MiCR0
-
Posts
114 -
Joined
-
Last visited
Never
Posts posted by MiCR0
-
-
can not be done unless upload a .zip file and then unzip it with in your code somewhere however very not recommand action. Only one Image at a time can be uploaded. if you want stuff like this best to fo a FTP access so people can write only at a give size and format type.
-
hmm well that sounds very odd too me, as I never used that bundle I just do not know.
I recommend using XAMPP much easier as well as all settings like that are already turned on for you and working.
http://www.apachefriends.org/en/index.html
sorry i can not be anymore help anymore have ran out of ideas.
-
here is how I do it
config.php
<?php $dbhost = "localhost"; $dbuser = "";// user name $dbpassword = "";//password to database $dbdatabase = "";// databasename $config_basedir = "http://localhost/";// address of website $config_frommail = "admin@websiteaddress.com";// E-mail address for formail ?>
db.php
<?php require("config.php"); $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbdatabase, $db); ?>DONE
now when I am wanting a page to use the database i just call at the top of the page
require("db.php");
much easier...
-
arrrrrrrrrrr "apache php and MySQL all in a nice bundle"
Ok i think i know what is the problem.
make a new file
info.php
inside it write
<?php
echo phpinfo();
?>
now view this page and look at (Loaded Configuration File) is this the php.ini file you have been edited? go check as them bundles normal have a few php.ini files.
Also do a search on that page for
file_uploads
upload_max_filesize
upload_tmp_dir
-
what is the web hosts OS? and no that is enough info from your php.ini file
also have u tried this
; Whether to allow HTTP file uploads. file_uploads = On ; Temporary directory for HTTP uploaded files (will use system default if not ; specified). ;upload_tmp_dir = "${path}\\tmp\" ; Maximum allowed size for uploaded files. upload_max_filesize = 5000M -
dude your trying to connect to mysql with no data you need to hold off the mysql commands until it has the DATA in your $_POST
if ($_POST) { // basic setup variables $site_name = mysql_real_escape_string($_POST['site_name']); $site_url = mysql_real_escape_string($_POST['site_url']); $administration_username = mysql_real_escape_string($_POST['administration_username']); $administration_password = mysql_real_escape_string($_POST['administration_password']); // mysql setup variables $mysql_server_name = mysql_real_escape_string($_POST['mysql_server_name']); $mysql_username = mysql_real_escape_string($_POST['mysql_username']); $mysql_password = mysql_real_escape_string($_POST['mysql_password']); $mysql_database_name = mysql_real_escape_string($_POST['mysql_database_name']); $mysql_table_prefix = mysql_real_escape_string($_POST['mysql_table_prefix']); $mysql_connect = mysql_connect("$mysql_server_name", "$mysql_username", "$mysql_password") or die(mysql_error()); } -
hmm I looked at your code and it should work i think there is a error in your php.ini file
Could you post it please
also what OS are you on and is SELINUX Disabled ? also iptables.
also try
copy($_FILES['subpic'][.tmp_name'],".tmp/" . $_FILES['subpic']['name']);
This should place a copy of the file in the .tmp directory with the same filename as the original.
however this one will not be removed after the page loaded. will help check if it is a write protected error i think its chmod 1777 needed.
