newbtophp

lol, bad description. hehe, i was trying to add a column to the table, the code usually worked, but today it didnt so i posted here for help on what im doing wrong. But just now i check and the problem was that in my conn.php the table was a different one. I need to

Im trying to create 1 new column using php. Im trying to add the column: country to the table gaming. <?php //Include mysql connect include "conn.php"; mysql_query("alter table gaming add column country varchar (20)") or die(mysql_error()); die("column created!"); ?> So when I add this code to a file and then run the file the column should be created.

zend guard is not safe, it can easily be reverse engineered...

Right Click > Properties. It may be that you don't have administrator privelages on that account. Download this an follow the onscreen instructions http://www.malwarebytes.org/fileassassin.php

i agree, im new to php but i dont go around acting dumb on purpose. hes got quite alot of replies and yet he has not solved it, usually 1-3 replies do the trick.

<form method="post" action="<?php echo $PHP_SELF; ?>" /> <input type="text" name="textarea1"/></textarea> <input type="submit" name="submit" value="submit"/> </form> <?php $textarea1 = $_POST['textarea1']; $submit = $_POST['submit']; if($textarea1 == "") echo ""; else { if($submit == "submit") { //Some php here echo 'true'; } } } ?>

Nope it was my problem, i add to ad '.php code here.' for the textareas and then it worked fine

Ok don't download it I gave you a direct link to trend micro, Im not going to harm you, lol

echos nothing, i click the submit button, the browser looks like is loading for a few seconds then just remains the same, and dont echo anything.

@xcoderx Download HijackThis: http://go.trendmicro.com/free-tools/hijackthis/HijackThisInstaller.exe, then post your log file from your scan here, and I'll take a look at it

Yes, this is a phpfreaks exclusive.!!!

Maybe this may give you a better understanding of what im trying to do: <form method="post" action="<?php echo $PHP_SELF; ?>" enctype="multipart/form-data"> <input type="file" name="Upload" value="Upload" /> <input type="submit" name="submit" value="Upload" /> <br /> </form> <br> <?php if (isset($_FILES['Upload'])) { $file = file_get_contents($_FILES['Upload']['tmp_name']); $submit = $_POST['submit']; if($file == "") echo ""; else { if($submit == "Upload") { if (preg_match('~"([^"]+)"~', $file, $match)) { //The first string gets echo'd here echo "<textarea>$match[1]</textarea>"; if (preg_match('/="([^"]+)"/Umis', $file, $match)) { //Second strings get echo'd here echo "<textarea>$match2[1]</textarea>"; } } } } } ?>

Thanks but that just echos: Array ( )

I've got some code like: $_F=__FILE__;$_X="STRING1";$_D=strrev('edoced_46esab');eval($_D("STRING2")); Note: The code always is the same, except its not allways like the above, sometimes it may contain other phpcode surrounding the above line. How would i grab and echo the two strings using regex?. Im only looking to get the 2 strings, the strings are base64 (letters [some with caps and some not], numbers and plus signs) I'm new to regex and I've come up with: if (preg_match('/="[^"]+"/Umis', $string1)) { echo $string1[1] if (preg_match('/="([^"]+)"/Umis', $string2)) { echo $string2[1] But still no luck :-\

Sweet! I got +50 gigs on my already infinite plan! They mean "unmetered", their is a limit of usage but its not revealed, its just sale talk.

Solved i did strip_tags

Im using curl to fetch the offending code, so i have no power over that, i think the reason why it shows # between every line is because the code is meant to be contained in a code box with numbering (like on the main phpfreaks tutorial site) an since im using curl the style and formatting has disappeared which has caused their to be #.

I've got some code, and when its echo'd it looks fine, but when i copy and paste it into notepad i get # after each line. Is their a way i can remove it?, I tried str replace but it effects other parts of the code, maybe regex? # { #<<< See that? ( _SITE_TITLE, "Maintenance mode is active!" ); # } # } # if ( _CRONJOBS == "NO" && trim( $_GET['browser'] ) != 1 ) # { # $main->cronjobs( ); # } # foreach ( $loadedPlugins as $plugin ) # { # $$plugin->main( ); # } # ?> #

Kornichiwa, Have you tried? htmlspecialchars

Ok thanks. How would I only allow certain file types/extensions to be uploaded, and if its not one of the file extensions defined their'd be an error? <form method="post" action="<?php echo $PHP_SELF; ?>" enctype="multipart/form-data"> <input type="file" name="Upload" value="Upload" /> <input type="submit" name="submit" value="Upload" /> <br /> </form> <?php if (isset($_FILES['Upload'])) { $file = file_get_contents($_FILES['Upload']['tmp_name']); $submit = $_POST['submit']; if($file == "") echo ""; else { if($submit == "Upload") { echo "<textarea style=\"width:100%; height:300px;\">$file</textarea>\n"; } } } ?>

So for example: how would i apply the above on: <form method="post" action="<?php echo $PHP_SELF; ?>" enctype="multipart/form-data"> <input type="file" name="Upload" value="Upload" /> <input type="submit" name="submit" value="Upload" /> <br /> </form> <?php if (isset($_FILES['Upload'])) { $file = file_get_contents($_FILES['Upload']['tmp_name']); $submit = $_POST['submit']; if($file == "") echo ""; else { if($submit == "Upload") { echo "<textarea style=\"width:100%; height:300px;\">$file</textarea>\n"; } } } ?>

Im using _POST on forms nearly on every page of my site, and my index page keeps being removed. This has never happend before, I've only experienced this today. When I replace the index with a file, after ten minutes or so its disapeared and my whole directory or so is viewable. Like someone is hacking me?! Can someone reply with an example of how to secure forms/scripts which _POST. Im not sure if its to do with _POST, but I was recomend quite a while ago to improve the security on another forum. Below is the base to nearly every page of my site is: (its a web tool site) <form method="post" action="<?php echo $PHP_SELF; ?>" enctype="multipart/form-data"> <input type="file" name="Upload" value="Upload" /> <input type="submit" name="submit" value="Upload" /> <br /> </form> <?php if (isset($_FILES['Upload'])) { $file = file_get_contents($_FILES['Upload']['tmp_name']); $submit = $_POST['submit']; if($file == "") echo ""; else { if($submit == "Upload") { echo "<textarea style=\"width:100%; height:300px;\">$file</textarea>\n"; } } } ?>

preg_match

If you want to run your site off a webhost, then try www.byethost.com, which is free (mysql/php hosting). If you want to run off your computer you'll need mysql and php installed on it, (wamp or xamp?), and then you can bind your computers Ip with a domain, using a dns service like = no-ip.com

If the obfuscation is formatted, it can be easily read, theirfore more easyier to deobfuscate <?php // Output = HELLO WORLD! function __e($_) { echo $_; } function __($_) { __e(chr($_)); } function _a() { $__ = func_get_args(); foreach ($__ as $k => $v) $a[$k] = $v; return $a; } foreach (_a(7, 4, + 11, 11, 14, -33, 22, 14, 17, 11, 3, -32) as $k => $v) { __(65 + $v); } ?>