Destramic

hey guys i'm trying to delete a row from my database...but at the same time i want to select lifetime and modified column to inject into the query also. i've tried many variations from online but I'm having no joy DELETE FROM sessions AS s WHERE IN (SELECT session_id FROM sessions s2 WHERE s2.session_id = s.session_id AND UTC_TIMESTAMP() > DATE_ADD(s2.modified, INTERVAL s2.lifetime SECONDS)) can anyone help please? thank you

brillaint...hopefully the end to captcha as i hate them so much! what key would be the name of the bot please? obviously i wouldn't want to block the good bots from accessing my pages...thank you for your reply

i've just installed browscap (maybe behind the times)...but impressive stuff...just a few questions though the [crawler] key...would i be correct in saying it detects if its a bot browsing also [browser_type] what does this mean exactly? some info on this would be great...thanks guys //returned from: get_browser(); stdClass Object ( [browser_name_regex] => ~^mozilla/5\.0 \(.*windows nt 6\.1.*wow64.*\).*gecko/.*firefox/.*$~ [browser_name_pattern] => Mozilla/5.0 (*Windows NT 6.1*WOW64*)*Gecko/*Firefox/* [parent] => Firefox Generic [browser_bits] => 32 [platform] => Win7 [platform_version] => 6.1 [platform_description] => Windows 7 [platform_bits] => 64 [platform_maker] => Microsoft Corporation [win32] => [win64] => 1 [device_name] => Windows Desktop [device_code_name] => Windows Desktop [comment] => Firefox Generic [browser] => Firefox [browser_type] => Browser [browser_maker] => Mozilla Foundation [frames] => 1 [iframes] => 1 [tables] => 1 [cookies] => 1 [javascript] => 1 [javaapplets] => 1 [cssversion] => 3 [device_maker] => Various [device_type] => Desktop [device_pointing_method] => mouse [renderingengine_name] => Gecko [renderingengine_description] => For Firefox, Camino, K-Meleon, SeaMonkey, Netscape, and other Gecko-based browsers. [renderingengine_maker] => Mozilla Foundation [browser_modus] => unknown [version] => 0.0 [majorver] => 0 [minorver] => 0 [alpha] => [beta] => [win16] => [backgroundsounds] => [vbscript] => [activexcontrols] => [ismobiledevice] => [istablet] => [issyndicationreader] => [crawler] => [aolversion] => 0 [device_brand_name] => unknown [renderingengine_version] => unknown )

blocks network 1.0.0.0/24 geoname_id 2077456 registered_country_geoname_id 2077456 represented_country_geoname_id null is_anonymous_proxy 0 is_satellite_provider 0 postal_code null latitude -27 longitude 133 locations geoname_id 1392 locale_code en continent_code AS continent_name Asia country_iso_code IR country_name Iran subdivision_1_iso_code 21 subdivision_1_name MÄzandarÄn subdivision_2_iso_code null subdivision_2_name Shahr city_name metro_code null time_zone Asia/Tehran sorry the preview looked good and i didnt check the final post...but here is a row from each file...

hey guys i've purchased geoip files from maxmind but as well as having the general blocks and locations for a ip address, it also has blocks and locations (city and country) files for ipv4 and ipv6 which look like this: blocks: locations: now using the stand blocks which are also downloadable i have no problem using and uploading to a database...but does anyone know how to use ipv4 and ipv6 blocks and location (city and country) files? and how they can be used with a ip in a sql query? i'm unable to find any tutorials about this unlike the general blocks and location. thanks guys