read the apache error log
-
this maybe somewhat OTT for your needs but here
<?php if ($_POST||$_GET) { array_walk($_GET,'cclean'); array_walk($_POST,'cclean'); array_walk($_COOKIE,'cclean'); extract($_GET,EXTR_PREFIX_ALL,'get'); extract($_POST,EXTR_PREFIX_ALL,'post'); extract($_COOKIE,EXTR_PREFIX_ALL,'cookie'); if ($_GET) { foreach ($_GET as $k => $v) { $_GET[$k] = mysql_real_escape_string(RemoveXSS(cleanValue(trim(stripslashes ($v))))); $length = strlen($v); if ($length > 20 ){$v="";} if (is_numeric ($v)) { $length = strlen($v); if ($length > 11 ){$_GET[$k]="";} $_GET[$k] = intval ($v); } } } if ($_POST) { foreach ($_POST as $k => $v) { $_POST[$k] = mysql_real_escape_string(RemoveXSS(cleanValue(trim(stripslashes ($v))))); $length = strlen($v); if ($length > 20 ){$_POST[$k]="";} if (is_numeric ($v)) { $length = strlen($v); if ($length > 11 ){$_POST[$k]="";} $_POST[$k] = intval ($v); } } } if ($_COOKIE) { foreach ($_COOKIE as $k => $v) { $_COOKIE[$k] = RemoveXSS(cleanValue(trim(stripslashes ($v)))); if (is_numeric ($v)) { $_COOKIE[$k] = intval ($v); } } } } function RemoveXSS($val) { $val = preg_replace('/([\x00-\x08][\x0b-\x0c][\x0e-\x20])/', '', $val); $search = 'abcdefghijklmnopqrstuvwxyz'; $search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; $search .= '1234567890!@#$%^&*()'; $search .= '~`";:?+/={}[]-_|\'\\'; for ($i = 0; $i < strlen($search); $i++) { $val = preg_replace('/(&#[xX]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val); $val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); } $ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base'); $ra2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload'); $ra = array_merge($ra1, $ra2); $found = true; while ($found == true) { $val_before = $val; for ($i = 0; $i < sizeof($ra); $i++) { $pattern = '/'; for ($j = 0; $j < strlen($ra[$i]); $j++) { if ($j > 0) { $pattern .= '('; $pattern .= '(&#[xX]0{0,8}([9ab])'; $pattern .= '|'; $pattern .= '|(�{0,8}([9|10|13])'; $pattern .= ')*'; } $pattern .= $ra[$i][$j]; } $pattern .= '/i'; $replacement = substr($ra[$i], 0, 2).'<x>'.substr($ra[$i], 2); $val = preg_replace($pattern, $replacement, $val); if ($val_before == $val) { $found = false; } } } return $val; } function cleanValue($_value) { $_value = stripslashes(strip_tags($_value)); $_value = str_replace(array('delete', 'DELETE', 'rm -', ' ', '!', '|', '?', '&', '=', '-', '`', "'", '"', '\\\\', '\\', '//', '/', ',', ';', ':', '*', '>', '<' ), '', $_value); return trim($_value); } function cclean($value) { if (get_magic_quotes_gpc()) $value = stripslashes($value); if (!is_numeric($value)) $value = mysql_real_escape_string($value); return $value; } ?> -
http://www.fornewbie.com/mysql/upload_image_file_mysql_database_php_tutorial.html
http://www.tizag.com/phpT/fileupload.php
http://www.phpeasystep.com/workshopview.php?id=2
if u mean just them give a URL and it loads the image then its just take a form and then POST back the info and u have the url do what u like with it.
-
worked it out
-
It depends on what Linux you are on however FC you can kick out of php to run Linux command with
system("cd /home/whereEver;nohup ./myscipt --commands > /dev/null & echo $!;";the "> /dev/null & echo $!" changes from versions of Linux however it is needed to stop hanging of a command if you are not looking for as reply.
You could also use shell_exec("whatever ");
-
I do not know what use a Div tag in a hidden field for however you could use 1 more hidden with a number in it which u can ref in your code to use a div tag like.
function addDivTags($ID,$input) { $tags[1] = '<div align="right">'.$input.'</div>'); $tags[2] = '<div align="left">'.$input.'</div>'); return $tags[$ID]; } -
Am working on a game and am trying to work out the delay speed of a computer...
the higher the number the better there CPU is same with ram and Overclocking etc
so a computer with CPU level 1 is not as good as someone with a CPU level of 5 etc...
so the faster the CPU RAM CPUbit Overclocked is the short the delay would be..
Also there is how many Tasks are running on that computer which would / the total of the computer speed by the count of tasks..
Also the Size of the File that the user is moving means it would be a longer delay the bigger the file size.
$delay = ($PC->Overclocked * $PC->CPU * $PC->CPUbit * $PC->RAM / $numrows) * $proc->size;
the above is WAY WAY to big works out to 2MB every 90 Hours.
Could someone please help me with this as I am very stuck with this logic.
Thanks
-
Still looking for partnership or helpers Credits will be given.
Project is almost 50% done.
-
I have run into a Big problem with searching for a range on an IP address via MySQL.
MySQL
`IP_Address` int(11) unsigned NOT NULL,
All of the IP's are written by IP2long() all seems to be working however when trying to search for an IP range I just can not work out why this is not working.
SELECT IP_Address FROM IPS WHERE IP_Address > $startlong AND IP_Address < $endlong
Linux 64 Bit System so it should not go into negative numbers any idea what is wrong please anyone?
-
that code I post works fine try making a new dir and placing the files there and testing it before you try adding your code too it.
-
ok looks to me like you have a bug at the top
<?php $page_title = 'once ('../head.php'); ?>
what is with all of the php tags when its all php?
ok anyways what u want to do is length check all of the inputs like this.
