action']=="delete") { ?><table align='center'><tr><td><b>Post Deletion</b></td></tr><tr><td> <?php $us_name = $_POST['user']; echo "<form align='center' name='post' action='delete.php5' method='post'>"; echo "<label align='center' for='user'>Please enter the username you used in your post:</label>"; echo " <input type='text' align='center' id='usera' name='usera' size='10' maxlength='10'>"; echo " <input type='submit' value='Delete!' name='submita' id='submita'>"; ?> </form></td></tr></table><br><br><br> <?php } } ?>Which is fine. It adds the new post after the previous, starting on a new line each time. It must do this or the script won't read be able to read the file at all, or will pull the wrong information out and thus break the formatting.
function.php
<?php function ddfm_flock($handle, $param) { global $enable_file_locking; if ($enable_file_locking == TRUE) { return flock($handle, $param); } else { return TRUE; } ?> }Then in finally in delete.php
<?php if (isset($_POST['submita'])) { $entries = file_get_contents("data.line"); $entries = (array )explode('###', $entries); foreach ($entries as $entry) { $data_t = explode("\r", trim($entry)); if ($data_t[0] == "username=" . $_POST['usera']) { $data = array(); foreach ($data_t as $dt) { if (strpos($dt, '=') != false) { $k = substr($dt, 0, strpos($dt, '=')); $v = substr($dt, strpos($dt, '=') + 1, strlen($dt) - strpos($dt, '=')); $data[$k] = $v; } } $data['timestamp'] = $data_t[1]; if (isset($_POST['usera'])) { if (is_string($_POST['usera'])) { $item = "username=" . $_POST['usera']; } } $the_ip = ""; $entries = file_get_contents("data.line"); $entries = (array )explode('###', $entries); foreach ($entries as $entry) { $data_t = explode("\r", trim($entry)); if (trim($data_t[0]) == $item) { foreach ($data_t as $d) { if (strpos($d, 'username=') === 0) { $the_ip = substr($d, 9, strlen($d) - 1); } } } } $entries = file_get_contents("data.line"); $entries = (array )explode('###', $entries); // recreate file $handle = fopen("data.line", "w"); if (ddfm_flock($handle, LOCK_EX)) { // do an exclusive lock foreach ($entries as $entry) { $data_t = explode("\r", trim($entry)); if (trim($data_t[0]) != "") { // if valid item foreach ($data_t as $d) { if (strpos($d, 'username=') === 0) { $test_ip = substr($d, 9, strlen($d) - 1); } } if ($test_ip != $the_ip) { // put back foreach ($data_t as $d) { fwrite($handle, $d . "\r"); } fwrite($handle, "###\r"); } else { // skip items from this IP } } } ddfm_flock($handle, LOCK_UN); // release the lock } else { } } } ?>which adds a blank line to the chatbox and thus the chatbox returns the wrong values and format.. How would I stop it from adding this extra line? If I change fwrite($handle, "###\r") to fwrite($handle, "###") it
makes data.line format as:
CHATBOXTEXT 7 username=helraizer 1202416953 ip=86.140.73.183 color=yellow font=palab message=bit of a bug, I admit ###username=Fjar 1202420306 ip=81.77.39.76 color=yellow font=palab message=I love you, my Sam ###username=helraizer 1202420637 ip=81.77.39.76 color=aqua font=palab message=I love you too, my Fjar!! <3 ###
The username of the next post starts on the same lines as the ### and the same problem occurs
Instead of reading
[helraizer]bit of a bug, I admit (should be yellow)
[Fjar] I love you my Sam!!
(should be yellow)[helraizer]I love you too, my Fjar!! <3 (should be blue)
it reads
[palab]palab
[202416953][202420306]
helraizer
^all of them white (the default if $color is not specified or different to those it is supposed to be).
How would I get it to, when I delete a post, print the comment (all information) starting on the line after the previous ###?
Hope that makes sense. Just ask if you need more information.
Thanks,
Sam
-
It's now set to 10 minutes. I'm not sure how it got set to 60 seconds.
I suppose if the time is counted in seconds then with a typo 600 could easily become 60, could be as simple as that..
-
Hi folks,
In my script I have this code:
<?php unset($errors); include ("linesfile.php5"); $filename = "data.line"; set_magic_quotes_runtime(0); if ($_POST['submit'] && strlen($_POST['input']) < 5) { $errors[] .= _NO_5; } if ($_POST['submit'] && strlen($_POST['username']) < 3) { $errors[] .= _NO_2; } $dirty = array('rude word', 'another rude word', 'etc'); foreach($dirty AS $bad_word){ if(preg_match("/$bad_word/i", $_POST['input'])) $errors[]= 'The word you entered, "'.$bad_word.'", has been detected as being offensive; your post has not been submitted. Sorry for any inconvenience.'; } ?> <div class="ddgb_entrybox"> <table width="100%" border="0" cellspacing="8" cellpadding="0"> <tr> <td width="42%" align="center" valign="top"></td> <td align="left" valign="top"> <?php if (isset($_POST['submit']) && $errors[0] != null) { echo "<h2>" . _ERROR . "</h2><ul>"; foreach ($errors as $f) { echo "<li>" . $f . "</li>"; } echo "</ul>"; } elseif ($_POST['submit']) { // grab the inputted text $text = htmlspecialchars(stripcslashes($_POST['input'] . "\n")); $username = htmlspecialchars(stripslashes($_POST['username'])); $color = $_POST['color']; $font = $_POST['font']; $ip = $_SERVER['REMOTE_ADDR'] . "\n"; $ip1 = $_SERVER['REMOTE_ADDR']; $time = time(); $_SESSION['username'] = $username; $_SESSION['color'] = $color; $data[] = "\n" . htmlspecialchars_decode(substr($username, 0, 10)); $data[] = trim($color); $data[] = trim($font); $data[] = htmlspecialchars_decode(trim(substr($text, 0, 75))); //Process the post $datafile = new DataFile($filename); if (!$datafile->writeNewLine($data)) die("Error writing to file"); } ?>I have a database set up called `chatbox` with a table `post` having the fields 'time' and 'ip'.
