Jump to content

newbtophp

Members
  • Posts

    631
  • Joined

  • Last visited

Posts posted by newbtophp

  1. I thought it was decide by the os I never thought of checking to see what the browser was sending thanks. Let me try it with the new info. :confused:

     

    How was it done on here does anybody know. this would be something like I am looking for.

     

    Allowed file types: zip,bz,gz,tar.

    Dont validate by mime instead validate by extracting the extension from $_FILES['file']['name']

  2. $file['downloads'] / 1000;

     

    if($file['file_size'] >= 5242880 && $file['downloads'] >= 1000){
    $earnings = $file['downloads'] / 1000;
    mysql_query("UPDATE uploads SET earnings = earnings+".$earnings." WHERE file_id = '".$file['file_id']."'");
    }

  3. @CV

     

    Im validating them before they are called to the function using (intval() or the int typecast along with a mysql_num_rows() to check it exists), and its only me who has the permissions to access the functions etc. - so its all prety safe. :)

     

    and @Daniel

     

    Cheers for the workaround.

  4. I've read in several tutorials, that globals within functions are considered 'dirty' im using them within my code, and was wondering if it could be improved in a more effective way?

     

    My code:

    <?php
    function rank($user_id){
    global $rank, $level;
    $ptssql = mysql_query("SELECT * FROM site_users WHERE user_id = '$user_id'");
    $ptsrow = mysql_fetch_array($ptssql);
    
    $points = $ptsrow['points'];
    if ($points <= 99){
    $rank = "Jr Member";
    $level = 0;
    }
    elseif ($points >= 100 && $points <= 299){
    $rank = "Member";
    $level = 1;
    }
    }
    
    //usage
    rank(47);
    
    ?>
    Your Rank: <?php echo $rank; ?>
    

     

    All help appreciated

  5. I was wondering how would i prevent excess login attempts for e.g. like if failed login attempts are = to X amount of times then echo an error and make the person wait X minutes.

     

    Im not looking for something advanced, something basic would do (atleast in this moment in time), was thinking perhaps sessions or cookies?

     

    I already have the following code, which seems to work but only allows the login form to be submitted once, trying to modify it to fit my needs, any help is appreciated.

     

    <?php
    
    function prevent_multi_submit($type = "post", $excl = "validator") {
        $string = "";
        foreach ($_POST as $key => $val) {
            // this test is to exclude a single variable, f.e. a captcha value
            if ($key != $excl) {
                $string .= $val;
            }
        }
        if (isset($_SESSION['last'])) {
            if ($_SESSION['last'] === md5($string)) {
                return false;
            } else {
                $_SESSION['last'] = md5($string);
                return true;
            }
        } else {
            $_SESSION['last'] = md5($string);
            return true;
        }
    }
    
    if (isset($_POST)) {
        if ($_POST['field'] != "" && strlen < 25) { // place here the form validation and other controls
            if (prevent_multi_submit()) { // use the function before you call the database
                mysql_query("INSERT INTO tabel..."); // or send a mail like...
                mail($mailto, $sub, $body);
            } else {
                echo "The form is already processed";
            }
        } else {
            // your error about invalid fields
        }
    }
    ?>

  6. Using ChemicalBliss's code you can do the following:

    <?php
    
    function callback($url){
    $url = $url[1];
    if (substr($url,-5) == (".jpeg") || substr($url,-4) == ".jpg" || substr($url,-4) == ".gif" || substr($url,-4) == ".png"){
    return '<img src="'.$url.'" />';
    } else return $url;
    }
    
    
    $content = "blah blah blah http://sometest.web.com/folder%4d/test-image.png";
    $content = preg_replace_callback("/(http:\/\/([^\/]+)[^\s]*)/", "callback", $content);
    
    echo $content;
    ?>

  7. Is their a more effective way of doing this?, as something is telling me it may cause load issues in the future (as the db gets larger?). What im trying to do is extract all the unique user_level's from the db so they return an array. (im current querying the entire db and then extracting all the user_level's and doing the unique php side, as im sure on how to do that all in 1 query?)

     

    My code:

     

    <?php
    $user_group_levels = array();
    $user_group_result = mysql_query("SELECT * FROM site_users");
    while($user_group_data = mysql_fetch_array($user_group_result)){
    $user_group_levels[] = $user_group_data['user_level'];
    }
    
    $user_group_levels = array_unique($user_group_levels);
    
    foreach($user_group_levels as $user_group){
    
    ?>
    [<span class="<?php echo $user_group; ?>"><?php echo ucfirst($user_group); ?></span>]
    
    <?php
    }
    ?>

  8. I have the following code, which arranges an array of numbers in numerical order, and outputs another array.

     

    How do i turn for every 10 $i's $i = 1, so say if $i = 20, $i would be 2, if $i was 6 $i would be 1, if $i was 30, $i would be 3, if $i was 1 it would remain 1....