$length1 = strlen($firstname); if ($length1 > 15 ){ $firstname = ''; echo "ERROR first name to big"; }you also are not even checking for valid data and cross scripting.
function RemoveXSS($val) { $val = preg_replace('/([\x00-\x08][\x0b-\x0c][\x0e-\x20])/', '', $val); $search = 'abcdefghijklmnopqrstuvwxyz'; $search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; $search .= '1234567890!@#$%^&*()'; $search .= '~`";:?+/={}[]-_|\'\\'; for ($i = 0; $i < strlen($search); $i++) { $val = preg_replace('/(&#[xX]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val); $val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); } $ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base'); $ra2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload'); $ra = array_merge($ra1, $ra2); $found = true; while ($found == true) { $val_before = $val; for ($i = 0; $i < sizeof($ra); $i++) { $pattern = '/'; for ($j = 0; $j < strlen($ra[$i]); $j++) { if ($j > 0) { $pattern .= '('; $pattern .= '(&#[xX]0{0,8}([9ab])'; $pattern .= '|'; $pattern .= '|(�{0,8}([9|10|13])'; $pattern .= ')*'; } $pattern .= $ra[$i][$j]; } $pattern .= '/i'; $replacement = substr($ra[$i], 0, 2).'<x>'.substr($ra[$i], 2); $val = preg_replace($pattern, $replacement, $val); if ($val_before == $val) { $found = false; } } } return $val; } function cleanValue($_value) { $_value = stripslashes(strip_tags($_value)); $_value = str_replace(array('delete', 'DELETE', 'rm -', ' ', '!', '|', '?', '&', '=', '-', '`', "'", '"', '\\\\', '\\', '//', '/', ',', ';', ':', '*', '>', '<' ), '', $_value); return trim($_value); }using the above functions you can use them on all of your POST etc like this
$firstname = mysql_real_escape_string(cleanValue(RemoveXSS($_POST['firstname'])));
and Last when you do a form there basic HTML code to LOCK input length this is called maxlength
as show here
<td><input type="text" name="website" maxlength="50" size="22" value="'.$website.'" /></td>
-
sounds like your not error checking your POST/GET etc.
your need to post all of the code in order to see the problem.
-
ok I think i see what you are trying to do, well 1st you should know that this session can easy be hacked and is very unsafe however for learning its a good way to start.
here is a basic system that I think you are looking for.
userlogin.php
<?php require("config.php"); require("db.php"); require("functions.php"); session_start(); if($_SESSION['SESS_USERNAME']) { header("Location: " . $config_basedir . "index.php"); } if($_POST['submit']) { $sql = "SELECT * FROM users WHERE username = '" . pf_fix_slashes($_POST['username']) . "' AND password = '" . md5(pf_fix_slashes($_POST['password'])) . "'"; $result = mysql_query($sql); $numrows = mysql_num_rows($result); if($numrows == 1) { $row = mysql_fetch_assoc($result); session_register("SESS_USERNAME"); session_register("SESS_USERID"); session_register("SESS_USERLEVEL"); $_SESSION['SESS_USERNAME'] = $row['username']; $_SESSION['SESS_USERID'] = $row['id']; $_SESSION['SESS_USERLEVEL'] = $row['level']; header("Location: " . $config_basedir); } else { header("Location: " . $config_basedir . "/userlogin.php?error=1"); } } else { require("header.php"); echo "<h1>Login</h1>"; if($_GET['error']) { echo "<p>Incorrect login, please try again!</p>"; } ?> <form action="<?php echo $SCRIPT_NAME ?>" method="post"> <table> <tr> <td>Username</td> <td><input type="text" name="username"></td> </tr> <tr> <td>Password</td> <td><input type="password" name="password"></td> </tr> <tr> <td></td> <td><input type="submit" name="submit" value="Login!"></td> </tr> </table> </form> <?php} ?>config.php
<?php $dbhost = "localhost"; $dbuser = "root"; $dbpassword = ""; $dbdatabase = "?"; $config_basedir = "http://localhost/"; ?>
db.php
<?php require("config.php"); $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbdatabase, $db); ?>functions.php
<?php function pf_fix_slashes($string) { if (get_magic_quotes_gpc() == 1) { return($string); } else { return(addslashes($string)); } } function pf_check_number($value) { if(isset($value) == FALSE) { $error = 1; } if(is_numeric($value) == FALSE) { $error = 1; } if($error == 1) { return FALSE; } else { return TRUE; } } ?>userlogout.php
<?php session_start(); require("config.php"); session_unregister("SESS_USERNAME"); session_unregister("SESS_USERID"); session_unregister("SESS_USERLEVEL"); header("Location: " . $config_basedir); ?>now for the session access code you can do from the level that you set up like the following
if ($_SESSION['SESS_USERLEVEL'] == 10) { }to use this session you would add in your header.php things like this
session_start(); <?php if($_SESSION['SESS_USERNAME']) { echo "Logged in as <strong>" . $_SESSION['SESS_USERNAME'] . "</strong> - <a href='userlogout.php' >Logout</a>"; } else { echo "<a href='userlogin.php' >Login</a>"; } ?>Hope this helps.
