orange08
-
Posts
216 -
Joined
-
Last visited
Never
orange08's Achievements
Regular Member (3/5)
0
Reputation
-
or how can i make my site only viewable by myself but others cannot access(a maintenance page instead display for them)?
-
sorry, i can't get what you meant here. mind to explain your question again?
-
i get a tutorial, saying the following code can put our site offline, and only the developer can view the site RewriteEngine On RewriteBase / RewriteCond %{REMOTE_ADDR} ^111\.222\.333\.444$ RewriteCond %{REQUEST_URI} !^/maintenance\.php$ RewriteRule ^(.*)$ /maintenance.php [L] for the mentioned purpose, is that replace this line RewriteCond %{REMOTE_ADDR} ^111\.222\.333\.444$ with the developer ip address? then, how to replace our ip in this line: ^111\.222\.333\.444$ still need to put ^ \. and $ can give example in putting an ip address in this line? thx!
-
yup, i have tried before post the code here... even though i remove all php code at the top, only left there the following code <?php session_start(); ?> the page still will be loaded as blank... then, if i remove all php code including the <?php session_start(); ?>, then the page will never load as blank again... i'm really can't figure out what's the problem here.
-
yup, the error_reporting is on, but when the page is loaded as blank, no any error being output...
-
this is my login page that always will load as blank... <?php session_start(); include 'config.php'; include 'adcms_function.php'; include 'error_function.php'; include 'chkget.php'; function retrieve_data(){ $select_profile = mysql_query("SELECT * FROM submitter WHERE submitter_id=$_SESSION[logged_id]")or custom_error_handle(10); if(mysql_num_rows($select_profile)>0){ while($row = mysql_fetch_array($select_profile,MYSQL_ASSOC)){ if($row["submitter_id"]==$_SESSION['logged_id']){ $_SESSION['logged_email'] = htmlentities($row["sbm_email"]); $_SESSION['edit_gender'] = $row["sbm_gender"]; $_SESSION['edit_dob'] = $row["sbm_dob"]; $_SESSION['edit_dob'] = (string)$_SESSION['edit_dob']; $_SESSION['edit_dob'] = explode('-', $_SESSION['edit_dob']); $_SESSION['edit_yr'] = $_SESSION['edit_dob'][0]; $_SESSION['edit_mth'] = $_SESSION['edit_dob'][1]; $_SESSION['edit_date'] = $_SESSION['edit_dob'][2]; $_SESSION['edit_password'] = $row["sbm_password"]; $_SESSION['edit_usercreated'] = $row["create_user"]; $_SESSION['edit_sbmtm'] = $row["sbm_time"]; $_SESSION['edit_emailsent'] = $row["email_sent2u"]; $_SESSION['edit_lastlogin'] = $row["lastest_login"]; } } } } //end of function function reset_password($user_name,$mail,$key){ $user_name1 = htmlentities($user_name); $mail1 = htmlentities($mail); $header="MIME-version:1.0\r\n"; $header.="Content-type:text/html; charset=UTF-8\r\n"; $header.="Content-Transfer-Encoding:7bit\r\n"; $header.="From: mymail@mysite.com\r\n"; $subject="Reset Password"; $msg="<table><tr><td>"; $msg.="Dear $user_name1,"; $msg.="<br>"; $msg.="<br></td></tr></table>"; $msg.="For the security purpose, you are required to reset your password with the following link:<br>"; $msg.="<a href='http://www.mysite.com/change_password.php?resetemail=$mail1&resetkey=$key'>Reset Password link<br><br> </a>"; $msg.="If the above link is not supported by your email program, <br>"; $msg.="please copy and paste the following link to your browser.<br><br>"; $msg.="http://www.mysite.com/change_password.php?resetemail=$mail1&resetkey=$key"; $msg.="<br>"; $msg.="<br>"; $msg.="Regards,<br>"; $msg.="mysite Team"; $msg.