thanks guys i made a few changes to the way it functions...thought it would be easier to se thet character mask in constructor or by method... <?php namespace Filter class Trim { protected $_character_mask; public function __construct($character_mask = null) { $this->set_character_mask($character_mask); } public function filter(&$data, $dummy = null) { if (is_array($data)) { array_walk_recursive($data, array($this, 'filter')); } else { $character_mask = $this->get_character_mask(); $data = trim($data, $character_mask); } return $data; } public function get_character_mask() { return $this->_character_mask; } public function set_character_mask($character_mask) { $this->_character_mask = $character_mask; } } $string = 'this a test .r'; $array = array('this is a stringo .o', ' test two'); $trim = new Trim('r'); $string = $trim->filter($string); $trim->set_character_mask('o'); $array = $trim->filter($array); echo '<pre>'.$string; print_r($array); echo trim('yesssss', 's'); the reason i use class instead of functions cause i use it with my framework... i can just do this due to my auto-loader use Filter\Trim as Trim $trim = new Trim; $trim->filter($post); i never use function to be honest...

thanks for you post guys INSERT INTO sessions (id, data, lifetime) VALUES (1, 'done it', '260') ON DUPLICATE KEY UPDATE data = 'done it', lifetime = '260 worked like a dream

hey guys here is my table below: CREATE TABLE IF NOT EXISTS `sessions` ( `id` varchar(62) NOT NULL, `data` text NOT NULL, `lifetime` int(10) NOT NULL, `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, `modified` timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP ) ENGINE=InnoDB my problem is when i use a replace into query REPLACE INTO sessions (id, data, lifetime) VALUES ('1234', 'data here', '360') whats happening is when replacing a row the created column is always gets updated with the current timestamp... which is because im using the replace into function....is there a way when existing the replace into, which updates a row for it not to update the created column? thanks you

hey guys I'm having a but of trouble when it comes to using the trim function...for some reason when using it in this method it doesn't return the right results...can anyone tell me where im going wrong please? <?php class Trim { public function __invoke($data, $character_mask = null) { if (is_array($data)) { array_walk_recursive($data, array($this, '__invoke')); } else { $data = trim($data, $character_mask); } return $data; } } $trim = new Trim; $string = $trim('this a test .', 't'); $array = $trim(array('this is a string .', ' test two'), 't'); echo $string; print_r($array); echo trim('yesssss', 's'); results his a test . Array ( [0] => this is a string . [1] => test two ) ye thank you

thank you for your reply and yeah you make a good point...i use session cookies which allow me to store the session_id() in the cookie PHPSESSID longer...but i think i'll use a cookie when it comes to capturing none sensitive data such as timezone offset and language. well the user is authenticated by his username and password originally...but a username and id is stored in a session when authenticated, that way I'm able to confirm authentication whilst visiting the site...surly this is how everyone else does it?

session data caught in database name|s:5:"Ricky";language|s:7:"English";timezone_offset|s:6:"+00:00";id|s:4:"2999";username|s:9:"Destramic"; now if user has reopened browser after log in the data is read from the session id and the session values exist as should be...but as user haven't ticked remember authentication in previous browser session i don't want username and id to be remembered but for the other data to be remembered... what i need is for username and id to be unset on close of browser....how can i achieve this?

can any help please?

that a good idea...if a user_id doesn't exist then i suppose a session_id would be suffice. now there's one more problem I can't tackle when it comes to sessions if you could please help/advise. now i set session max lifetime for a hour: ini_set('session.gc_maxliftime', 60*60); if user logs in and doesn't want to be remembered then the users username and user_id is remembered in a session which is written to my session table via my session handler...now if browser is closed and the site reopens the username and password still exist due to the session max life...i could put a expiry time in my session table structure for the data but that doesn't necessarily mean the data will expire or be removed when browser is closed...so I'm in a bit of a pickle regarding this issue. on the other hand if user wants to be remembered a token is generated which matches the on in the users table...can expire by log out....no problem how can i manage not remembering a user after browser closed please?...any advise on this guys would be appreciated hope someone can help thank you

hey guys....I'm wanting to remember certain session data on my site but when browser closes i want some session data to be remembered and some sessions to be destroyed...I've been reading and looking at tutorials and but nothing really on this... amazon is a good example...where you can add things to your shopping basket, log in and then when browser is closed your logged out but your cart still has the data. if someone could please explain to me how this can be achieved please? thank you