The idea: when the user posts, their ip is stored in the database along with the time stamp from when they post using
$sql = "INSERT INTO `chatbox`.`post` (`time`, `ip`) VALUES ('$time, $ip)"; //$time being merely time() and $ip being $_SERVER['REMOTE_ADDR']; $result = mysql_query($sql) or die('Error in SQL: ".mysql_error());I was planning to then query the database to see whether that ip (user) posted within the last 30 seconds ( if($row['time'] < ($time + 30)) { } ) if they have then $errors[] = 'You have already posted once, please wait 30 seconds to post again'; if not then it will post the form.
I have the code to use but how would I impliment this into my code?
Thanks,
Sam
-
Thanks guys, it works perfectly now.
Sam
-
Hi Folks,
I have a filtering system to clean up user input in the respect of swearing.
The code I have at the moment is this:
<?php $dirty = array('rude word', 'another', 'and another rude word', 'another, please Carol'); foreach($dirty AS $bad_word){ $text = preg_replace("/$bad_word/i","****", $text); } ?>So if the user inputted 'rude word me, it works!!!' and then 'and another rude word you' it'd turn into '**** me, it works!!!' and '**** you'.
Which makes it look odd, so instead of the preg_replace I was thinking of throwing an error message (which I also have using $errors as an array).
<?php define('_SWEAR', 'The word you entered, "'.$word.'", has been detected as being offensive; your post has not been submitted. Sorry for any inconvenience.'); //for the error. ?>How would I get it so that $word is the value in the $dirty array that the user inputted so it'd read:
Error!
- The word you entered, "rude word", has been detected as being offensive; your post has not been submitted. Sorry for any inconvenience.
Otherwise it'd just pull out any if not all of the elements of the array. How would I do this?
Thanks,
Sam
-
Quite frankly, I hate the colors. The top banner is actually really good. - but the black theme is not really working with me.
I don't understand the concept. Mind explaining?
Thanks for the response.
On the site layout or the chatbox?
If the site: I think I will make the '.: Page Name :.' part white so they fit with the black better than the blue/purple does.
Well, with the silver and blue banner at the top, with silver links I thought black would work the best with those colours. If it were white, say, the silver and blue wouldn't has such an impact. Any ideas of improvement?
Sam
-
Some people have tried to break it, so I now have implimented new systems. The username cannot be less than 3 characters nor longer than 10, the comment can only be between 5 and 75 characters. If someone makes their own form to submit values, and the colour and/or font are different to those in the list on my site, it will be returned as a default colour and/or font. All comments and username are truncated to 75 and 10 characters (respectively).
Can anyone suggest any improvements?
Sam
-
PHP Designer 2008 is by far the best PHP Editor as far as I'm concerned.
You have to pay for it, but it's worth it. If you don't want to pay, there's always PHP Designer 2007 which I believe is free.
phpDesigner 2007 better not be free, I payed for a liscense
but I agree with you, it is probably the best. Would it be worth looking at getting 2008? -
About SESSION he means like $_SESSION['s'] = 1000
That way no one can edit it and thus no one can cheat.
-
Not sure about everyone else but we should have a little more time to edit a post. Currently if you make a post you have less than a minute to spot an error and change it (literally 60 seconds). This also means that if we can't edit it the post after a certain time then we have to make a new post in order to show changes to the original post.
Maybe it's just me, though, who thinks it should be slightly longer, maybe 3 - 5 minutes?
What does everyone else think?
Sam
-
Hi folks, I have this site and idea
http://www.helraizer.co.uk/mychatbox/
at the moment I'm using javascript to alert the user if they haven't entered a username or message but all this does is popup an alert message and return false. However, if their browser does not support javascript (javascript is turned off) then it just won't send and will give them no reason why.
How would I get it so that, using php, if the submit button is pressed and either the username is less than 3 characters and/or the comment field is less than 5 characters then above the image (on the site page) a list of errors would appear.
So if nothing was wrong it shows no errors but if the user name was less than 3 characters and comment <5 it'd appear
"Error!
-Your username is too short, please enter a user name between 3 and 10 characters.
-Your comment is too short, please enter a comment between 5 and 75 characters." (or similar)
How would I do this?
I know this is a "help" forum not a "do it for me forum" but if you guys can give me a baseline for this problem, to work with from there I can probably get it from there.
Thanks,
Sam
-
Oh bugger.
That would help.. wouldn't it..http://www.helraizer.co.uk/mychatbox/
Sorry about that.
Sam
-
Hi folks,
I have been working on this for a while, could you tell me what you think? The idea behind it is that it can be used as a forum signature, soon I will make a user system so people can have their own chatbox to use. So instead of Helraizer's Chatbox it'll have Username's chatbox (Username being their chosen username) but that's for later.
How could either the chatbox or the website itself be improved/look better?
Thanks,
Sam
First Beta Test
in Beta Test Your Stuff!
Posted
Full path disclosure
http://two.team-who.co.uk/CaptchaSecurityImages.php?width=1p