Jump to content


  • Posts

  • Joined

  • Last visited


Profile Information

  • Gender
    Not Telling

gammaman's Achievements


Member (2/5)



  1. Yes. I am doing exactly that. The next problem is that each category can have an undetermined about of sub categories. Those subcategories could also contain an undetermined amount of subcategories and so on. Any suggestion on the best way to handle this? Should I create tables for all the subcategory levels? I think this is a bit much. I was thinking of somehow assigning an index to each "category" which will determine how deeply nested it is.
  2. Hello again. I am trying to pass the link text name through $_GET to display.php using a funciton which finds the link text. <body> <ul class="sf-menu"> <li class="current"> <a href="display.php?category=">Entertainment</a> <ul> <li> <a href="#aa">menu item that is quite long</a> </li> <li class="current"> <a href="#ab">menu item</a> <ul> <li class="current"><a href="#">menu item</a></li> <li><a href="#aba">menu item</a></li> <li><a href="#abb">menu item</a></li> <li><a href="#abc">menu item</a></li> <li><a href="#abd">menu item</a></li> </ul> </li> Let's just take this small piece for example <li class="current"> <a href="display.php?category=">Entertainment</a> <ul> <li> I want category here to = Entertainment. I don't just want to type it b/c what if I have thousands of category's. Is there some way to do this?
  3. I am trying to search a multi-dimentional array to see if it contains one or more values within another array. Here is the array I am trying to search. It is a from a function which returns an array of the meta data found in a specified website Array ( [title] => Video Games, Wikis, Cheats, Walkthroughs, Reviews, News & Videos - IGN [metaTags] => Array ( [description] => Array ( [html] => <meta name="description" content="IGN is your site for Xbox 360, PS3, Wii, PC, 3DS, PS Vita & iPhone games with expert reviews, news, previews, trailers, cheat codes, wiki guides & walkthroughs" /> [value] => IGN is your site for Xbox 360, PS3, Wii, PC, 3DS, PS Vita & iPhone games with expert reviews, news, previews, trailers, cheat codes, wiki guides & walkthroughs ) [robots] => Array ( [html] => <meta name="robots" content="noodp, noydir" /> [value] => noodp, noydir ) [copyright] => Array ( [html] => <meta name="copyright" content="IGN Entertainment, Inc." /> [value] => IGN Entertainment, Inc. ) ) ) Here is the function I am trying to use to do the search function recursive_array_search($needle,$haystack) { foreach($haystack as $key=>$value) { $current_key=$key; if($needle===$value OR (is_array($value) && recursive_array_search($needle,$value) !== false)) { return true; } } return false; } Finally, here is the call to get the array of meta data, the array of search items to look for and the function call to the recursive_array_search $link = getBaseURL(); $metadata = getUrlData($link); // this function returns the array of all the meta-data $needle = array("PC","abc"); if(recursive_array_search($needle,$metadata) == true){ echo "VIOLATION"; } I want this to return true b/c at least one of the items in the search items array is found within the array of meta-data.
  4. Hello. I am trying to prevent sql injections on a site that I am creating. I am just not sure if my approach is correct and completely secure. I am looking for some pointers and insight. If anyone could provide some tips and pointers where I might have some security holes, it would be greatly appreciated. //test.php <html> <head> </head> <body> <?php //contains all php work functions include("workfunctions.php"); //contains the link submition form include("submitform.php"); //will contain the html dynamic rollover menu include("example.html"); //do the sql query selectQuery(); ?> </body> </html> //the html form <form action = "validate.php" method="post"> <input type="text" name="link"/> <input type="submit" name="Submit" value="Submit"/> </form> //validate.php <?php include("workfunctions.php"); //open the session session_start(); //establish a connection with the database. //get the base url by stripping slashes down to base web address. $urlExtensions = array (".com" => ".com", ".net" => ".net", ".org" => ".org", ".edu" => ".edu"); $count = substr_count_array($_POST['link'],$urlExtensions); if($count < 1) { echo "Sorry, we are unable to identify this web address. It appears you have forgotten to include the url extension:\n"; echo "1.http://www.site.ext\n"; echo "2.www.site.ext\n"; echo "3.site.ext\n"; } else{ insertQuery(); } ?> //workfunctions.php <?php //function to do the selectQuery which will eventually be based off of the menu selection function selectQuery() { $con = new mysqli("localhost", "root", "","mysql"); $query = $con->query("select address from sites"); //$result = mysql_query($query); if(!$query){ $message = 'Invalid Query:' . mysql_error() . "\n"; die($message); } while($row = $query->fetch_assoc()){ $link = $row; $site = substr($row['address'],7); echo "<a href={$link['address']}>$site</a>"."<br />\n"; } //mysql_free_result($result); return $query; } ?> <?php //function to insert new links into the database function insertQuery() { $con = new mysqli("localhost", "root", "","mysql"); getBaseURL(); $insertQuery = $con->query("insert into sites(address)values(('".$_SESSION['newLink']."'))"); //$result = mysql_query($query); if(!$insertQuery){ $message = 'Invalid Query:' . mysql_error() . "\n"; die($message); } //mysql_free_result($result); return $insertQuery; } ?> <?php //function to get base url function getBaseURL(){ /*If string contains http:// , trim it off. Next, remove slashes from web address to get base url. Finally reatach the http:// in the front of the address */ if(substr_count($_POST['link'],'http://') > 0){ echo ("Contains http://"); if(substr_count($_POST['link'],'/')>2){ echo "Here count / is greater than 2"; $_SESSION['link'] = trim($_POST['link'],"http://"); echo ($_SESSION['link']); $_SESSION['explode'] = explode("/",$_SESSION['link']); echo ($_SESSION['explode'][0]); $_SESSION['newLink'] = ("http://" . $_SESSION['explode'][0]); echo ("The new link is" . $_SESSION['newLink']); } } /* If string does not contain http://, remove the slashes from the address Then re-attach the http:// to the front of the string */ else if((substr_count($_POST['link'],'http://') <= 0) && (substr_count($_POST['link'],'www.')