hey guys...i'm scratching my head over my authenticate method when it comes to remembering user or not! here are the setting for my sessions ini_set('session.gc_probability', 1); ini_set('session.gc_maxliftime', 60*60); session_set_cookie_params(60*60*7, '/'); now with the authentication there is 2 ways of being logged in. 1. if user wants to be remembered on log in, they have a authentication token saved in a session cookie and it if it matches with the users db row token the the user will log in automatically every time. 2. if user doesn't want to be remembered when they log in a user id and username is saved as a session where i then can confirm the in user db row when on site (sessions to be destroyed when browser closes) the problem and help i need is on number 2...because i have a lifetime on the sessions the user id and username always gets remembered even when browser is closed and re-opened...causing the user to be remembered when he/she doesn't want to be....how can i get around this issue please? some session values i want to remember and some i just don't! here is my method for authentication if needed. public function authenticate() { $db = $this->_db; $session = new Session; $session->start(); $user_id = $session->user_id; $username = $session->username; $identity = $this->_identity; $password = $this->_password; if ($session->authenication_token) { $parameters = array(":authentication_token" => $session->authentication_token); $query = "SELECT user_id, username, password, email_address, status, activation_code, timezone_offset, latitude, longitude, distance_unit, timestamp FROM users WHERE authentication_token = :token AND authenticated = 1"; $db->connect(); $result = $db->execute($query, $parameters); $row = $result->fetch_row(); $row_count = $result->row_count(); $result->free_result(); $db->close(); if ($row_count === 1) { $this->_authenticated = true; } } else if (!empty($id) && !empty($username)) { // check id and username with db // auth if successful } else if (!empty($identity) && !empty($password)) { if ($this->is_email_address($identity)) { $identity_column = "email_address"; } else { $identity_column = "username"; } $parameters = array(":identity" => $identity); $query = "SELECT user_id, username, password, email_address, status, activation_token, timezone_offset, latitude, longitude, distance_unit, timestamp FROM users WHERE " . $identity_column . " = :identity"; $db->connect(); $result = $db->execute($query, $parameters); $row = $result->fetch_row(); $row_count = $result->row_count(); $result->free_result(); $db->close(); if ($row_count === 1 && $this->verify_password($password, $row['password'])) { $this->_authenticated = true; if ($this->_remember) { $authentication_token = $this->get_token(); $session->authentication_token = $authentication_token; $parameters = array(':authentication_token' => $authentication_token, ':user_id' => $row['user_id'] ); $query = "UPDATE users SET authentication_token = :authentication_token WHERE user_id = :user_id"; $result = $db->execute($query, $parameters); } else { if ($session->authentication_token) { $session->destroy('authentication_token'); } $parameters = array(':user_id' => $row['user_id'] ); $query = "UPDATE users SET authentication_token = null WHERE user_id = :user_id"; $result = $db->execute($query, $parameters); } } } $this->record_login_attempt($identity); if ($this->_authenticated) { $session->user_id = $row['user_id']; $session->username = $row['username']; $session->login_time = time(); return true; } if ($this->brute_force_attack($identity)) { $this->block_account($identity); } return false; } help on this session matter would be extremely grateful...any criticism on how I'm doing things is also very welcome...thank you guy

brilliant thank you...is it also possible to add custom values to this query other than what is selected from the users table?

well id like to check if users exists first before entering a log in attempt...after a bit more researching i think i need something like this but it doesn't work INSERT INTO login_attempts (identity) VALUES ('destramic@hotmail.com') WHERE NOT EXISTS (SELECT user_id FROM users WHERE email_address = 'destramic@hotmail.com') is this even possible? thank you

hey guys im wondering if it's possible to insert a row if a value exists inside another table? for instance the code below i wish to make a log in attempt record if the user actually exists in the users table INSERT INTO login_attempts ('identity') VALUES ('name@example.com') SELECT user_id FROM users WHERE email_address = 'name@example.com' thanks you

