cs.punk
-
Posts
437 -
Joined
-
Last visited
Posts posted by cs.punk
-
-
Yeah me learned that too right now :-?
-
LoL I can just imagine... A guy new to the computer world.. Goes into a computer shop...
Asks, Hi what would you recommened for a guy new to computers but that won't get out of date quickly and also cheap?
They redirect him to ebay for a supercomputer... The guy smacks it with the highest bid and wins...
Next thing he knows theyre building a double story over his house for his 'computer'...
LoL bet it's dusty in there too... They really need some BUG repellent...
-
How does "History" work in photoshop? When you have an image, and you press "Undo" how does it know what to undo? Or redo?
The only thing that I can think of, is that photoshop would save a version of the image, every time an edit has been done, so every time the image changes it saves a copy of the previous image.
Or maybe only 'certian elements'.
As if you have applied a effect it's hard to get the original with 'de-effecting it' lol
-
Hi, thanks a lot for your help. But how do i fetch the_review_id?
Create a column in your database with a auto increment column.
So each entry will have a ID to it...
-
This is doing my head in... In firefox it looks perfect though...
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>CSS Lists</title> <link href="/files/css.css" rel="stylesheet" type="text/css" /> </head> <body id="about"> <div class='head'> <img align="left" src="images/logo.jpg" width="300" height="100" /> <img src="images/logobar.jpg" width="724" height="100" /> </div> <ul id="list-menu"> <li id="menu-home"><a class='nav' href="#">Home</a></li> <li id="menu-about"><a class='nav' href="#">About</a></li> <li id="menu-archive"><a class='nav' href="#">Archive</a></li> <li id="menu-lab"><a class='nav' href="#">Lab</a></li> <li id="menu-reviews"><a class='nav' href="#">Reviews</a></li> <li id="menu-contact"><a class='nav' href="#">Contact</a></li> </ul> <div class='main_content'> <p>BLAHAHAHAHA BLAH BHA BHA AHB AH BNBLHA BLAH</p> </div> </body> </html>
/* Body */ body {margin: 0; background-color: #ADD1DC; } /* Text/Font Styles */ .top_heading {font-family: Verdana; font-size: 26px; color: #333333; } /* a hrefs/links */ a.nav {font-family: Verdana; font-weight: bold; } /* Divs */ div.head {border: solid; border-width: 1px; border-left-width: 0px; border-right: 0px; border-top-width: 0px; border-color: #0066FF; background-color: #0099FF; height: 100px; } div.main_content {padding: 10px; }
Anyone know whats going on?
Attached is a screenshot..
[attachment deleted by admin]
-
$var = "exam"; echo "$var"; // exam //What if you want it to echo out "$var*ple" without the *? echo "{$var}ple"; //Could also be done like this echo "$var" . "ple"; Also to echo out the CORRECT way for an array (mmm nice ryhming hey) echo "{$array['first']}"; //unlike echo "$array['first']"; //which won't work
-
$query = mysql_query("SELECT COUNT(id) FROM LOGIN WHERE username='$username' AND password='$password'");
$row = mysql_fetch_row($query);
if($row[0] != 1) {
echo "Invalid username/password";
}
else if($row[0] == 1) {
echo "Welcome.";
So when it finds from database username and password what matches then row[0] value should be 1 right? But it already gives the value 1 when i only enter username and press login or try it with some random password..
Well, I am not quite sure what your doing with the above code but...
$sql_select = "SELECT * FROM LOGIN WHERE username='$username' AND password='$password' LIMIT 1"; $mq_select = mysqli_query($db_con, $sql_select); $row = mysqli_fetch_assoc($query); if($row['password'] == $password) {echo "Corrert password"; } else {echo "WRONG PASSWORD"; }
I hope you will figure it out .
Also look into md5 and mysql_real_escape_string.
-
:o Blimey! Thanks for that.
-
I am wondering if it is possible to send 'fake' values via POST.
Say now you have a form and have 3 checkboxes,
10,20,30. Could a hacker send the number 40?
-
If anyone is willing to team up with me, or your in need of a partner please contact me.
I want to start something... But don't know what... All the projects/websites I worked on are unsucsessful...
-
... Put your different 'code' into $varibles... And then just dump them in one files,
include this page to all your others and just
echo "$example_head"; echo "$example_logo"; echo "$example_mainframe";
-
performing strip_tags() on globals will completly disallow submitting html however it is still possible (i think) if using encoding.