For a real live site there is a free GPL Class system called DB_eSESSION which is safe 1 class which will handle all of the session stuff for you.
-
I personal like xampp better however using wamp is fine.
I am going to take a guess here and say you not set up your database right.
You need to get into phpmyadmin (wamp should have this ) and set it up that way from there you can export your database as well as easy edit anything you like
-
You really should be using a development system so you have full control of everything.
<?php // get php info echo phpinfo(); ?>
phpmyadmin is a nice GUI for access to the database where you can export/edit data very easy.
I recommend the all in one package apachefriends http://www.apachefriends.org/en/xampp.html for development of php
-
lol ok this is very odd post your php version and small database export and mysql version
-
<?php require_once 'library/db.php'; //require_once 'error.php'; if (!($conn = mysql_connect('localhost', 'root', ''))) { showError(); } if (!(mysql_select_db('itsupport', $conn))) { showError(); } $a = RemoveXSS(cleanValue($_GET['User_ID']));// safe $result = mysql_query("SELECT * FROM contacts WHERE User_ID='" . $a . "'"); $numrows = mysql_num_rows($result); if ($numrows == 1) { // yes it has data $row = mysql_fetch_assoc($result); }else{ showError(); } mysql_close($conn); function RemoveXSS($val) { $val = preg_replace('/([\x00-\x08][\x0b-\x0c][\x0e-\x20])/', '', $val); $search = 'abcdefghijklmnopqrstuvwxyz'; $search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; $search .= '1234567890!@#$%^&*()'; $search .= '~`";:?+/={}[]-_|\'\\'; for ($i = 0; $i < strlen($search); $i++) { $val = preg_replace('/(&#[xX]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val); $val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); } $ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base'); $ra2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload'); $ra = array_merge($ra1, $ra2); $found = true; while ($found == true) { $val_before = $val; for ($i = 0; $i < sizeof($ra); $i++) { $pattern = '/'; for ($j = 0; $j < strlen($ra[$i]); $j++) { if ($j > 0) { $pattern .= '('; $pattern .= '(&#[xX]0{0,8}([9ab])'; $pattern .= '|'; $pattern .= '|(�{0,8}([9|10|13])'; $pattern .= ')*'; } $pattern .= $ra[$i][$j]; } $pattern .= '/i'; $replacement = substr($ra[$i], 0, 2).'<x>'.substr($ra[$i], 2); $val = preg_replace($pattern, $replacement, $val); if ($val_before == $val) { $found = false; } } } return $val; } function cleanValue($_value) { $_value = stripslashes(strip_tags($_value)); $_value = str_replace(array('delete', 'DELETE', 'rm -', ' ', '!', '|', '?', '&', '=', '-', '`', "'", '"', '\\\\', '\\', '//', '/', ',', ';', ':', '*', '>', '<' ), '', $_value); return trim($_value); } ?> -
edited it
[SOLVED] bandwidth calculator with time help needed
in PHP Coding Help
Posted
I am trying to work out the maths to build 2 functions download and upload any help would be great.
trying to work out how long it would take to download a file with there connection speed, as in time()+5000 until file would be finished.
Here is some of the speeds
function GetSpeed($Speed) $SPEEDS[ 1] = array('DownSpeed' => 56000, 'UpSpeed' => 48000, 'NAME' => 'Modem 56k (V.92)'); $SPEEDS[ 2] = array('DownSpeed' => 64000, 'UpSpeed' => 64000, 'NAME' => 'ISDN 64k'); $SPEEDS[ 3] = array('DownSpeed' => 128000, 'UpSpeed' => 128000, 'NAME' => 'ISDN 128k'); $SPEEDS[ 4] = array('DownSpeed' => 1544000, 'UpSpeed' => 1544000, 'NAME' => 'T1'); return $SPEEDS[$Speed];$speed = GetSpeed(1);
//$filedetails->size // files size in bytes
$speed['DownSpeed']/1024?? lost