Hey guys I've discussed on here another about tokens but I'm wondering how you'd do a single request token. What I mean is when a user logs in and got to account setting and clicks on change password I'd like the user to be redirected to the login form to confirm authenticity then the user can view change password page if successful. If it's the best way? This means the users has confirmed security and they'd able to change important credentials for that particular page and no other without going through the same process. How can this be achieved please? Thank you

i sorted the problem out now...these headers will send a multipart email plain and html depending on users mail settings. heres the headers //$this->_CRLF = \n which depends on OS $boundary = md5(time()); $headers = "From: name here <noreply@example.bid>" . $this->_CRLF; $headers .= "To: my name <example@example.com>" . $this->_CRLF; $headers .= "Subject: hello" . $this->_CRLF; $headers .= "MIME-Version: 1.0" . $this->_CRLF; $headers .= "Content-Type: multipart/alternative; boundary=" . $boundary . $this->_CRLF; $headers .= "This is a multi-part message in MIME format" . $this->_CRLF; $headers .= "--" . $boundary . $this->_CRLF; $headers .= "Content-type: text/plain; charset=iso-8859-1" . $this->_CRLF; $headers .= "hello, plain text" . $this->_CRLF. $this->_CRLF; $headers .= "--" . $boundary . $this->_CRLF; $headers .= "Content-type: text/html; charset=iso-8859-1" . $this->_CRLF; $headers .= "<b>hello</b>" . $this->_CRLF; $headers .= "--" . $boundary . "--" . $this->_CRLF; $this->send_command($headers . '.' . $this->_CRLF); thanks for your help guys

brilliant...thank you very much for that useful information...I've certainly been doing things wrong thanks again mac_gyver

well my issue is that i save the users language ie. en and timezone offset ie, +01:00...which is saved under a session cookie for 20 days...now say for instance if a user logs in a doesn't want to be remembered (save id in session cookie)...this has become a bit difficult as lifetime is set and effects all sessions set due to this code. ini_set('session.gc_maxlifetime', 60*30); session_set_cookie_params(60*60*24*20, '/'); is it good practice for me to create a session table?...that way i can save sessions there making each session flexible to a lifetime? or also i was thinking which may be way out there is...for each session i create a lifetime ie. session_start(); $_SESSION['name'] = "destramic"; $lifetime = 60*60*2 $_SESSION['name_lifetime'] = time() + $lifetime; hope you understand my difficulty thanks yiou

sorry for the confusion....after trying the following code before and NOT after session_start() it worked as i wanted.. session_save_path('C:\Users\Ricky\Desktop\www\scripts\session'); ini_set('session.gc_probability', 1); ini_set('session.gc_maxlifetime', 360*72); session_set_cookie_params(360*72, '/'); is it possible to remember only certain session values and then to set other session values just to be kept until browser closes?...seems when i alter session cookie parameters it effects every session i create from there on... if not i had read about storing session_id and session values in a database which could work perfectly when it comes to giving certain values different lifespans thank you

ok well i've been trying to figure a few things out with session files but have some questions if someone can please clear up. 1. i can read the session file (using the code below)...which is saved as the users session_id() but if the user closes the browser how do i know what file is theirs as a new session_id() would be regenerated automatically upon revisiting....so would i know what file to load in this instance? $contents=file_get_contents('http://localhost/scripts/session/sess_4653e1122ead235d30f928f71308c805'); session_start(); session_decode($contents); print_r($_SESSION); 2. i set session_set_cookie_params() to 20 seconds, and was expecting the session file to be removed after then or non accessible after that period, but i still am able to read the file... session_set_cookie_params('20', '/'); i could use the totch() function to set the modification file time and know if file has expired that way... but if i could have some advise on how i can do these things then that would be great. thanks guys

worked like a dream thank you. now that i have the session data saved in a private directory...am i able to access it when user reopens browser and visits my site so that i can get any credentials I've stored...like timezone, language etc?