Why would I want HTML in my $_GETS?... example.com/posts/post=<h1>This is stupid</h1>
This is an example of no proper programming:
if (is_numeric($var)) { } else {header("Location: /index.php"); }
No proper programming? The only thing I see fit for passing through GET is IDs of somesort. So the following code, included to a page, will check the value of the GET, if it is something funny like :www.badsite.com/xssattack.php, it will reject it .
-
I'm sure this is a pretty common question...
But I need clarification.
How should I structure the flow of my login script?
I understand that there is a form, and the contents of the form are submitted then proccessed in a PHP script. However, if the username/pass are correct, how do you redirect the person to the new page? Or should I make it work in a different way?
Thanks!
Well you need a login page to 'set $_SESSION varibles'...
Then you need this:
verify_user.php
<?php if (!isset ($_SESSION['user']) || !isset($_SESSION['rank'])) {header("Location: /login.php); } ?>
Include that in every 'login protected' page...
-
Right.... And I hate facebook! Now I can work on being 'better' than facebook lol...
Anyway I don't like this 'header' thing it... It's just not the right thing for the job...
I wrote something here:
$originalpicture = "../../xtc_html/photos/{$result['user']}_{$result['user_id']}_{$result['file_count']}.jpeg"; $timestamp = time(); $md5_name = basename($originalpicture); $tmp_newname = md5($md5_name) . md5($timestamp) . ".jpeg"; $tmpic = "photos/" . $tmp_newname; copy ($originalpicture, $tmpic); echo "<img src='$tmpic'/>"; unlink ($tmpic);
Although I can't get it to work unless I remove (unlink ($tmpic) the last line...
Should I set up a '10 minutey' delete robot of some sort?
-
Uhm, the .htaacces won't work for the reason of uhm how am I ment to view the files inside lol.
I'll try googling again... Maybe this time Im lucky
-
I want to submit a form using a link. I am writing the code within an "echo" as follows:
$title = mysql_result($result,$i,"title"); $isbn = mysql_result($result,$i,"isbn"); echo "<form action='prod_info.php' method='post'>"; echo "<table style: border = 1><tr><td style: width='200px'><a href = '#' onclick = 'this.form.submit()'>" .$title. "</a></td></tr>"; echo "</table></form>";
It's not submitting the form though. any ideas?
JH
<a href = '#' [code]onclick = 'this.form.submit()'
>[/code]
Thats a javascript function right? I think your problem lyes in there...
-
To start the topic,
I am trying to build a members-only website for a certain client.. Of which members are allowed to view other ‘members’ photos only if they reside on the members ‘friend list’ (like facebook and such)…
The problem is, all the photos are stored in a easily accessible directory (example.com/images/example_friend77_photo1.jpeg)…
So far, from what I have read up on, the solution is to create a image folder out of my public_html folder
Like This
/images /public_html //index.php //other.php
Is this 100% certain that users won’t be able to load these images from this folder?
Secondly… How do I access this folder?.. the basic HTML img tag won’t work..
What funny PHP thing do I do?
Thanks guys and girls(if there are)… I really have no idea why some of you even waste your time with us.. I hope one day I could help nearly as much as some of you guys have helpen(yes yes I know) me…
-
Sorry,.... I hit the enter button by mistake.... Please delete
-
OMG! I am so rude! I asked the question like a moron! I was busy and typing it with my phone... So sorry...
To be more specific, what I have is this:
filterget.php
<?php include "mysqlcon.php"; $con = mysqli_connect("$dbhost", "$dbuser", "$dbpass") or die ("Could not connect to database"); if (isset($_GET)) {foreach($_GET as $var => $value ) {$var = mysqli_real_escape_string($con, strip_tags(trim($value))); //Why I do the 'mysqli_real_escape_string' is really stupid and useless //But I feel it makes the code 'more secure' although it does not...though maybe. if (is_numeric($var)) { } else {header("Location: /index.php"); } } } else {header("Location: /index.php"); } ?>
I include this page where ever I need to recieve $_GET varibles....
I made it so that if it's not a numerical numbers -> redirect the person to the index page...
I don't think you are fully aware of what XSS is (http://en.wikipedia.org/wiki/Cross-site_scripting) plus there are many more vulnerabilities to which you have to protect not only your scripts but even your server(s)
Uhm I am aware that it takes a 'script' from another domain/source...