="</td></tr></table></center>"; $mailpass=mail($mail,$subject,$msg,$header); } if (isset($_GET['status'])){ $urstatus = (int)$_GET['status']; if($urstatus==1){ session_destroy(); echo "<META HTTP-EQUIV='refresh' content='0;URL=index.php?page=1'>"; }else{ echo "Invalid Request"; exit(); } } if(isset($_POST['loginbtn'])){ $chk_sts = 'N'; $_SESSION['user_nm'] = mysql_real_escape_string($_POST['user_login']); $login_pass = sha1(mysql_real_escape_string($_POST['user_loginpass'])); $loginsql = mysql_query("SELECT * FROM submitter WHERE submitter_name='$_SESSION[user_nm]' AND sbm_password='$login_pass'")or custom_error_handle(10); if(mysql_num_rows($loginsql)>0){ while($row = mysql_fetch_array($loginsql,MYSQL_ASSOC)){ if($row["submitter_name"]==$_SESSION['user_nm']){ $_SESSION['logged_id'] = $row["submitter_id"]; $_SESSION['logged_user'] = $row["submitter_name"]; //$_SESSION['logged_email'] = $row["sbm_email"]; $chk_sts = 'Y'; } } retrieve_data(); // update user latest login date and time if($chk_sts=='Y'){ $SQLquery = "START TRANSACTION"; $SQLrst = mysql_query($SQLquery); $update_login = mysql_query("UPDATE submitter SET lastest_login=NOW() WHERE submitter_id=$_SESSION[logged_id]"); if(!$update_login){ $SQLquery = "ROLLBACK"; $SQLrst = mysql_query($SQLquery); }else{ $SQLquery = "COMMIT"; $SQLrst = mysql_query($SQLquery); } } }else{ echo "<center><table><tr><td bgcolor=#241502><big><span style='color: rgb(255, 0, 0); font-weight: bold;'>Invalid User Name or Password.</span></big></td></tr></table></center>"; } } if(isset($_POST['forgotpass'])){ if(empty($_POST['user_login'])){ echo "<center><table><tr><td bgcolor=#241502><big><span style='color: rgb(255, 0, 0); font-weight: bold;'>Please enter your user name.</span></big></td></tr></table></center>"; }else{ $user = mysql_real_escape_string($_POST['user_login']); $findpass = mysql_query("SELECT sbm_email FROM submitter WHERE submitter_name='$user'")or custom_error_handle(10); if(mysql_num_rows($findpass)>0){ while($row = mysql_fetch_array($findpass,MYSQL_ASSOC)){ $user_email = $row["sbm_email"]; } $user_key = generateKey(); $SQLquery = "START TRANSACTION"; $SQLrst = mysql_query($SQLquery); $updateKey = mysql_query("UPDATE submitter SET activate_key='$user_key' WHERE submitter_name='$user'"); if(!$updateKey){ $SQLquery = "ROLLBACK"; $SQLrst = mysql_query($SQLquery); }else{ $SQLquery = "COMMIT"; $SQLrst = mysql_query($SQLquery); reset_password($user,$user_email,$user_key); echo "<center><table><tr><td bgcolor=#241502><big><span style='color: rgb(255, 255, 0); font-weight: bold;'>Reset password link is sent to your email account.</span></big></td></tr></table></center>"; } } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta content="text/html; charset=utf-8" http-equiv="content-type"> <title>My Site</title> </head> <body style="background-color: rgb(37, 23, 4);"> <?php echo "test page!"; ?> <center> <table style="text-align: left; margin-right: auto; margin-left: auto;" bgcolor="#f5ba18" border="0" cellpadding="0" cellspacing="0"> <tbody> <?php include 'siteheader.php'; ?> <tr> <center><form action="index.php?page=1" method="post"><table bgcolor="#f5ba18" width="900px"> <tr> <td align="right" width="450px" height="100px"><b>User Name</b></td> <td align="left" width="450px"><input name="user_login" maxlength="15" size="25" value="<?php if(!empty($_SESSION['user_nm'])) echo htmlentities($_SESSION['user_nm']);?>"></td> </tr> <tr> <td align="right" width="450px"><b>Password</b></td> <td align="left" width="450px"><input name="user_loginpass" maxlength="10" size="25" type="password"></td> </tr> <tr> <td></td> <td align="left" height="100px"><input name="loginbtn" value="Log In" type="submit"><input name="forgotpass" value="Forgot Password" type="submit"></td> </tr> </table></form></center> </tr> </tbody> </table> </center> </body> </html> any problem of my code that causing my page sometime to load as blank page?
-
ok, thanks for the explain!
-
actually, i'm not understand with: it meant HTTP_USER_AGENT will changed due to human's action or automatically? i just worry if using this, then the changed of HTTP_USER_AGENT will cause my valid user being affected...
