dannyb785
-
Posts
544 -
Joined
-
Last visited
Posts posted by dannyb785
-
-
definitely sequel.
Why "definitely"?
it's easier to say. And to me, saying each letter S Q L sounds too nerdy
-
I do all date formats with the php function strtotime(). that way you can easily convert the number into any sort of date format(time, month, day, year, etc)
-
definitely sequel.
-
Do you know how many rows you're supposed to be catching? maybe you're only catching a few.
-
when you move an uploaded file to a folder, you start with the folder name, not a "/" and you dont need any document root stuff. so go from:
$upfile = $_SERVER['DOCUMENT_ROOT'].'/images/'.$_FILES['image']['name'];
to
$upfile = 'images/'.$_FILES['image']['name'];
This is bc the move_uploaded_file moves relative to the current position. So if you root folder is public_html and you have the upload script there, you can't do "move uploaded file to 'public_html/images/image.jpg' " because there is no folder called public_html in your public_html folder.(if that made sense)
-
these all look like basic templates that you can buy on ebay 100 for $5...nothing really special...my advice: dont spend much money on a template...they are cheap as chips.
if someone can't afford a couple hundred bucks for a nice design(a custom design), there's nothing wrong with getting a nice $50 template from one of a bunch of sites(4templates and templatemonster are 2 favs). They look really nice(most anyways) plus you can get commission for a purchase if you refer someone.
I'd just recommend staying away from free templates... those usually suck
-
new lines made in a text field are only indicated with \n. not \r. so don't include \r in your function
-
^ did it work by you doing the string replace? Because if that's all you replaced, you need to do tests for other symbols like a space, percent, etc.
Show your working code.
-
or just:
unset($_POST);
that should do the trick
-
Any user can repeatedly submit a form if they know what they're doing. All they gotta do is revisit the page that processing was done on. What I'd suggest is before doing an insert, do a query searching for a row with all of the inputted credentials that are exactly the same. If you get a mysql_num_rows() > 0 then you can know if was refreshed and then skip the INSERT query. That's really the only way to protect refreshing from inserting multiple times.
-
when a user uploads an image, are you giving that image the same name as the uploaded one? like, if I upload main.jpg is that what you're calling it? If so, I recommend renaming it something with a unique name(like the username plus the timestamp or the image's id in the database).
Otherwise, are you filtering the images before uploading? Perhaps you're doing htmlentities() and it's changing the & into something else(I think it's & but not exactly sure). If that's what you're doing, I'd still suggest my first suggestion
-
If you want to override one style with another, the one that will be overriding needs to be explicitly stated in css form within the element.
So in your case, take away the width= and put 'style="width:33%" ' though I can't promise you'll get the results you're looking for, this is the way to override something you've previously declared
-
Yes, of course the user will still see it if they view the html, but as output to the page, if js is enabled, they won't see anything in between the tags(including the tags themself too)
-
In any event, you are asking for someone to provide the whole ball of wax. If you want that, then you should post in the freelancing forum and perhaps someone would be willing to do it for compensation.
I'm pretty sure all he typed was:
I'm assuming this requires JavaScript, but maybe it is something else or a combination of things. Can someone provide any guidance or point to examples on either or both of these?doesn't seem to me like he's asking for any code at all.
Here's my input. Do you use firefox? If not get it. If so, download the stumble application. And stumble things web programming-related. I had a bunch bookmarked, but lost the bookmarks(dont ask) but I remember stumbling across tons of ajax websites that give you code for tons of different methods, one of which being the auto-complete facebook-esque thing you're looking for.
-
Don't allow the user to alter the primary auto incremented key value. Create a new new column named mask_order or something similar and allow the user to change those values and then when you display them all, do "ORDER BY mask_order" in your query
-
What you'd need to do is have the <noscript> tag and in it have the login form(username and password and login button) and when clicked it'd process the login credentials and redirect to the home page as logged in user.
-
where are you getting the ip form. what is wrong with $_SERVER['REMOTE_ADDR'] or is it possiable to spoof that
Scott.
google 'ip spoofing'
-
What would be the point of spoofing an ip for an http transaction? For example, if I were able to make a request originating from, let's say, 192.168.1.1, I'll NEVER get the response. Pointless!
Also, why two or three digits? Surely, some public address out there has single digits in an octet. What are you trying to accomplish with the redirect?
Why are you asking my why I want to do this? I have my reasons. If you don't have an answer, why even post?
edit: you did have a point with single digits. I adjusted my validator to allow single digits in the ip.
-
Ok, so I have my client's site setup so that if the ip you are showing(whether spoofed or not) doesn't fit proper ip pattern(4 separate numbers either 2 or 3 digits separated by periods), it will redirect you somewhere else. My question is, since anyone can spoof their ip to be any of millions of ips that fit the pattern, is there a way I can check that the ip the user is giving me is a valid ip(that pertains to a valid computer). Because if I did an ip lookup of 111.111.11.11 I'm positive it'd give me no results.
So I'd like a way to check that the ip I am being shown is the real ip for a real computer and not just made up to fit the pattern
-
Yup, what he ^ said. Problem solved
-
ohhhhh...
well how about keeping all my folders set to 777 permissions then I get a call from paypal saying my server space has been used for phishing scams. I didn't get in troble, but my hosting company shut down my server temporarily til all files were removed.
-
good idea with the creating a folder next to public_html! I'll surely do it. Same with setting the database to only allow localhost, that is important! I didn't know it had that feature to be set. Thanks a bunch!
-
What's the point of this thread?
-
Hi, I have 2 main questions...
Firstly, since I have my mysql username and password(and all connection info) in a .php file, I know it can't be read if accessed, so does that make it completely safe from anyone being able to read it and get the information?
Secondly, even if someone did have my login info for the database, would they really be able to use my database on their server? Because I connect thru 'localhost' which I've seen is the same for other hosts, so I imagine that 'localhost' on another server couldn't possibly connect to my server. Or am I wrong in that assumption?
Lastly, I'm sure most of you guys's ftp directories go like "root -> public_html -> files visible by all" so that if I have a file in public_html, anyone can access it. But what if I put it in the root folder, and then was to access the file by doing "../file.php" with an include. Would it work correctly, and if so, would that prevent others from being able to view it?
Basically, in summary, what the absolute best, safest way to protect my database connection information?
How do you pronounce MySQL
in Miscellaneous
Posted
^ you need to chill