And uhm, I have
strip_tags();on all input I recieve
mysqli_real_escape; Aswell on all input I recieve
I only allow .jpegs to be uploaded...
Uhm how more secure can you be?
-
Am I sill vunreble if I only allow numbers in the gets commands?..
I made it so that if it's not a numerical numbers -> redirect the person to the index page...
-
I think the problem lyes in your login page (or not calling "session_start();" )...
Anyway I wrote a thing for you (took some time, but hey I was boReD)...
This 'script' needs a database table of which has 3 columns (user_id, nation_id, password) which you should create beforehand...
index.php
<?php echo "<h1>This is the homepage right?</h1>"; echo "<br/><a href='login.php'>Login</a>"; echo "<br/><a href='protected.php'>Protected Page</a>"; echo "<br/><a href='logout.php'>Logout</a>"; ?>
mysqli_con.php (Remember to change the values)
<?php $dbhost = "localhost"; $dbuser = "root"; $dbpass = ""; $dbname = "thedatabase"; ?>
login.php
<?php session_start(); include "mysqli_con.php"; $mysqli_con = mysqli_connect ("$dbhost","$dbuser","$dbpass","$dbname") or die; if (isset($_POST['user_id']) && isset($_POST['password'])) {$user_id = mysqli_real_escape_string($mysqli_con, strip_tags($_POST['user_id'])); $password = mysqli_real_escape_string($mysqli_con, strip_tags($_POST['password'])); if (is_numeric($user_id)) {} else {die ("User_id is not a number"); } $sql_s_users = "SELECT * FROM users WHERE user_id='$user_id'"; $mq_s_users = mysqli_query($mysqli_con, $sql_s_users) or die ("Query failed!"); $users_result = mysqli_fetch_assoc($mq_s_users); if ($password == $users_result['password']) {$_SESSION['user_id'] = $user_id; $_SESSION['nation_id'] = $users_result['nation_id']; echo "Logged in!"; } else {echo "incorret"; } } ?> <?php if (isset($_SESSION['user_id'])) {echo "Sorry your already logged in"; } else {echo "<h1>This is the login page right?</h1> <form action='{$_SERVER['PHP_SELF']}' method='POST'> Your user ID? <input type='text' name='user_id' /> Your password? <input type='text' name='password' /> <input type='submit' value='Login'/> </form>"; } ?>
checkuserid.php
<?php if(isset($_SESSION['user_id'])) {$user_id = $_SESSION['user_id']; if(isset($_SESSION['nationi_d'])) {$nation_id = $_SESSION['nation_id']; } } else {header('Location: /login.php'); } ?>
protected.php
<?php session_start(); include "checkuserid.php"; print_r ($_SESSION); echo "<br/>If you have gotten so far, it should be solved...!"; ?>
logout.php
<?php session_start(); include "checkuserid.php"; if (isset($user_id)) {session_destroy(); unset ($_SESSION); echo "Logged out "; } else {echo "Your not logged in! Oi! ;O "; } ?>
-
Okay, you say:
If anyone knows a solution please post here..On what a solution?
If you understand the css, you should clean it up if you find it messy,
if you don't, I would sugest to learn it, it is really easy.
Sorry if I sounded a bit angry but I'm because I'm stuck myself with some php code ;p
LoL, messy or not messy should not make a difference... And btw I am reading your php topic right now...(hmm :-\)
-
Thanks papaface and Crayon Violent!
-
Ok guys, a naming problem.
$file_dir = "photos/originals/$user_$user_id_$file_count.jpg"; move_uploaded_file ($file_tmp, $file_dir);
I want a file like : ‘user_23_1.jpg’…? But it seems to be interpreting ‘$user_’ as a variable rather than ‘$user’.
Thanks.
[HELP] Command + Queries to update SQL
in PHP Coding Help
Posted
`id` int(11) NOT NULL auto_increment,
`rname` varchar(45) NOT NULL,
`food` int(2) NOT NULL,
`ambience` int(2) NOT NULL,
`value` int(2) NOT NULL,
`service` int(2) NOT NULL,
`title` varchar(50) NOT NULL,
`comment` varchar(200) NOT NULL,
`writtenby` varchar(50) NOT NULL,
`date` datetime NOT NULL,
`review_status` int(1) NOT NULL default '0',
Make a page that displays all of your '0' entries.
Then make a form with each entry having a 'checkbox' (passing along the id of the entry). And once the form is set, use the above code to update it to 1.
For the public view, let it show only entries with review_status on 1.