>0)){ echo ("Does not contain http://"); if(substr_count($_POST['link'],'/')>0){ $_SESSION['link'] = explode("/", $_POST['link']); $_SESSION['newLink'] = ("http://" . $_SESSION['link'][0]); } } /* If string does not contain http:// or www, remove the slashes and add both http:// and www. to the front of the web address */ else if((substr_count($_POST['link'],'http://')<=0) && (substr_count($_POST['link'],'www.') <=0)){ $_SESSION['link'] = explode("/", $_POST['link']); $_SESSION['newLink'] = ("http://www." . $_SESSION['link'][0]); } return $_SESSION['newLink']; } ?> <?php // function to search web address for the existance of an url extension function substr_count_array( $haystack, $needle ) { $count = 0; foreach ($needle as $substring) { $count += substr_count( $haystack, $substring); } return $count; } ?>
  5. Never mind. Got it working. Turns out it was writing to the DB. On my testing page where the links are displayed is where the problem lied.
  6. I am trying to strip a url submitted via a form, down to the base address and then insert it into a database. So assuming the url submitted reads www.abc.com/123/456/789/111 The url submitted to the database should be www.abc.com I am trying to use the explode function to achieve this. When I echo after doing the explode, the echo contains what I want. However when I try to write to the database, nothing gets written. <?php include("connect.php"); session_start(); connect(); // session_register('link'); $_SESSION['link'] = explode("/", $_POST['link']); echo $_SESSION['link'][0]; $insertQuery = "insert into sites(address)values(('".$_SESSION['link'][0]."'))"; mysql_query($insertQuery); ?>
  7. OK well then I have another question. Not really related but I did not want to open a new post. Can someone please show me how to work with $_SESSION variables so that I can carry form values across multiple pages?
  8. OK so I have this form with 2 input boxes and two drop downs. When a choice is made on the second drop down I would like the page to reload keeping the values in all the fields. Then based on the value posted for that second drop down, I would like additional form fields to appear. Can this be accomplished with just html and php? Or do I need javascript? In either case, some guidance would be appriciated.
  9. my bad. In my haste I forgot to put the "location:" for the header redirect.
  10. I have an index.php page which of course loads from root by default. I have code there that says if $user and $pass are not set, to redirect to login.php. It does not redirect them. Is this possible to do? How?
  11. I need help inserting multiple rows into an Oracle database. I get some errors. I think it is because I need to be using a loop to do the insert but I do not know how. I could also possibly be doing the binding wrong. I start out with a form and then POST to a PHP page and go from there. Here is a short hand form. Not the full code. for($i=0;$i<=10;$i++) { <input fname="first[]/> <input lname="last[]"/> <input age ="age[]"/> } $fname = $_POST[&#39;first&#39;]; $lname = $_POST[&#39;last&#39;]; $age = $_POST[&#39;age&#39;]; ** NOTE: These are now arrays. ***** I think somewhere here I need to do a loop for the insert $result = oci_parse&#40;$conn, &#39;INSERT INTO TABLE &#40;first,last,age&#41; VALUES &#40;:first,:last,:age&#41;&#39;&#41;; **** I get an error on the binds saying I cannot have an array to string conversion. oci_bind_by_name&#40;$result, &#39;:first&#39;,$first&#41;; oci_bind_by_name&#40;$result, &#39;:last&#39;,$last&#41;; oci_bind_by_name&#40;$result, &#39;:age&#39;,$age&#41;; Since all of the fields are not null and I have ten rows in the form according to the for loop, I would like to somehow check to see which rows are blank. Meaning that they were not filled out and get rid of them. Otherwise there would be an error on insert becasue the fields are not null.gammaman
  12. Yes exactly. Obviously in a real world situation I would be submitting more than just a name to the form.
  13. Ok I have a form as follows echo '<form action = "test.php" method="pos">'; echo 'name:<input name ="id" type="text">'; echo '<input name="Submit1" type="submit" value ="submit"/>'; //test.php mysql_select_db("whatever") $name = $_POST["id"]; // then do some table insert How would I do multiple values at once. Can I use an array somehow and then use a foreach to loop through? What would this look like?
  14. Ok this is somewhat confusing but I will try to make the best of it. I have these two html pages inside php includes that appear and go away under certain condi tions. one of those pages is just la long list with a bunch of <a#> tags. And is displayed by default. So if I was on the main page I would see this long list on the right and on the left I would click a link say "K" and so the page would jump down on the list to where #K is, changing the address of the page from abc.htm to abc.htm#K. Now say I want to do something else. I click a different link. An href that looks like this. <a href=abc.htm?name=test>test</a> I have some php code that says as long as $_GET is NOT SET. It loads the long list above, which of course happens by default when $_GET does not yet exist. I continue the php code to say if it is set, say for example else if ($_GET[ 'name'])=='test') include "xyz.htm") this will take away that long list and put the new page in its place. This will now change the link from abc.htm#K to abc.htm?test. But what happens if I click one of the anchor links on the left again. Say K. Now instead of the page being abc.htm#K it is abc.htm?test#K. In effect it still loads the list but the content from the else if include above , xyz.htm is still on the page.
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.