Jump to content


  • Posts

  • Joined

  • Last visited

Profile Information

  • Gender
    Not Telling

newbtophp's Achievements

Advanced Member

Advanced Member (4/5)



  1. I guess cookies being readable on the www. version is really a no issue, the main concern lies with cookies being readable on subdomains - which I don't want (due to security).
  2. Appreciate you clarifying, however if $site was set to domain.com, would cookies be readable on any other variation such as www.domain.com or somethingelse.domain.com or www.somethingelse.domain.com (which is what I don't want)?
  3. I have as mentioned in my initial post, my follow up question was to clarify your response, are you referring to the fourth parem of setcookie()?
  4. Hmm...If I understand you correctly - do you mean changing $site to '/' ? - did not know you could do that.
  5. I have a script where $site (location of where it's hosted) will either be in the format of a subdomain e.g. 'something.domain.com' or a domain 'domain.com', and the cookies are handled like the following: ini_set('session.cookie_domain', $site); //for sessions setcookie($name, $value, $expiry, '/', $site, false, true); //for others My question is the script's canonical url is non-www and I don't want other subdomains for various reasons (including security) being able to access/read the cookies (e.g. 'www.something.domain.com' or 'www.domain.com' or 'somethingelse.domain.com' or 'www.somethingelse.domain.com'), so would you say the above will work okay (providing $site does not proceed with www. or .)? I have searched around (also referred to php.net) and believe the above will be okay from my understanding - but wanted reassurance as I had read many conflicting/confusing information! Edit: If the above won't work - I thought about maybe setting $site to false (the .htaccess code would enforce access only via non-www)?
  6. Heya! I've coded a small php template parser, so templates can be easily parsed, and the variables within the templates are like {variable_name} e.g. <title>{title}</title> Can you suggest me possible if/else statement syntax? I've thought of doing something like: {if {logged_in}: TRUE} Your logged in... {else} Your not... {/if} and... {if {logged_in}: TRUE} Your logged in... {/if} The above demonstrates basic if/else template syntax (it checks if the variable logged_in == true), but since I'm more of a coder then designer, was wondering if I can have your input (so designers can easily understand the syntax without knowledge of server-side coding). Cheers!
  7. I currently have the query below: SELECT table1.id, table1.review, table1.time, table2.author, table2.title FROM table1, table2 WHERE table1.id = table2.id AND table1.reviewer = '{$username}' ORDER BY table1.id Im using the above quite alot around my sites code...and sometimes adding the table prefixes etc. before the column names can make the query very long and take up quite alot of lines. Is their a way to make the above query more simple/easier, as its quite basic as I just followed the basic tizag examples. Hope someone can help!
  8. $pm_query = "SELECT table2.id FROM table1, table2 WHERE table2.id = table1.id AND table1.author = '{$username}'"; $pm_reply_count = mysql_num_rows(mysql_query($pm_query)); //final query (which shall be used within a while loop) $pm_id_query = "SELECT id FROM table1 WHERE (id = '{$id}' AND author = '{$username}' OR pm_author = '{$username}' AND {$pm_reply_count} > 0) AND deleted = 0"; I've come up with the above? but its kinda hackish? - their must be a better way I'm just unsure on how to
  9. SELECT table1.title, table1.status FROM table1, table2 WHERE table1.author = '{$username}' AND COUNT(table2.id) > 0 AND table2.deleted = 0 But I get an error, but when I remove the ' AND COUNT(table2.id) > 0' the error goes; theirfore whats the correct way to do this?
  10. $array = array(); for ($i = 97; $i < 123; $i++) { $array[] = chr($i); } for ($i = 65; $i < 91; $i++) { $array[] = chr($i); } Its quite time consuming looping, perhaps combine in 1 or?
  11. If i use mysql_real_escape_string() whilst inserting data...and that data contained 'common sql injection chars' - im guessing it would escape/backslash them? So say if I now wanted to select/extract that data from the DB, would the data contain the slashes or would the slashes be automatically removed/stripped?
  12. Im working on my own (basic) forum sofware how would I determine if the user has read or unread the topic? (like SMF has a specific icon when viewing the forum/topic list which represents theirs unread topics within this forum). :-\
  13. Sorry for bringing up this thread, but how would i set N/A if any of the selected rows are empty? (defining each an every row would be tedious?) Like SELECT something, another, hey FROM table, IF ANY ROWS (in this case something, another, hey) IS EMPTY THEN DISPLAY N/A
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.