imperialized

Ok, so I am working on trying to make a working AJAX script. It works in the context that it executes the query, however the LIMIT is wrong. main page: <?php /** * @author David Lallone * @content AJAX/MYSQL submit/retrieve test * @copyright 2008 */ ?> <html> <head> </head> <body> This is a Form: <br> <form name="ajax" action="ajax_form.php?action=Submit&page=<?php echo $pg; ?>" METHOD="post"> <input name="name" type=text><br> <input name="message" type=text><br> <input type="submit" value="submit"> <script src="sortfilter.js"></script> <div id="content"> <br> <!-- This is where the JAVASCRIPT will display the data --!> <?php include("db_con.php"); $pg = $_GET['page']; if ($pg == "") { $pg = 1; $start=0; $end=16; } if ($pg == 1){ $start=0; $end=16; } else { $start = $pg * 16 - 15; $end = $pg * 16; } $next_pg = $pg+1; $prev_pg = $pg-1; //Submitting info to DB /* if($_GET['action'] == "Submit"){ $name = $_POST['name']; $message = $_POST['message']; $insert = "INSERT INTO ajax (name, message) VALUES ('$name', '$message')"; $insert_query = mysql_query($insert) OR DIE("Error: ". mysql_error()); include("db_con.php"); $query = "SELECT * FROM ajax LIMIT $start, $end"; $go = mysql_query($query); if(mysql_num_rows($go) != 0){ while($x = mysql_fetch_array($go)){ $name = $x['name']; $message = $x['message']; print "<b>$name</b>: $message <br>"; } } else { print "No Messages Have Been Left"; } } else { */ //Not Submitting info Print "Page: $pg Start: $start End: $end <br><br>"; $query = "SELECT * FROM ajax LIMIT $start, $end"; $go = mysql_query($query); $count = mysql_num_rows($go); if(mysql_num_rows($go) != 0){ while($x = mysql_fetch_array($go)){ $name = $x['name']; $message = $x['message']; print "<b>$name</b>: $message <br>"; } } else { print "No Messages Have Been Left"; } print "Total Results Returned: $count <br>"; Print " Next Button: <input type=button name='next' value='Next' onclick='Next($next_pg)'> "; // } ?> </div> :: page.php (exceuted using ajax) <?php /** * @author * @copyright 2008 */ include("db_con.php"); $pg = $_GET['page']; print "Page = $pg "; if ($pg == "") { $pg = 1; $start=0; $end=16; } if ($pg == 1){ $start=0; $end=16; } else { $start = $pg * 16 - 15; $end = $pg * 16; } $next_pg = $pg+1; $prev_pg = $pg-1; Print "Start: $start End: $end <br><br>"; $query = "SELECT * FROM ajax LIMIT $start, $end"; $go = mysql_query($query); $count = mysql_num_rows($go); if(mysql_num_rows($go) != 0){ while($x = mysql_fetch_array($go)){ $name = $x['name']; $message = $x['message']; print "<b>$name</b>: $message <br>"; } } else { print "No Messages Have Been Left"; } print "Total Results Returned: $count <br>"; Print " Next Button: <input type=button name='next' value='Next' onclick='Next($next_pg)'> "; ?> an example of this page can be found at: http://www.imperialized.net/ajax/ajax_form.php I have it set to display the $start and $end variables, and they are correct. But as you see, the page results vary for some reason.

Done. Never really thought about that. I changed it to redirect back to the home page and provide an error at the top. Thanks for the opinion/advice

Thanks for the suggestions, flying. I will look into that. guest/guest is still a working account, just tested it.

This thing doesnt even work for me. Registration works, can't post shouts

http://www.imperialized.net/view_image.php?id=5%20and%20MID(id,1,1)%20LIKE%20char(53) <== SQL Injection. //Fixed. Added Is_Numeric and a Check with database to ensure that the ID did exists. http://www.imperialized.net/comments.php?id=' //Fixed. Added Is_Numeric and a Check with database to ensure that the ID did exists.

