Jump to content

Mchl

Staff Alumni
  • Posts

    8,466
  • Joined

  • Last visited

Everything posted by Mchl

  1. I did not mean that. What I meant is that you should check for any way someone else could get access to your account. Moving to another hosting will not help if you have spyware that steals your ftp passwords on your PC.
  2. In other words: change your passwords, do not store passwords in your ftp program, check your PC for malware, check for vulnerabilities on other pages on this account.
  3. I was referring more to the idea of cramming as much functionality as possible into a single class (that's how I understood OP's wishes)
  4. If you really wish to go in this direction, you can use call_user_func_array This undoubtly an interesting approach and I'm sure you've got a lot of fun developing it. Just be aware that it's breaking many of well established rules of OOP like: http://en.wikipedia.org/wiki/Single_responsibility_principle http://en.wikipedia.org/wiki/Interface_segregation_principle http://en.wikipedia.org/wiki/Don%27t_repeat_yourself
  5. The code you posted is exactly that.
  6. In other words: change your passwords, do not store passwords in your ftp program, check your PC for malware, check for vulnerabilities on other pages on this account.
  7. In general you should, because 4.x versions are no longer supported. In particular, this should not be the cause of this error. What does var_dump($xmlData); show? Do you have error_reporting enabled?
  8. XSS attacks are only possible with dynamic pages. Static HTML can only be modified by someone acquiring access to your hosting account.
  9. Use JS datepicker like this one: http://www.frequency-decoder.com/demo/date-picker-v2/ there are many more available
  10. You already have some code in place See: if (file_exists($html_path.$file)) include $html_path.$file; Now change it to: if (file_exists($html_path.$file)) { include($html_path.$file); } else { include('404.html'); //or whatever - just make sure the file IS actually there. } If you still see blank page, there might be something wring with your paths. You might want to use require instead of include(), which will tell you if it can find the file or not
  11. Yes. Or maybe no. I'm not sure. I didn't see your code
  12. The question is: how do you recognise a bad request? What does your page variable stand for?
  13. I assume, that on your application you check if $_GET['page'] variable is something meaningful (e.g. there's some content related to it in database), or it's just garbage. If it's garbage, use header() to redirect. Example with MySQL: <?php $page = mysql_real_escape_string($_GET['page']); //make sure nothing harmful get's injected into query $sql = "SELECT ... FROM pages WHERE page = '$page'"; $result = mysql_query($sql); if(mysql_num_rows($result) == 0) { //check if any rows got returned //redirect to 404 } else { //display data }
  14. Here's one proposal: http://groups.google.com/group/php-standards/web/psr-0-final-proposal
  15. http://en.wikipedia.org/wiki/Newline
  16. Not only by him but also, as it was pointed out before, by Japanese.
  17. How do you know last portion is the correct portion to use? What if this guy entered his (full) name? http://en.wikipedia.org/wiki/Bill_Gates
  18. For email notifications for sure. For (in-browser) popups not necessarily.
  19. They run JavaScript script in the browser that periodically polls server for updates.
  20. !!! http://dev.mysql.com/doc/refman/5.1/en/comparison-operators.html#function_greatest
  21. For PHP >= 5.3.0 you can use $d = DateTime::createFromFormat('Y',1900); echo $d->format('L'); // 0
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.