Jump to content

monkeytooth

Members
 View Profile  See their activity

  • Posts

    1,129

  • Joined

  • Last visited

    Never

 Content Type 

Posts posted by monkeytooth

    Best way to perform pentest

    in Miscellaneous

    Posted

    A site being secure is nothing more than how secure the software on the server is. Blocking ports, etc isn't going to stop someone from ravaging your stuff if your stuff is insecure. Anything from a simple variable in your domain ie: mydomain.com/index.php?myvar=something if not secured properly can mess up your whole day.

    Getting Twitter user details.

    in Miscellaneous

    Posted

    Twitter doesn't give you to much to work with as far as retrieval of data outside of the feeds. You can get the firstname, lastname, etc.. but only if the user of the account provided it, as its essentially optional data.

     

    I am intent on working on a project similar to what your doing hopefuly in the next 24 hours.. but from my reading generally the pickens currently at least are very slim. I do know also

     

    cURL can do a lot for getting data. But you are going to likely have to register as an app with twitter and get the keys for an app to access more information for any given user who approves it, you will also need to give in an take a gander at the oAuth they are using.

    Get Hotmail Contacts

    in Miscellaneous

    Posted

    I am in the middle of a similar conquest, but for gmail. So far I have gotten as far as an XML dump of my contacts but there XML format is a pain in the ass to work with so I am stuck there. Anywho In my searches for what I am trying to achieve I have come cross pleanty of mention of doing it with AOL, Live, Hotmail, and various other services.. my suggestion would be start with using google. Search for "PHP cURL hotmail contacts" that may yield something. I wish you luck

    PHP/MySQL Login Script

    in Miscellaneous

    Posted

    lol I messed my own self up..

     

    html side:
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="text" name="name" id="name" value="" />
<input type="password" name="pass" id="pass" value="" />
<input type="submit" name="submitLogin" id="submitLogin" value="Login" />
</form>

php side (same page):
<?php
if((isset($_POST['submitLogin']))||(!empty($_POST['submitLogin']))||(trim($_POST['submitLogin']) !== ""))
{
$errors = "none";
$msg = "";
    if((!isset($_POST['name']))||(empty($_POST['name']))||(trim($_POST['name']) == "")){$errors = "yes";$msg .="Name not provided<br />";}
else{if($_POST['name'] !== "my-username"){$errors = "yes";$msg .="Username not found<br />";}
if($_POST['pass'] !== "my-secret-password"){$errors = "yes";$msg .="Password not provided<br />";
}
    if((!isset($_POST['pass']))||(empty($_POST['pass']))||(trim($_POST['pass']) == "")){$errors = "yes";$msg .="Password not provided<br />";}else{if($_POST['pass'] !== "my-secret-password"){$errors = "yes";$msg .="Password does not match<br />";}
}


if($errors == "none"){$_SESSION['loggedin']="yes";$msg = "Logged in...";}
echo $msg;
}
?>

    PHP/MySQL Login Script

    in Miscellaneous

    Posted

    There is no "simple" solution, just as there is no set standard for a login. Thats mostly due to everyone having a different system from the next persons (well in a matter of thinking, there are those upload, and click installable apps like vB, WP, SMF, etc..). But with that in mind its nearly impossible to just have a login that would just be upload and play for any given system cause how you structure your site might not support the concept well without making it.

     

    The most basic of basic logins...

     

    html side:
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="text" name="name" id="name" value="" />
<input type="password" name="pass" id="pass" value="" />
<input type="submit" name="submitLogin" id="submitLogin" value="Login" />
</form>

php side (same page):
<?php
if((isset($_POST['submitLogin']))||(!empty($_POST['submitLogin']))||(trim($_POST['submitLogin']) !== ""))
{
$errors = "none";
$msg = "";
    if((!isset($_POST['name']))||(empty($_POST['name']))||(trim($_POST['name']) == "")){$errors = "yes";$msg .="Name not provided<br />";}
    if((isset($_POST['pass']))||(!empty($_POST['pass']))||(trim($_POST['pass']) !== "")){$errors = "yes";$msg .="Password not provided<br />";}

if($errors == "none"){$_SESSION['loggedin']="yes";$msg = "Logged in...";}
echo $msg;
}
?>

    Parsing this XML I dunno what im doing wrong..

    in PHP Coding Help

    Posted

    Ok, I wont lie its been a while since I've parsed any XML files that are more intricate then a simple feed for like lets say a blog.. that said..