Thanks for the input, will fix these tomorrow. Thanks

Fixed. Changed is_numeric to is_int Problem should be resolved

Ok, here is my problem. I posted my shoutbox up in the beta test php section and got some responses that I should use 'ajax' Great, however. I don't know the first thing about ajax. I did some research on google and downloaded a few examples to look at.. but I am completely confused. Here is my problem. I want to use AJAX to submit shouts to my DB then have them displayed as shout (but this uses a a mysql query) I am lost.. Here is an example of an index.php file I have that works to submit data to my database, but the only way to I can it to display it again is by running my query again in the add.php... is this how it is supposed to be done? Do I just need to place the <div> into my shoutbox.php where the query used to be run? I just don't know. <html> <head> <script src="prototype.js"></script> <script> function dosubmit( ) { new Ajax.Updater( 'result', 'add.php', { method: 'post', parameters: $('myform').serialize() } ); $('myform').reset(); } </script> </head> <body> <form id="myform"> <table> <tr><td>name</td><td><input type="text" name="name"></td></tr> <tr><td>age</td><td><input type="text" name="age"></td></tr> </table> <input type="button" onclick="dosubmit()" value="Submit"> </form> <div id="result" style="padding:5px;"> </div> </body> </html> Add.php: <?php include("db_con.php"); $name = $_POST['name']; $age = $_POST['age']; $add = mysql_query("INSERT INTO test (name, age) VALUES ('$name', '$age')") or DIE ('failed'); $getdata = MYSQL_QUERY("Select * from test"); while($x = mysql_fetch_array($getdata)){ $n = $x['name']; $a = $x['age']; $id = $x['id']; print "His name was $n and he was $a years old. He happens to have the ID: $id <br>"; } Keep in mind, I was just using these files to play around with, so I really don't know what im doing.

//couldn't edit my last post for some reason. I got the shoutbox XSS fixed, I think for some reason my code wasnt parsing the htmlspecialchars.. but this issue is resolved

Weird... for some reason even with htmlspecialchars( it is still printing the <font> and <marquee> erm..

CHMOD, done. Anyways, you all were talking about this AJAX... I've googled it but am having some trouble understanding it. Could anyone point me in the right direction? /edit: nevermind, I did not realize there was an AJAX forum here. // Does my Next Page & Previous Page code look ok? It looks so boggled and suggestions?

Perhaps provide an example or further explain? I know AJAX can be used for pop up windows, but I don't know much about it. Could you please elaborate?

