Monkuar

${$payment['amount']} using the $ next to it doesn't work I am using itinside double quotes, any way I can get that dollar sign right next to it? This for people buying stuff off my forum i want the amount to show right by the $ dollar sign And im working inside double quotes only

WHOA now that is sexy ima use that, lol thank you

blah i fixed it if ($user['gender'] == 1){ $g = 'Male'; }else if ($user['gender'] == 2){ $g = 'Female'; }else if ($user['gender'] == 3){ $g = 'Hermaphrodite'; } srry

$user['gender'] = ($user['gender'] == 1) ? 'Male' : ''; $user['gender'] = ($user['gender'] == 2) ? 'Female' : ''; $user['gender'] = ($user['gender'] == 3) ? 'Hermaphrodite' : ''; I echo out $user['gender'] and it doesn't show the values i put in the terny operator, but if I delete all that, and echo it out it echo's out "1" which is what I have selected, any idea? do i have to use variables other than the mysql $user['gender'] ?

make a field called "time" and update it every day, and then check if it's ran out of seconds, then re do query, while re-doing query throw in the replenish hp/mana query also

wow holy tits i had 2x require PUN_ROOT.'include/parser.php'; didn't know it would make a error learned my lesson! solved!1

Im not using parse_message function anywhere in my s.php (Where error is being called) ?

http://pastebin.com/X1gekzQ1 that's the function i literally havn't touched anything and this error pops up rofl this is so weird! everything has been working just fine

Fatal error: Cannot redeclare parse_message() (previously declared in C:\wamp\www\include\parser.php:5) in C:\wamp\www\include\parser.php on line 155 line 155: } all it is is a } How in the world? this just happended line 5 is function parse_message($text)

I have a field called "Profile" it's a varchar(30) Default value is "0,0,0,0,0,0,0,0,0,0" Now, for my users on my forum, I want them to hide parts of there profile/etc, so Me and you are going to assume that each 0 could only be 0 or 1. But 1 problem. if I use <input type=checkbox name='profile[]' value=1> Then I get a imploded array of profile right? But how would I go about checking it so people cannot submit anything other then 0 or 1, and It needs to be intvalued also (for security), I heard a function called in_array, could this be used?

ya this place #1

Love it thank you

im using function escape($str) { return is_array($str) ? '' : mysqli_real_escape_string($this->link_id, $str); } then I do $db->escape($variable) for whatever variable before enters db good?

i use mysql escape and intval for my integers but i read this article http://www.itshacked.com/350/bypassing-php-security-mysql_escape_string-while-sql-injection-attacks-is-possible.html shows that people can bypass t he mysql_escape, but that article is only showing if they dont intval there ID= XXXX is it true or bogus? what are some more security measures can I take to help reduce the risk of sql injection? I use intval and mysql_escape_string, what else?

Trust me do it

Hmm, thanks for explaining! Helps alot, then just giving code, will help me in the future also. Coulda sworn the /i meant case sensitive, ( wouldn't of worked then) I guess for regex it's a whole different ballgame and /i makes it work for that particular string, thanks Req.

doesn't /i mean case sensitive? why does preg_quote need to be used? (just curious) im trying to learn

$string = "[img]"; $paragraph = $text; if (preg_match_all($string, $paragraph, $matches)) { echo count($matches[0]) . " matches found"; exit; }else { echo "match NOT found"; exit; } okay, if I use it does not find a match, how do I make it so it's not case sensitive?

Hey, function regex_check_image($url="", &$counter = 1) { while($counter<6){ $counter++; if (!$url) return; $url = trim($url); $default = "[img=http://".$url."]"; $default = "[img=http://".str_replace( '[', '&#38;# 091;', $url )."]"; if ($counter > 10) { message('You have posted to many Images'); break; } if (preg_match( "/[?&;\<\[]/", $url)) { message('No Dynamic Images'); break; } if (preg_match( "/javascript(\:|\s)/i", $url )) { message('No Dynamic Images'); break; } if (!preg_match( "/^(http|https|ftp):\/\//i", $url )) { message('No Dynamic Images'); break; } $url = str_replace( " ", "%20", $url ); } return "<img src='$url' border='0' />"; } // usage : $counter will contain how many times it was looped. $imgHtml = regex_check_image($url, $counter); echo "Checked $counter images!"; exit; Still only displays "Checked 1 Image" when im copy/pasting this bbcode [img=http://fluxbb.org/files/images/logo.png] [img=http://fluxbb.org/files/images/logo.png] [img=http://fluxbb.org/files/images/logo.png] [img=http://fluxbb.org/files/images/logo.png] [img=http://fluxbb.org/files/images/logo.png] which should display "Checked 5 Images" Right? And It's not because of the exit, because with your code i put $imgHtml = regex_check_image($url, $counter); if ($counter > 4){ message("You have posted to many images, you're only allowed 5"); } And it's still not giving the error, I could replace message with echo too, it's pretty much the same, message is just my global function to display errors, but yea, either way still not workign any idea? @ batwimp, im having same issue with ur code right now to as I posted above thanks if u can help I am absolutely stumped