     

    <?xml version='1.0' encoding='UTF-8'?><feed xmlns='http://www.w3.org/2005/Atom' xmlns:openSearch='http://a9.com/-/spec/opensearchrss/1.0/' xmlns:gContact='http://schemas.google.com/contact/2008' xmlns:batch='http://schemas.google.com/gdata/batch' xmlns:gd='http://schemas.google.com/g/2005'><id>monkeytooth@gmail.com</id><updated>2011-06-30T00:07:48.706Z</updated><category scheme='http://schemas.google.com/g/2005#kind' term='http://schemas.google.com/contact/2008#contact'/><title type='text'>Chris Hacia's Contacts</title><link rel='alternate' type='text/html' href='http://www.google.com/'/><link rel='http://schemas.google.com/g/2005#feed' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full'/><link rel='http://schemas.google.com/g/2005#post' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full'/><link rel='http://schemas.google.com/g/2005#batch' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/batch'/><link rel='self' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full?max-results=5'/><link rel='next' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full?start-index=6&max-results=5'/><author><name>Chris Hacia</name><email>monkeytooth@gmail.com</email></author><generator version='1.0' uri='http://www.google.com/m8/feeds'>Contacts</generator><openSearch:totalResults>90</openSearch:totalResults><openSearch:startIndex>1</openSearch:startIndex><openSearch:itemsPerPage>5</openSearch:itemsPerPage><entry><id>http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/base/0</id><updated>2010-01-27T00:11:57.430Z</updated><category scheme='http://schemas.google.com/g/2005#kind' term='http://schemas.google.com/contact/2008#contact'/><title type='text'>Chris H</title><link rel='http://schemas.google.com/contacts/2008/rel#edit-photo' type='image/*' href='http://www.google.com/m8/feeds/photos/media/monkeytooth%40gmail.com/0/8_XL_JoAPon1k7SNixI2iA'/><link rel='http://schemas.google.com/contacts/2008/rel#photo' type='image/*' href='http://www.google.com/m8/feeds/photos/media/monkeytooth%40gmail.com/0'/><link rel='self' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/0'/><link rel='edit' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/0/1264551117430000'/><gd:email rel='http://schemas.google.com/g/2005#other' address='soulzllc@gmail.com' primary='true'/></entry><entry><id>http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/base/1</id><updated>2007-08-01T18:02:04.410Z</updated><category scheme='http://schemas.google.com/g/2005#kind' term='http://schemas.google.com/contact/2008#contact'/><title type='text'></title><link rel='http://schemas.google.com/contacts/2008/rel#edit-photo' type='image/*' href='http://www.google.com/m8/feeds/photos/media/monkeytooth%40gmail.com/1/1B2M2Y8AsgTpgAmY7PhCfg'/><link rel='self' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/1'/><link rel='edit' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/1/1185991324410001'/><gd:email rel='http://schemas.google.com/g/2005#other' address='laurierarmstrong@sbcglobal.net' primary='true'/></entry><entry><id>http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/base/2</id><updated>2010-01-27T00:11:57.430Z</updated><category scheme='http://schemas.google.com/g/2005#kind' term='http://schemas.google.com/contact/2008#contact'/><title type='text'>Steve Sattler</title><link rel='http://schemas.google.com/contacts/2008/rel#edit-photo' type='image/*' href='http://www.google.com/m8/feeds/photos/media/monkeytooth%40gmail.com/2/1B2M2Y8AsgTpgAmY7PhCfg'/><link rel='self' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/2'/><link rel='edit' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/2/1264551117430000'/><gd:email rel='http://schemas.google.com/g/2005#other' address='stevesattlerfilms@yahoo.com' primary='true'/></entry><entry><id>http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/base/3</id><updated>2010-01-27T00:11:57.430Z</updated><category scheme='http://schemas.google.com/g/2005#kind' term='http://schemas.google.com/contact/2008#contact'/><title type='text'>Michael Montana</title><link rel='http://schemas.google.com/contacts/2008/rel#edit-photo' type='image/*' href='http://www.google.com/m8/feeds/photos/media/monkeytooth%40gmail.com/3/1B2M2Y8AsgTpgAmY7PhCfg'/><link rel='self' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/3'/><link rel='edit' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/3/1264551117430000'/><gd:email rel='http://schemas.google.com/g/2005#other' address='montana1@comcast.net' primary='true'/></entry><entry><id>http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/base/4</id><updated>2007-08-01T18:02:04.410Z</updated><category scheme='http://schemas.google.com/g/2005#kind' term='http://schemas.google.com/contact/2008#contact'/><title type='text'></title><link rel='http://schemas.google.com/contacts/2008/rel#edit-photo' type='image/*' href='http://www.google.com/m8/feeds/photos/media/monkeytooth%40gmail.com/4/1B2M2Y8AsgTpgAmY7PhCfg'/><link rel='self' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/4'/><link rel='edit' type='application/atom+xml' href='http://www.google.com/m8/feeds/contacts/monkeytooth%40gmail.com/full/4/1185991324410001'/><gd:email rel='http://schemas.google.com/g/2005#other' address='Jim.Farrell@courant.com' primary='true'/></entry></feed>

     

    that is an example of the XML I am trying to parse.