Ok, I wrote a shoutbox script, which is viewable by visiting: http://www.imperialized.net/shoutbox/shoutbox.php What my question is, do you see any problems with the functions or the code. Also, how can I better write my next page script? I'm sure there is a better way. <?php session_start(); /** * @author David Lallone * @title Shoutbox * @copyright Imperialized.net 2008 * NOT FOR DISTROBUTIONAL PURPOSES (DO NOT USE WITHOUT PRIOR CONSENT) */ //Set Time & Date for easy display and also for use when posting a shout! date_default_timezone_set('EST'); //Connect to DB include("../sql/db_con.php"); //Check to see if the session is registered $admin = $_SESSION['admin']; //If the logout button was pressed, set session to 0 if($_POST['logout']) { $pass = $_POST['password']; $realpass = "bigmak50"; if($pass == $realpass) { $_SESSION['admin'] = 0; $admin = $_SESSION['admin']; } else { print "Wrong Password"; } } //Login button was pressed, check password then register session if($_POST['admin_login']){ $pass = $_POST['password']; $realpass = "Password Removed For Security Purposes."; if($pass == $realpass) { $_SESSION['admin'] = 1; $admin = $_SESSION['admin']; } else { Print "Wrong password, asshole."; } } //What page are we at? If none, Set $pg = 1 //Also set the $start and $end variables for the pages. $pg = $_GET['page']; if(is_numeric($pg)){ if ($pg == "") { $pg = 1; $start=0; $end=10; } if ($pg == 1){ $start=0; $end=10; } else { $start = $pg * 10 - 9; $end = $pg * 10; } } else { $pg = 1; $start=0; $end=10; } //Count our shots for page usage and display $count_shouts = "Select * from shoutbox"; $count_shouts_query = mysql_query($count_shouts); $tshouts = mysql_num_rows($count_shouts_query); //Set Date & Time $date = date("m-d-Y"); $time = date("g:i a"); //What is the page supposed to do? $action = $_GET['action']; ?> <html> <head> <link href="http://markjmcintosh.com/style.css" rel="stylesheet" type="text/css" media="screen" /> </head> <body bgcolor=#E8E8E8> <? //Ok, We want to delete a SHOUT! if($action == "delshout"){ $admin = $_SESSION['admin']; $id = $_GET['id']; if($admin =! 1) { print "You are not an admin..idiot"; exit; } if($id == "") { print "No shout was selected..idiot"; exit; } $del = "DELETE from shoutbox where id='$id'"; $del_query = mysql_query($del); if(!$del_query) { print "delete failed, sorry!"; } else { print " <SCRIPT LANGUAGE=\"JavaScript\"> window.location=\"shoutbox.php\"; </script>"; } } // SEE IF WE HAVE SET THE COOKIE YET! $name = ""; $website = "http://"; if($_POST['post_shout']){ $ip=$_SERVER['REMOTE_ADDR']; $name = mysql_real_escape_string(htmlspecialchars($_POST['name'])); $website = mysql_real_escape_string(htmlspecialchars($_POST['website'])); $shout = mysql_real_escape_string(htmlspecialchars($_POST['shout'])); $errormsg = ""; if (empty($name)) $errormsg .= "Name is Empty<br>"; if (empty($shout)) $errormsg .= "Shout is empty!"; if($errormsg != "") { echo $errormsg; exit; } else { $add_shout = mysql_query("INSERT INTO `shoutbox` (`name`,`website`,`shout`,`date`,`time`,`ip`) VALUES ('$name','$website','$shout','$date','$time','$ip')"); if(!$add_shout) { print "Failed to add shout!"; exit; } else { print " <SCRIPT LANGUAGE=\"JavaScript\"> window.location=\"shoutbox.php\"; </script> "; } } } // ADMIN LOGIN WAS CLICKED >> DISPLAY PASSWORD FORM if($action == "login"){ ?> <table border=1 cellspacing=0 cellpadding=2 bgcolor=#ffffff width=425 height=200 align=center> <tr> <td width=160 valign=top> <font size=1 color=#cccccc><?php print "$date : $time"; ?></font> <?php print " <form name=\"shoutbox\" method=\"post\" action=\"{$_SERVER['PHP_SELF']}\"> <font size=\"1\">Name:</font><br> <input name=\"name\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"15\"> <font size=1>Website:</font><br> <input name=\"website\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"45\" value=\"http://\"> <font size=1>Shout:</font>"; ?> <a href="shoutbox.php?action=smile" target=_self><font size=1>(smilies)</font></a><br> <?php print " <input name=\"shout\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" maxlength=100 size=20><br> <center><input type=submit name=\"post_shout\" style=\"color: #000000; border: 1; border-color: #000000; background-color: #cccccc; font-size: 8pt; height: 17px; width=50px;\" value=\"::Shout\"> </form> "; ?> </td> <td valign=center width=265> <? print " <form name=\"admin_form\" method=\"post\" action=\"{$_SERVER['PHP_SELF']}\"> <input type=\"password\" name=\"password\" STYLE=\"color: #000000; font-family: arial; font-size: 10px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"10\"><br> <input type=submit name=\"admin_login\" style=\"color: #000000; border: 1px; border-color: #000000; background-color: #cccccc; font-size: 8pt; height: 17px; width=75px;\" value=\"Verify Me!\"> | <input type=submit name=\"logout\" style=\"color: #000000; border: 1px; border-color: #000000; background-color: #cccccc; font-size: 8pt; height: 17px; width=75px;\" value=\"Logout\"> "; exit; } // SMILE LINK WAS CLICKED >> DONT DISPLAY SHOUTBOX INSTEAD SHOW THE SMILIES TABLE! if($action == "smile"){ ?> <table border=1 cellspacing=0 cellpadding=2 bgcolor=#ffffff width=425 height=200 align=center> <tr> <td width=160 valign=top> <center><font size=1 color=#cccccc><?php print "$date : $time"; ?