-
i would like to know whether User-Agent header or $_SERVER['HTTP_USER_AGENT'] is consistent enough? based on the following argument
-
this is my login page that always will load as blank... <?php session_start(); include 'config.php'; include 'adcms_function.php'; include 'error_function.php'; include 'chkget.php'; function retrieve_data(){ $select_profile = mysql_query("SELECT * FROM submitter WHERE submitter_id=$_SESSION[logged_id]")or custom_error_handle(10); if(mysql_num_rows($select_profile)>0){ while($row = mysql_fetch_array($select_profile,MYSQL_ASSOC)){ if($row["submitter_id"]==$_SESSION['logged_id']){ $_SESSION['logged_email'] = htmlentities($row["sbm_email"]); $_SESSION['edit_gender'] = $row["sbm_gender"]; $_SESSION['edit_dob'] = $row["sbm_dob"]; $_SESSION['edit_dob'] = (string)$_SESSION['edit_dob']; $_SESSION['edit_dob'] = explode('-', $_SESSION['edit_dob']); $_SESSION['edit_yr'] = $_SESSION['edit_dob'][0]; $_SESSION['edit_mth'] = $_SESSION['edit_dob'][1]; $_SESSION['edit_date'] = $_SESSION['edit_dob'][2]; $_SESSION['edit_password'] = $row["sbm_password"]; $_SESSION['edit_usercreated'] = $row["create_user"]; $_SESSION['edit_sbmtm'] = $row["sbm_time"]; $_SESSION['edit_emailsent'] = $row["email_sent2u"]; $_SESSION['edit_lastlogin'] = $row["lastest_login"]; } } } } //end of function function reset_password($user_name,$mail,$key){ $user_name1 = htmlentities($user_name); $mail1 = htmlentities($mail); $header="MIME-version:1.0\r\n"; $header.="Content-type:text/html; charset=UTF-8\r\n"; $header.="Content-Transfer-Encoding:7bit\r\n"; $header.="From: mymail@mysite.com\r\n"; $subject="Reset Password"; $msg="<table><tr><td>"; $msg.="Dear $user_name1,"; $msg.="<br>"; $msg.="<br></td></tr></table>"; $msg.="For the security purpose, you are required to reset your password with the following link:<br>"; $msg.="<a href='http://www.mysite.com/change_password.php?resetemail=$mail1&resetkey=$key'>Reset Password link<br><br> </a>"; $msg.="If the above link is not supported by your email program, <br>"; $msg.="please copy and paste the following link to your browser.<br><br>"; $msg.="http://www.mysite.com/change_password.php?resetemail=$mail1&resetkey=$key"; $msg.="<br>"; $msg.="<br>"; $msg.="Regards,<br>"; $msg.="mysite Team"; $msg.="</td></tr></table></center>"; $mailpass=mail($mail,$subject,$msg,$header); } if (isset($_GET['status'])){ $urstatus = (int)$_GET['status']; if($urstatus==1){ session_destroy(); echo "<META HTTP-EQUIV='refresh' content='0;URL=index.php?page=1'>"; }else{ echo "Invalid Request"; exit(); } } if(isset($_POST['loginbtn'])){ $chk_sts = 'N'; $_SESSION['user_nm'] = mysql_real_escape_string($_POST['user_login']); $login_pass = sha1(mysql_real_escape_string($_POST['user_loginpass'])); $loginsql = mysql_query("SELECT * FROM submitter WHERE submitter_name='$_SESSION[user_nm]' AND sbm_password='$login_pass'")or custom_error_handle(10); if(mysql_num_rows($loginsql)>0){ while($row = mysql_fetch_array($loginsql,MYSQL_ASSOC)){ if($row["submitter_name"]==$_SESSION['user_nm']){ $_SESSION['logged_id'] = $row["submitter_id"]; $_SESSION['logged_user'] = $row["submitter_name"]; //$_SESSION['logged_email'] = $row["sbm_email"]; $chk_sts = 'Y'; } } retrieve_data(); // update user latest login date and time if($chk_sts=='Y'){ $SQLquery = "START TRANSACTION"; $SQLrst = mysql_query($SQLquery); $update_login = mysql_query("UPDATE submitter SET lastest_login=NOW() WHERE submitter_id=$_SESSION[logged_id]"); if(!$update_login){ $SQLquery = "ROLLBACK"; $SQLrst = mysql_query($SQLquery); }else{ $SQLquery = "COMMIT"; $SQLrst = mysql_query($SQLquery); } } }else{ echo "<center><table><tr><td bgcolor=#241502><big><span style='color: rgb(255, 0, 0); font-weight: bold;'>Invalid User Name or Password.</span></big></td></tr></table></center>"; } } if(isset($_POST['forgotpass'])){ if(empty($_POST['user_login'])){ echo "<center><table><tr><td bgcolor=#241502><big><span style='color: rgb(255, 0, 0); font-weight: bold;'>Please enter your user name.