     

    And this is how I am attempting to do it..

    $doc = new DOMDocument();
$doc->load($result);
$arrFeeds = array();
foreach ($doc->getElementsByTagName('feed') as $node) {
foreach ($node->getElementsByTagName('entry') as $addy) {
$itemRSS = array ('email' => $addy->getElementsByTagName('gd:email')->item(0)->nodeValue);
}
array_push($arrFeeds, $itemRSS);
}
array_unique($arrFeeds);

     

    I'm not yielding any results from this. All I want to currently do is get the "address=" of the "gd:email" for every "entry" and I am just failing miserably. Any ideas what ive done wrong or have I approached this entirely in a ****ed up way

     

    gmail, curl, stdClass issue..

    in PHP Coding Help

    Posted

    Alright, I need some fresh eyes, minds, etc to help me trouble shoot this.

     

    First the code..

    <?php

error_reporting(E_ALL);

$user = "xxxxxxxxxxx@gmail.com";
$password = "xxxxxxxxxxx";

// ref: http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html

// step 1: login
$login_url = "https://www.google.com/accounts/ClientLogin";
$fields = array(
'Email' => $user,
'Passwd' => $password,
'service' => 'cp', // <== contact list service code
'source' => 'test-google-contact-grabber',
'accountType' => 'GOOGLE',
);

$curl = curl_init();
curl_setopt($curl, CURLOPT_URL,$login_url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS,$fields);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); 
$result = curl_exec($curl);

$returns = array();

foreach (explode("\n",$result) as $line)
{
$line = trim($line);
if (!$line) continue;
list($k,$v) = explode("=",$line,2);

$returns[$k] = $v;
}

curl_close($curl);

// step 2: grab the contact list
$feed_url = "http://www.google.com/m8/feeds/contacts/$user/full?alt=json&max-results=99999";

$header = array(
'Authorization: GoogleLogin auth=' . $returns['Auth'],
);

$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $feed_url);
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); 

$result = curl_exec($curl);
curl_close($curl);

$data = json_decode($result);
$contacts = array();
foreach ($data->feed->entry as $entry)
{
$contact = new stdClass();
$contact->title = $entry->title->{'$t'};
$contact->email = $entry->{'gd$email'}[0]->address;

$contacts[] = $contact;
}
echo '<pre>';
var_dump($contacts);
echo '</pre>';

     

    the output.. http://7pz.net/gmail.php

     

    the error(s).. 

    Notice: Undefined property: stdClass::$gd$email in /home/monkey/public_html/sites/mine/7pz.net/gmail.php on line 63

Notice: Trying to get property of non-object in /home/monkey/public_html/sites/mine/7pz.net/gmail.php on line 63

Notice: Undefined property: stdClass::$gd$email in /home/monkey/public_html/sites/mine/7pz.net/gmail.php on line 63

Notice: Trying to get property of non-object in /home/monkey/public_html/sites/mine/7pz.net/gmail.php on line 63

     

    Gotta say, Im a bit lost..

    Oh and "Line 63" is

    $contact->email = $entry->{'gd$email'}[0]->address;

    need help with this

    in PHP Coding Help

    Posted

    that sounds like a lot of extra nonsense to me, no offence..

     

    maybe giving your the variables the actual numbers you want in the array would be better.. then

     

    $myNewArray = array();
if($include_a !== false){$myNewArray[]=24;}
if($include_b !== false){$myNewArray[]=5;}
if($include_c !== false){$myNewArray[]=13;}

echo "<pre>";
print_r();
echo "</pre>";

     

    this way if the variable is anything other than false (true, in your case) it will add an item to the variable $myNewArray which at the begining is defined as an empty array.. doing $myNewArray[] appends to an array

    Storing dropdown options...

    in PHP Coding Help

    Posted

    If this 3-4 option list is just a static list that maybe the options change once in a blue moon, but you have the same options on a dozen pages.. you could always

     

    in a separate file put the static HTML version of this select box. There where ever you want that particular group of options you could include() the file in via the php. This way you in concept have a dynamic box that can be used anywhere but all the while retain the ability to be static without having to go into multiple pages to update/edit it. This way you also don't have to come up with extra code to read the XML file you would pull it from otherwise.. but this is just a thought..

    Twitter, What are the possibilities

    in Miscellaneous

    Posted

    Does anyone know if Twitter has a means of something like Facebook connect. I mean do they allow me as a developer to access similar data to what I can get from facebook connect when a user approves of the app. Facebook I can get everything from a users name to email to what sports they like if they like any sports and so on and so forth. If there's no connect like option similar to that, is that something I might be able to use cURL for or any other similar methods?

     

    The whole point of this is because I want to offer members on my site a means of quickly importing profile information from a service they already use else where so I can use that data for my services and user profiles. Rather then have them type it all up if they don't wanna.