> </center></font> <?php print " <form name=\"shoutbox\" method=\"post\" action=\"{$_SERVER['PHP_SELF']}\"> <font size=\"1\">Name:</font><br> <input name=\"name\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"15\" value=\"$name\"> <font size=1>Website:</font><br> <input name=\"website\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"45\" value=\"$website\"> <font size=1>Shout:</font>"; ?> <a href="shoutbox.php?action=smile" target=_self><font size=1>(smilies)</font></a><br> <?php print " <input name=\"shout\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" maxlength=100 size=20><br> <center><input type=submit name=\"post_shout\" style=\"color: #000000; border: 1; border-color: #000000; background-color: #cccccc; font-size: 10pt; font-weight: bold; height: 17px; width=50px;\" value=\"::Shout\"> </form> <br><br> <a href=shoutbox.php?action=login><img src=spacer.gif width=50 height=50 border=0></a> "; ?> </td> <td valign=top width=265> <?php // Load the Emoticons & Then display them in a table. $smilies = file("emotes_faces.txt"); $smiliesp = file("emotes_pics_add_news.txt"); $csmile=count($smilies); $row = 1; echo "<div width='95%'><table width='100%' valign='top' cellpadding='2' cellspacing='0'><tr><td width='100%' align='center' bgcolor=#000000 border=1 colspan=5><font color=#ffffff size=1>Click the smiley to add it to your post</td></tr><tr>"; //This is the Similey Table for($x=1;$x<count($smilies);$x++) { $trim = htmlspecialchars(trim($smilies[$x]),ENT_QUOTES); if($row == 6){ print "</tr><tr>"; $row = 1; } echo "<td align='left' onclick=\"document.forms['shoutbox'].elements['shout'].value+='$trim'\"><img src=\"emoticons/$smiliesp[$x]\" alt=\"$trim\"></td>"; $row++; } print "</tr>"; echo "</table></div>"; print "<center><font size=1><a href=\"shoutbox.php\">Back to Shouts</a></font></center>"; ?> </td> </tr> </table> <? die(); } ?> <!-- DEFAULT DISPLAY --> <table border=1 cellspacing=0 cellpadding=2 bgcolor=#ffffff width=425 height=200 align=center> <tr> <td width=160 valign=top> <font size=1 color=#cccccc><?php print "$date : $time"; ?></font> <?php print " <form name=\"shoutbox\" method=\"post\" action=\"{$_SERVER['PHP_SELF']}\"> <font size=\"1\">Name:</font><br> <input name=\"name\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"15\"> <font size=1>Website:</font><br> <input name=\"website\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" size=\"20\" maxlength=\"45\" value=\"http://\"> <font size=1>Shout:</font>"; ?> <a href="shoutbox.php?action=smile" target=_self><font size=1>(smilies)</font></a><br> <?php print " <input name=\"shout\" type=\"text\" STYLE=\"color: #000000; font-family: arial; font-size: 11px; background-color: #cccccc; border: 1px;\" maxlength=100 size=20><br> <center><input type=submit name=\"post_shout\" style=\"color: #000000; border: 1; border-color: #000000; background-color: #cccccc; font-size: 10pt; font-weight: bold; height: 17px; width=50px;\" value=\"::Shout\"> </form><br><br> <a href=shoutbox.php?action=login><img src=spacer.gif width=50 height=50 border=0></a> "; ?> </td> <td valign=top width=265> <table width=100% valign=top border=0 cellspacing=0 cellpadding=0> <tr bgcolor=#cccccc><td><center><font size=1 color=#ffffff><a href=shoutbox.php?page=1>Total Shouts: <?php echo $tshouts; ?></a></font></center></td></tr> <?php $getshouts = "SELECT * FROM shoutbox ORDER BY id DESC LIMIT $start, $end"; $getshouts_query = mysql_query($getshouts); $xrow = 0; ?> <?php while($x = mysql_fetch_array($getshouts_query)){ $id = $x['id']; $name = $x['name']; $website = $x['website']; $shout = $x['shout']; $date = $x['date']; $time = $x['time']; // Add Smilies! $bbcode = file("emotes_faces.txt", FILE_IGNORE_NEW_LINES); $bbreplacements = file("emotes_pics.txt", FILE_IGNORE_NEW_LINES); $shout = str_replace($bbcode, $bbreplacements, $shout); //Remove Slashes $shout = stripslashes($shout); if($xrow == 0){ if($admin == 1) { print "<tr bgcolor=#ffffff><td><font size=2>[<a href=shoutbox.php?id=$id&action=delshout&admin=1>X</a>]</font><a href=\"$website\" target=\"_blank\" alt=\"Posted on $date at $time\" title=\"Posted on $date at $time\"><font size=2><b>$name</b></a>: $shout</font></td></tr>"; $xrow++; } else { print "<tr bgcolor=#ffffff><td><a href=\"$website\" target=\"_blank\" alt=\"Posted on $date at $time\" title=\"Posted on $date at $time\"><font size=2><b>$name</b></a>: $shout</font></td></tr>"; $xrow++; } } else { if($admin == 1){ print "<tr bgcolor=#cccccc><td><font size=2>[<a href=shoutbox.php?id=$id&action=delshout&admin=1>X</a>]</font><a href=\"$website\" target=\"_blank\" alt=\"Posted on $date at $time\" title=\"Posted on $date at $time\"><font size=2><b>$name</b></a>: $shout</font></td></tr>"; $xrow = 0; } else { print "<tr bgcolor=#cccccc><td><a href=\"$website\" target=\"_blank\" alt=\"Posted on $date at $time\" title=\"Posted on $date at $time\"><font size=2><b>$name</b></a>: $shout</font></td></tr>"; $xrow = 0; } } } if($pg == 1){ if($tshouts > 10){ print "<tr bgcolor=#ffffff><td><center><font size=1 color=#ffffff><a href=shoutbox.php?page=2> Next Page (2) </a></font></center></td></tr>"; } } if($pg != 1){ $prev = $pg - 1; $next = $pg + 1; if($tshouts > $end){ print "<br> <tr bgcolor=#cccccc><td><center><font size=1 color=#ffffff><a href=shoutbox.php?page=$prev> Previous ($prev)</a> | <a href=shoutbox.php?page=$next> Next Page ($next) </a></font></center></td></tr> "; } else { print "<tr bgcolor=#cccccc><td><center><font size=1 color=#ffffff><a href=shoutbox.php?page=$prev> Previous ($prev)</a></font></center></td></tr>"; } } print "</table>"; ?> </td> </tr> </table>

