WeirdMystery

With the curl_setopt to just get the headers. Thanks man, it took way faster and it took less bandwidth. Thanks again.

Hello guys, I am making a page viewer bot. The PHP script will use cURL to visit the site. I've got it working, however, It takes a whole lot of download bandwidth to use it. My question is, when you tell the cURL session to execute and go to the page, is it actually downloading the page server-side? Because I am actually going to make this a public service and I don't want it to waste loads of bandwidth. All I want the script to do is make the site think I've visited the page. <? $url = "examplesite.com"; curl_setopt ($curl, CURLOPT_URL, "$url" ); curl_setopt ($curl, CURLOPT_RETURNTRANSFER, 1 ); $exec = curl_exec ($curl); curl_close ($curl); ?>

This is weird... I host 2 websites on my server. mingpaiusa.com and pyrohawk.com When I go to http://mingpaiusa.com, it loads correctly. However when I go to http://www.mingpaiusa.com it loads pyrohawk.com. Could anybody help me? My 1st site www CNAME record. www CNAME mingpaiusa.com.

Thanks, Restarted the browser, and it worked liked a charm, however I am still unsure of what caused this. I've created other Dynamic sites that dealt with MySQL before. I've never seen an SQL Syntax error on this site before, I've always added the mysql_real_escape_char($input) to input before. Thanks guys.

That is really weird, I just used a proxy on http://pyrohawk.net/board.php?id='\'\'\ and sure enough, it changed the header to the forums.php. Why am I just seeing this? I'm really confused. ATTACHED IS AN IMAGE. [attachment deleted by admin]

"everything worked fine." thats weird... I'm sure that " http://pyrohawk.net/board.php?id='\'\'\ " errors... Dummy User: test Pass: password

Hi guys, this is really confusing . I'm just done with my site's forums. http://www.pyrohawk.net http://.pyrohawk.net On the board.php and thread.php pages, it gets the query string "id", if it isn't there, it changes the Header to the main page "forum.php". However, if there is a query string, it checks if it exists in the database, if it does, then it lists the threads or boards. The number checking function (is_numeric) and the mysql_real_escape_string function all work on the www.pyrohawk.com site but does not work on the http://pyrohawk.com site. When ever I try to sql inject http://pyrohawk.net, it returns MySQL syntax error, however on www.pyrohawk.net, it does what it is supposed to do and changes the Header to the main page. The error returns on : Have a look at my thread.php source code. The part where it checks if it exists is fine. <?php $get_thread_id = mysql_real_escape_string($get_id); if ($_GET['action'] == "delete" && isset($_GET['post'])) { if (isset($_SESSION['moderator']) && $_SESSION['moderator'] == 1) { $post_id = $_GET['post']; $q = mysql_query("SELECT * FROM `posts` WHERE `id` = '$post_id'"); $r = mysql_fetch_assoc($q); $board_id = $r[forum_parent_id]; if ($r[main] == 1) { $q = mysql_query("DELETE FROM threads WHERE `id` = '$get_thread_id'") or die(mysql_error()); $q = mysql_query("DELETE FROM posts WHERE `parent_id` = '$get_thread_id'") or die(mysql_error()); echo "<script type=\"text/javascript\"> window.location = \"board.php?id=$board_id\" </script>"; } else { $q = mysql_query("DELETE FROM posts WHERE `id` = '$post_id'") or die(mysql_error()); echo "<script type=\"text/javascript\"> window.location = \"thread.php?id=$get_thread_id\" </script>"; } } } if ($_GET['action'] == "pin") { if (isset($_SESSION['moderator']) && $_SESSION['moderator'] == 1) { $q = mysql_query("UPDATE `threads` SET `pinned` = '1' WHERE `id` = '$get_thread_id'"); } } if ($_GET['action'] == "unpin") { if (isset($_SESSION['moderator']) && $_SESSION['moderator'] == 1) { $q = mysql_query("UPDATE `threads` SET `pinned` = '0' WHERE `id` = '$get_thread_id'"); } } $q = mysql_query("SELECT * FROM `threads` WHERE `id` = '$get_thread_id'"); $f = mysql_fetch_assoc($q); $title = stripslashes($f[name]); $pin_status = $f[pinned]; echo "<div class=\"box_title\">"; echo $title; echo "</div>"; echo "<div class=\"location\">"; echo "<a href=\"board.php?id=" . $f['parent_id'] . "\">" . board_id_to_name($f['parent_id']) . "</a>" . " > " . $title; echo "</div>"; echo "<a href=\"newreply.php?id=$get_thread_id\">Reply</a>"; $q = mysql_query("SELECT * FROM `posts` WHERE `parent_id` = '$get_thread_id' ORDER BY `main` DESC, `timestamp` ASC"); $counter = 0;; while ($r = mysql_fetch_assoc($q)) { $counter = $counter + 1; echo "<div class=\"post_box\">"; echo " <div class=\"author_wrap\">"; echo curve("down","#E1EBF2"); echo " <div class=\"author\">"; echo id_to_name($r['author_id']); echo " </div>"; echo curve("up","#E1EBF2"); echo " </div>"; echo " <div class=\"content_wrap\">"; echo curve("down","#E1EBF2"); echo " <div class=\"content\">"; echo stripslashes(nl2br(bb($r['body']))); echo " </div>"; echo curve("up","#E1EBF2"); echo " </div>"; echo " <div class=\"bar_wrap\">"; echo curve("down","#E1EBF2"); echo " <div class=\"bar\">"; echo "<a href=\"newreply.php?id=$get_thread_id\">Reply</a>"; if (isset($_SESSION['moderator']) && $_SESSION['moderator'] == 1) { if ($counter == 1) { echo " | <a href=\"" . $_SERVER['REQUEST_URI'] . "&action=delete&post=$r[id]\">Delete</a>"; } if ($pin_status == 0) { echo " | <a href=\"" . $_SERVER['REQUEST_URI'] . "&action=pin\">Pin Thread</a>"; } else { echo " | <a href=\"" . $_SERVER['REQUEST_URI'] . "&action=unpin\">Unpin Thread</a>"; } } $post_id = $r[id]; echo "<div style=\"float:right;\">#$post_id, #$counter</div>"; echo " </div>"; echo " <div style=\"clear:both;\"></div>"; echo curve("up","#E1EBF2"); echo " </div>"; echo "</div>"; echo "<div class=\"post_spacing\"></div>"; } $views_update = mysql_query("UPDATE threads SET views = views + 1 WHERE `id` = '$get_thread_id'"); ?> Everything looks fine to me. I am NOT sure if this is actually an PHP related error or an Apache related error. Since I have two virtual hosts setup that handle (www).pyrohawk.com/.net. Everything works fine on the .com domain but on the .net domain the http://pyrohawk.com does not work. For example: http://pyrohawk.net/board.php?id='\'\'\, returns an MySQL syntax error. Actually, every page on http://pyrohawk.net, none of the MySQL injection functions work. I'm looking foward for a solution to this one. Thanks guys.