     

    Idea's suggestions or samples welcome :-)

     

    Come to think of it, does twitter even contain the much information about any given user?

    Getting x rows from a database

    in PHP Coding Help

    Posted

    Oh god...

     

    Query like normal, but apply a LIMIT clause to your query. You want to query out 3 rows at a time.. So you'd have a query like...

     

    SELECT * FROM tableName LIMIT 0,3

     

     

    that will query the first 3 recent rows in your DB (you could apply an ORDER BY [DESC|ASC]). You can elaborate further on the 0,3 and apply them by a variable. $x, $y for example.. and make those variables dynamic based on a page variable or something where page 2 would show 4,6 which will show rows 4 through 6.. I'm sorry I'm not being super nondescript and I am rushing through this a bit as I run out the door so to speak but I wanted to at least give the impression of what you can try

     

    Query by page title?

    in PHP Coding Help

    Posted

    Valid point carlito.. But its also worth mentioning sometimes the way other code is done is the best possible way to achieve a goal. Hundreds of thousands of coders in the world, and only so many ways to write code to work. Thats why you can't copyright code for the most part, you can copy right the concept of what the code does and what it was built for but the code itself not really cause if someone hasn't yet come up with a concept similar to anything anyone has done, someday sometime in the future someone will wanna do something entirely different that will look act and feel like what youve done :-)

     

    but reading through and trying to understand what your pillaging is always a good thing to do..

    How To Use a Random If Statement

    in PHP Coding Help

    Posted

    Not that this is the best concept. But to try to be "equal" if you will where is 50/50 but at random with not display count or anything to back it up stored anywhere.

     

    I would say.. maybe

     

    $adOne = 2000;
$adTwo = 4000;

$adSrv = rand(0, 4000);

if($adSrv <= $adOne){/*show ad one*/}
if(($adSrv <= $adTwo) AND ($adSrv > $adOne )){/*show ad two*/}

     

    Thats kinda quick and dirty.. for a concept would be kinda ideal for a few ad's but more elaborate concepts can be thought of I am sure.

    Problem with confirm delete button to show up on same page

    in PHP Coding Help

    Posted

    In order to get the button to show up directly after the other button is clicked without reloading the page is to impliment some javascript to manipulate the already rendered DOM. PHP is a server-side script. Meaning it loads, runs its scripts, then renders in the browser. But once its rendered its rendered. JavaScript is just the opposite I mean you can use it to do things to the page when it loads but essentially JavaScript works on the browser elements (DOM) after the page is rendered. My Suggestion to you would look into jQeury its a fairly stable and all around good library to work with when you want to manipulate your pages like I think your trying to. Just for refrence jQuery is also JavaScript but its a library of premade functionality that you can reuse with less hassle

    Query by page title?

    in PHP Coding Help

    Posted

    You want the core basics in a semi direct manor.. i picked up this site many years ago.. tizag.com they are basically a core basics sites. Which will give you the stepping stones to learn quickly. And they do it with visible examples. Over all not a bad site, they also have various references there from static HTML to mySQL, PHP, JavaScript.. etc.. I would say before continuing on you at the least study that site and its references. I mean this with no disrespect. But I also say it with a firm guiding tone :-)

     

    Trust me, knowing at the least the basics before you come on to a forum like this will save you a lot of frustration. As some people can be brutal savages more so cause they don't remember the years they struggled through. Also being as descript as you can without dropping 200+ lines of code with only "This is broken how do I fix it" as the description (*cough* carlito... *cough, cough*) is helpful too.

     

    One thing I also want to mention is the books you ordered, and sites you are going to come up with in general til you start getting more familiar with the code your intent on using aren't likely to mention the concept of code injection tizag I know covers it lightly but. If your developing a site where a user can change any variable through the browser its worth reading up on "XSS Attacks" and "Injection Prevention" it will save you a lot of headache in the future to implement good security now

    Validating user input

    in PHP Coding Help

    Posted

    You have 4 static elements correct? Select box "value" is the ID of the question? then the text input next to it is the answer right? Why not cause I know your likely pushing this through with a post/get via jquery match the pairs of data up.. you are the one that makes your string to get posted..

     

    myfile.php&q1=ValueFromSelect1&a1=AnswerFromInput1&q2=ValueFromSelect2&a2=AnswerFromInput2 then in your backend. If any one of the 4 variables are empty or otherwise invalid to you reject it with an error. Otherwise you know variable q1 goes with a1 and q2 goes with... a2

    Remembering the last page

    in PHP Coding Help

    Posted

    I am wondering whats the best way to "remember" the last page someone was attempting to access. Lets say I have a members based site. And someone goes directly to an area thats public but requires login. I have the login page independent of the page they land on. So I guess curiously speaking whats the best way to approach and or handle that?

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.