Don't know if it is supposed to be like so, but when you click 'edit site' it does not load any of the information previously inputted into the database.

OK, I have been trying to figure this out forever. Google has not given me any promising answers either...so I resort to the place that has all the answers, phpfreaks Well, here is my problem.. if you hadn't noticed, I posted prior for help on how to use BBcode.. which I have found my answers, now I have a new problem. When someone clicks on my (url) or (img) button, how do I use a prompt to ask for the URL or the LINK to the image? I know javascript has this option and it is very easy.. Is there a way to pass that variable from a javascript variable into my form? I know this is the code to put data into a form, window.opener.document.forms['post_news'].elements['news'].value+='$urltext'> I am lost, :-\

A lot of forums use this type of linking system, as to prevent users from inputting html. If I wanted to include something similar in my news posting script, how would I go about this? I am not very fluent with php, I know basics, but when it comes to manipulating strings, etc, I am very new... as you can probably tell with my previous questions. Anyways, to further elaborate and explain my question, I want to know how to make links like so: [link url=http://xxxx](link text goes here)[/link] Furthermore, what if I wanted to do the same thing with images? Such as: http://[/img] Now, I realize that I will most likely have to do str_replace("[/img]", "</img>", $string); However, I guess my real question would be how to extract the URLs into variables and place them in the right place. If this is confusing I appologize, but I appreciate any help. Thanks in advance.