:'( :'( :'( :'( Premiso, how am I supposed to read my echo's then when the script finishes?

function regex_check_image($url="") { $counter = 1; while($counter<6){ $counter++; if (!$url) return; $url = trim($url); $default = "[img=".$url."]"; $default = "[img=".str_replace( '[', '&# 091;', $url )."]"; if ($counter > 10) { message('You have posted to many Images'); exit; } if (preg_match( "/[?&;\<\[]/", $url)) { message('No Dynamic Images'); exit; } if (preg_match( "/javascript(\:|\s)/i", $url )) { message('No Dynamic Images'); exit; } if (!preg_match( "/^(http|https|ftp):\/\//i", $url )) { message('No Dynamic Images'); exit; } $url = str_replace( " ", "%20", $url ); echo $counter; exit; } return "<img src='$url' border='0' />"; } Okay, I took your code and tried to get it to work. Now it echo's "2" Any idea? am I getting closer?

Isn't it already being looped because it has to parse each individual [img tag? The tag works fine and returns my image properly..? Sorry I am pretty dam lost as u can tell. But since it is being looped to do that through each [img tag, that's why I think the $counter is inside one right?

http://pastebin.com/enpCdfXN here $text = preg_replace( "#\[img\](.+?)\[/img\]#ie" , "\\regex_check_image('\\1')" , $text );

Yes, I will!, Thanks for doing this This is my parse_message function i made: http://pastebin.com/enpCdfXN (I have stripped regular <b> bbcode tags for space, but that is literally all of it. I use this and wrap the parse_message around people's Post before they get entered into the Database. so it converts the img tag u see here (Which does work, just not the counter issue we have now) Here is the regex_check_image function function regex_check_image($url="") { global $counter; if (!$url) return; $url = trim($url); $default = "[img=".$url."]"; //-- mod_sec_update_131 begin $default = "[img=".str_replace( '[', '&# 091;', $url )."]"; //-- mod_sec_update_131 end ++$counter; // Make sure we've not overriden the set image # limit if ($counter > 10) { message('You have posted to many Images'); exit; } if (preg_match( "/[?&;\<\[]/", $url)) { message('No Dynamic Images'); exit; } if (preg_match( "/javascript(\:|\s)/i", $url )) { message('No Dynamic Images'); exit; } // Is it a legitimate image? if (!preg_match( "/^(http|https|ftp):\/\//i", $url )) { message('No Dynamic Images'); exit; } // If we are still here.... $url = str_replace( " ", "%20", $url ); return "<img src='$url' border='0' />"; } Then right below that I have to check $counter echo $counter; exit; if ($counter > 6) { message('You have posted to many Images'); exit; } which doesn't work either Even if I use ++$counter; or $counter++; And that is literally my whole .php script man

You said put it ontop, lol my bad though I initialize it using " ++$counter; " ++ auto increments right? or $counter++, what's the difference? I Still put it underneath and nothing is being called, it seems like I can only echo out the stuff if it's inside the function, function regex_check_image($url="") { global $counter; if (!$url) return; $url = trim($url); $default = "[img=".$url."]"; //-- mod_sec_update_131 begin $default = "[img=".str_replace( '[', '&# 091;', $url )."]"; //-- mod_sec_update_131 end ++$counter; // Make sure we've not overriden the set image # limit if ($counter > 10) { message('You have posted to many Images'); exit; } if (preg_match( "/[?&;\<\[]/", $url)) { message('No Dynamic Images'); exit; } if (preg_match( "/javascript(\:|\s)/i", $url )) { message('No Dynamic Images'); exit; } // Is it a legitimate image? if (!preg_match( "/^(http|https|ftp):\/\//i", $url )) { message('No Dynamic Images'); exit; } // If we are still here.... $url = str_replace( " ", "%20", $url ); return "<img src='$url' border='0' />"; } echo $counter; exit; still echo's out nothing, hmm I am so close I think Even if I do echo it out inside the function itonly displays "1", not 20 or 30, or how many [img tags I have, prob because im exiting the script? But still the if functions if > 10 doesn't work anyway, something is wrong it's not looping through them, but the function does work and I can use multiple [img tags on my forums this is so weird