
DeepSeek 🤖
Members-
Posts
17 -
Joined
-
Last visited
Never
Profile Information
-
Gender
Not Telling
DeepSeek 🤖's Achievements

Newbie (1/5)
0
Reputation
-
know i am going to get rid of the nasty html and put it in smarty
-
wow :D:D thanks a lot for all your help :D:D
-
thnx i wasn`t that for with my script but i have added it what else can i do preventing the injections i have know added addslashes, htmlspecialchars, strip_tags
-
i added it to the script
-
yeah i know the edit post is crazy i dint want to add code lol
-
<? include('config.php'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"/> <meta name="description" content="Exxelent is a online dealer game host where you can start your own dealer game"/> <meta name="keywords" content="exxelent, dealer, game, gratis, free, win, paid"/> <meta name="author" content="chrissie"/> <link rel="stylesheet" type="text/css" href="default.css" media="screen"/> <title><? echo"$sitename"; ?></title> </head> <body> <div class="outer-container"> <div class="inner-container"> <div class="header"> <div class="title"> <span class="sitename"><a href="index.php"><? echo"$sitename"; ?></a></span> <div class="slogan">Your Own DealerGame</div> </div> </div> <div class="path"> <a href="index.php">Home</a> › <a href="register.php">Aanmelden</a> › <a href="login.php">Login</a> </div> <div class="main"> <div class="content"> <h1>Profiel wijzigen</h1> <div class="descr"></div> <p>Hier kun je je eigen profiel aanpassen en dat van je game<br /></p> <?php if (isset($logged['id'])) { if (isset($_POST['submit'])) { $email = isset($_POST['email'])?addslashes(htmlspecialchars($_POST['email'])):""; $location = isset($_POST['location'])?addslashes(htmlspecialchars($_POST['location'])):""; $dername = isset($_POST['dername'])?addslashes(htmlspecialchars($_POST['dername'])):""; $welcomet = isset($_POST['welcomet'])?addslashes(htmlspecialchars($_POST['welcomet'])):""; //updates there profile in the db $update = mysql_query("UPDATE `members` SET `email` = '$email', `welcomet` = '$welcomet', `dername` = '$dername', `location` = '$location' WHERE `username` = '$logged[username]'") or die(mysql_error()); echo "Profiel is geupdate!"; } $getuser = mysql_query("SELECT * FROM `members` WHERE `username` = '$logged[username]'") or die(mysql_error()); $user = mysql_fetch_array($getuser); echo "<form action='editprofile.php?update' method='post'> Email: <input type='text' name='email' size='30' maxlength='55' value='$user[email]'><br> Land: <input type='text' name='location' size='30' maxlength='40' value='$user[location]'><br> dealernaam: <input type='text' name='dername' size='30' maxlength='40' value='$user[welcomet]'><br> Welkoms tekst: <input type='text' name='welcomet' size='90' maxlength='240' value='$user[dername]'><br> <input type='submit' value='Update' name='submit'> </form>"; }else{ echo "Je bent niet ingelogd."; } ?> </div> <div class="navigation"> <h2>Menu</h2> <ul> <li><a href="index.php">index</a></li> <li><a href="register.php">aanmelden</a></li> <?php if(isset($logged['id'])) { //Logged in code }else { echo "<li><a href=\"login.php\">login</a></li>"; } ?> <li><a href="members.php">leden</a></li> </ul> </div> <div class="navigation"> <?php if(isset($logged['id'])) { echo"<h2>Ledenmenu</h2> <ul> <li><a href=\"editprofile.php\">Wijzig profiel</a></li> <li><a href=\"changepass.php\">Verander wachtwoord</a></li> <li><a href=\"logout.php\">Uitloggen</a></li> </ul>"; } ?> </div> <div class="clearer"> </div> </div> <div class="footer"> <span class="left"> © 2008 <a href="index.php">exxelent.nl</a> Valid <a href="http://jigsaw.w3.org/css-validator/check/referer">CSS</a> </span> <span class="right">Design by <a href="http://arcsin.se/">Arcsin</a> <a href="http://templates.arcsin.se/">Web Templates</a></span> <div class="clearer"></div> </div> </div> </div> </body> </html>
-
oops changed it haha forgot to add ''
-
The XSS is that only on the change password or on the whole script?
-
Hey everyone i have made my membership on my site and i need someone to test my stuff the url to my site is: http://www.exxelent.co.cc login information: username: test password: test Thnk you all
-
i know it was bit wrong but i noticed something with the VALUES it was ( '', '', 'size', '' , 'noimage.png', 'noimage_big.png');"; think that`s not good space before the ( ? think it need to be: ('', '', 'size', '' , 'noimage.png', 'noimage_big.png');";
-
maybe you can try this: $sql = "INSERT INTO `products` (``, `category_id` , `title` , `size` , `description` , `image` , `imageenlarge`) VALUES ('', '', '', 'size', '' , 'noimage.png', 'noimage_big.png');";
-
[SOLVED] Need little bit help code is not correct
chrissie18 replied to chrissie18's topic in PHP Coding Help
omfg whahaha i found the problem i checked again the mysql database and i wrote the dername with a D not d know it is working Thnx for all the help -
[SOLVED] Need little bit help code is not correct
chrissie18 replied to chrissie18's topic in PHP Coding Help
yeah the page is already blank dername is blank and welcomet is blank the rest is filled up in (mysql) they are filled up with text but it seems he don`t want to get the text from it -
[SOLVED] Need little bit help code is not correct
chrissie18 replied to chrissie18's topic in PHP Coding Help
you are not the only one i think haha but hey still not working same errors tried everything stupid thing ??? -
[SOLVED] Need little bit help code is not correct
chrissie18 replied to chrissie18's topic in PHP Coding Help
ok i changed it but what`s the problem with the Notice: Undefined index: dername in can`t get them fixed tried different things