First, I'd like to say thanks to all of you, I appreciate the quick response and effort you put in to helping me secure my website. By the way, Do you like how it is set up? I appreciate feedback/criticism. Thanks Fixed: Cross Site Scripting: http://www.imperialized.net/login.php?username="><marquee><h1>Corey Fixed: Array: ]http://www.imperialized.net/login.php?username[] Fixed: Cross Site Scripting: You can submit ">code when adding a comment. Fixed: Cross Site Scripting: You can submit ">code when editing your profile. edit: Fixed: Cross Site Scripting: http://www.imperialized.net/view_profile.php?user=%3Cmarquee%20direction=right%20behavior=alternate%3Evunerable%3C/marquee%3E I imagine I need to fix my registration as well, to prevent HTML code, but I gotta go to work so I will have to do it later

I see what you did here, but how can I go about fixing this? For the User_Details.php.... would you recommend checking the username presented with the database, if the user is not there, error if the user is present, allow the script to continue? How do I fix the edit_profile to prevent HTML, or any code, rather from being presented?

Works perfectly. I had tried that, but I had a typo in my code and it was returning 0 results. Thanks!

I tried to do a search for this, but it didnt show any results. Its easy what I am trying to do, I just can't figure it out. Basically, I am working on my Member_list and i want to provide an alphabet of links (clickable by the user) and will display only the users whose name starts with that letter Such as: member_list.php?letter=A displays: Amanda Alex Aaron For letter=B Brandon Bernard you catch my drift, I just can't seem to figure it out :-\

My website is www.imperialized.net I am somewhat new to PHP and just work on it in my spare time. However, I am not very good with security and I am sure there are some vulnerabilities that could use some looking at. If any of you have some time, I would appreciate if you could give it a look! ps. It does require a login, I will create a username/pass for you to use. please use Login: Guest password: test also, I know that the member list is down, I am currently working on it. Thanks

wildteen88, works perfectly. Very simple as well, I should have known Thanks for the help. Much appreciated.

for your $connect question, even though you are setting it to a variable the connect code still runs. For example: if you were to use $number = 1 + 1; it will still make $number = 2. So you see, when using variables the code is still executed. For the other question, how is the Table created when it is assigned to the variable: After you assigned the first variable, your $result = mysql_query($x); <-- this is where the table is created. You query your first variable here, which just helps keep it clean. I hope this helps you, I can further elaborate if you need but I gotta get heading to work.

OK, here is my predicament. I have 2 .txt files with information directly correlating with each other. What I am trying to do is write an emoticons script for my news script. I have accomplished this in a very bulky way, I had to type everything out. $replacednews = str_replace("", "<img src=\"emoticons/1.gif\" border=0>", $shortnews); // Face $replacednews = str_replace("", "<img src=\"emoticons/10.gif\" border=0>", $replacednews); // Face $replacednews = str_replace("", "<img src=\"emoticons/11.gif\" border=0>", $replacednews); // Sweating Face Face $replacednews = str_replace("", "<img src=\"emoticons/3.gif\" border=0>", $replacednews); // Sad Face $replacednews = str_replace("", "<img src=\"emoticons/5.gif\" border=0>", $replacednews); // Grin Face $replacednews = str_replace(":greensmoke:", "<img src=\"emoticons/cigarette.gif\" border=0>", $replacednews); // Green smoking Face $replacednews = str_replace(":smokechill:", "<img src=\"emoticons/smokin_chillen.gif\" border=0>", $replacednews); // smoking Face However, in order to make it replace new smiles, I'd have to manually type in the code. The text files contain the smilie text faces in one and the image that relates to which face in the other. Each entry is parallel to the one it relates to. ex: is on line 1 of the smilie.txt and 1.gif is on line 1 of the other text file. So my question is: How do I automate this process of replacing so that I can just edit the text files and it will do all this automatically.