</span></big></td></tr></table></center>"; }else{ $user = mysql_real_escape_string($_POST['user_login']); $findpass = mysql_query("SELECT sbm_email FROM submitter WHERE submitter_name='$user'")or custom_error_handle(10); if(mysql_num_rows($findpass)>0){ while($row = mysql_fetch_array($findpass,MYSQL_ASSOC)){ $user_email = $row["sbm_email"]; } $user_key = generateKey(); $SQLquery = "START TRANSACTION"; $SQLrst = mysql_query($SQLquery); $updateKey = mysql_query("UPDATE submitter SET activate_key='$user_key' WHERE submitter_name='$user'"); if(!$updateKey){ $SQLquery = "ROLLBACK"; $SQLrst = mysql_query($SQLquery); }else{ $SQLquery = "COMMIT"; $SQLrst = mysql_query($SQLquery); reset_password($user,$user_email,$user_key); echo "<center><table><tr><td bgcolor=#241502><big><span style='color: rgb(255, 255, 0); font-weight: bold;'>Reset password link is sent to your email account.</span></big></td></tr></table></center>"; } } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta content="text/html; charset=utf-8" http-equiv="content-type"> <title>My Site</title> </head> <body style="background-color: rgb(37, 23, 4);"> <?php echo "test page!"; ?> <center> <table style="text-align: left; margin-right: auto; margin-left: auto;" bgcolor="#f5ba18" border="0" cellpadding="0" cellspacing="0"> <tbody> <?php include 'siteheader.php'; ?> <tr> <center><form action="index.php?page=1" method="post"><table bgcolor="#f5ba18" width="900px"> <tr> <td align="right" width="450px" height="100px"><b>User Name</b></td> <td align="left" width="450px"><input name="user_login" maxlength="15" size="25" value="<?php if(!empty($_SESSION['user_nm'])) echo htmlentities($_SESSION['user_nm']);?>"></td> </tr> <tr> <td align="right" width="450px"><b>Password</b></td> <td align="left" width="450px"><input name="user_loginpass" maxlength="10" size="25" type="password"></td> </tr> <tr> <td></td> <td align="left" height="100px"><input name="loginbtn" value="Log In" type="submit"><input name="forgotpass" value="Forgot Password" type="submit"></td> </tr> </table></form></center> </tr> </tbody> </table> </center> </body> </html>
-
this didn't solve my blank page problem. as i have mentioned in my 1st post, i have detected that sometime when reach the line <meta content="text/html; charset=utf-8" http-equiv="content-type"> then, the whole code just can't continue... help, please!
-
like this? <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta content="text/html; charset=utf-8" http-equiv="content-type"><title>My Site</title> </head>
-
yup, i did try it already. but, as a newbie, i don't know how to debug it... e.g. this is my code from my php file <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <meta content="text/html; charset=utf-8" http-equiv="content-type"><title>My Site</title> <html> <head> <?php echo "test page!"; ?> </head>
-
yup, i did copy and paste the page's code for the direct input validation... but, the 11 errors i get are almost the same like: # Line 14, Column 40: character "0" not allowed in prolog if(mysql_num_rows($select_profile)>0){ # Error Line 19, Column 15: character "$" not allowed in prolog $_SESSION['edit_dob'] = $row["sbm_dob"]; which i can't understand...
-
actually, the page that will load as blank page not my index.php, it's other pages...they are load normally when run with mozilla, but when run with IE, SOMETIME(really can't understand why sometime) will load as blank page. just now you all suggest me to validate with w3 validator, so i direct enter my site URL to validate, but then my site can't be validated as mentioned above. after i remove those chinese character in my index.php, then it can be validated now... i tried validate direct input of the page that will sometime load as blank...and i get 11 errors and 2 warnings...