I'm mad at my self and thinking I'm a little retarded. It just be some one mistake I'm missing here. I coded my self a forum, when you reply to a topic, the topic's TimeStamp column is supposed to be updated to the current timestamp. However I attempted and failed. I put the timestamp column on "ON UPDATE CURRENT TIMESTAMP", I set the column to NULL but seems to be at the same value. The column isn't null. I don't know if I should or shouldn't do that. I'm a complete newbie at MySql(~1Month). Code: $sql = mysql_query("UPDATE `threads` SET `last_post_user_id` = '$id', `time` = 'NULL'; WHERE `id` = '$forum_id'"); Thanks.

Changed the name to des. Still prints out nothing... Here is the whole code. <?php include "dbconfig.php"; if ($_GET["id"]) { $q = "SELECT * FROM `front_user` " ."WHERE `id`='".$_GET["id"]."' "; $r = mysql_query($q); if ( $obj = @mysql_fetch_object($r) ) { $te = "SELECT `des` FROM `front_user` " ."WHERE `id`='".$_GET["id"]."' "; $le = mysql_query($te); echo $row[des]; } else { echo "Error: ID doesn't exist."; } } ?>

Now nothing echos out, I'm think you got me ont he right track...

Wait there is that slanted ' I never knew that . Can you tell me how to do that? IT may be that after all. Well now nothing echos out...

Hello I'm working on my own site with user pages, right now I'm working on descriptions for each user. $te = "SELECT 'desc' FROM `front_user` " ."WHERE `id`='".$_GET["id"]."' "; $le = mysql_query($te); while ($row = mysql_fetch_assoc($le)) { echo $row["desc"]; That only prints out "desc", I want it to print out the value of "desc". Such a user id as 22 and his description is "hello" I want it to print hello. I don't know what I'm doing wrong...