     

    <?php
    $ids = array('90', '96');
    //sort them in numerical order...
    sort($ids, SORT_NUMERIC);
    
    $i = 0;
    $x = 0;
    $New = array();
    foreach($ids as $v)
    {
    $i++;
    $x++;
    if($i < 10){
    $i = 1; 
    }
    $New[$v] = "&pg=$i#$x";
    }
    ?>

     

    Sorry for bad description, sort of lost myself on how to describe it lol

  9. Heres what I've come up with, but the line numbers are not correct (they are not the correct ones for the opening tags):

     

    <?php
      function close_tags($text)
      {
          $patt_open = "%((?<!</)(?<=<)[\s]*[^/!>\s]+(?=>|[\s]+[^>]*[^/]>)(?!/>))%";
          $patt_close = "%((?<=</)([^>]+)(?=>))%";
          if (preg_match_all($patt_open, $text, $matches)) {
              $m_open = $matches[1];
              
              $m_lines = array();
              $i = 0;
              $data = str_replace(array("\r\n", "\r"), "\n", $text);
              $data = explode("\n", $text);
              foreach ($m_open as $m_tag)
                  for ($line = 0; $line < count($data); $line++) {
                      if (strpos($data[$line], $m_tag) !== false) {
                          $i++;
                          $m_lines[$i] = $line;
                      }
                  }
              
              if (!empty($m_open)) {
                  preg_match_all($patt_close, $text, $matches2);
                  $m_close = $matches2[1];
                  if (count($m_open) > count($m_close)) {
                      $m_lines = array_slice($m_lines, 0, count($m_open));
                      $m_lines = array_reverse($m_lines);
                      $m_open = array_reverse($m_open);
                      
                      foreach ($m_close as $tag)
                          $c_tags[$tag]++;
                      $c = array_combine($m_lines, $m_open);
                      foreach ($c as $line => $ctag) {
                          if ($c_tags[$tag]-- <= 0) {
                              $text .= "\n</{$ctag}>(Line {$line})";
                          }
                      }
                  }
              }
          }
          $text = preg_replace('~</(img|\?php|input|br)>\(Line ([0-9]+)\)~', '', $text);
          return $text;
      }
    ?>

     

    Any help?

  10. Off the top of my head I can't think of anything...although I have a questions.  Why do you need to close the tags?  Would it not just be easier to make sure they are closed when you are coding?  Or is this intended as some sort of validator?

     

    Its some sort of validator and I'd need the line nums for debugging  :P (I got some code which consists of php code and html - not my code im just helping to debug, but the html does'nt pass w3 validation, looking at it; some of the tags are not closed, but I can't manually flick through the code to see which arn't closed as the html is nested and would confuse me).

     

    So that function works perfect, but I'd require the line nums so i can then manually check where the tags are opened and hopefully correct them by placing the closed tag in the correct place.

     

    I've looked at file() function, which gives line nums, but not sure how to integrate it.

  11. Hi,

     

    I'm got a function from a user note on php.net, which adds the closing html tags to the end of a html string if that tags has'nt been closed, however I'd like for it to display the line number of the original tag (which has'nt been closed), next to the closed tag.

     

    Heres the function:

     

    <?php
    function close_tags($text) {
        $patt_open    = "%((?<!</)(?<=<)[\s]*[^/!>\s]+(?=>|[\s]+[^>]*[^/]>)(?!/>))%";
        $patt_close    = "%((?<=</)([^>]+)(?=>))%";
        if (preg_match_all($patt_open,$text,$matches))
        {
            $m_open = $matches[1];
            if(!empty($m_open))
            {
                preg_match_all($patt_close,$text,$matches2);
                $m_close = $matches2[1];
                if (count($m_open) > count($m_close))
                {
                    $m_open = array_reverse($m_open);
                    foreach ($m_close as $tag) $c_tags[$tag]++;
                    foreach ($m_open as $k => $tag)    if ($c_tags[$tag]--<=0) 
                    if($tag != "?php" && $tag != "br"  && $tag != "img"){
                    $text.='</'.$tag.'>';
                    }
                }
            }
        }
        return $text;
    }
    
    $html = '<body>
    hey....<tr>';
    highlight_string(close_tags($html));
    
    ?>

     

    Which would output:

     

    <body>
    hey....<tr></tr></body>

     

    However I'd like it to output (the line number of the opening tag next to the closing tag):

     

    <body>
    hey....<tr></tr>(line 2)</body>(line 1)

     

    All help greatly appreciated.

  12. include 'header.php';
    
    if(isset($_GET['s'])) {
    $s = $_GET['s'];
    } else if(isset($_POST['s'])) {
    $s = $_POST['s'];
    } else {
    $s = 'naslovnica';
    }
    
    include $s.'.php';
    
    include 'footer.php';

     

    that's index.php simplified. other stuff (css and html) i deleted to be clear...

     

    Lookinto remote file inclusion, your code is vulnerabile

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.