ChemicalBliss

Correct . Check your form html. Make sure your form tag has the method attribute set to post. Eg. <form method="post"> Hope this helps

That is good to know . No offense intended. Sanitization is a term used in many fields of programming and even boyond, whereas escaping is specific term used for specific sanitization of certain specific programming languages . hope this helps

mysql_fetch_assoc doesnt take a string (the actual query), it takes a "Result Resource Identifier", which is returned by using a mysql_query() call or similar function. Also, I don't know why your enclosing the query in brackets but, they are in the wrong place for a start lol you don't need them . $myQuery = mysql_query("SELECT * FROM productfeed WHERE 1 . if(isset($description)) ' AND if description = '. $description; if(isset($price)) ' AND if price = '. $price; . "); hope this helps

Just for clarity: Validating user input is done usually using a PCRE regular expression to check that the characters/bits of input are the same - and in the same format - as what you expect/what. Example: preg_match("#\^[a-z0-9_-]{6,16}#i", $userinput_username); - This would return FALSE if any other character is used in the username apart from: "abcdefghijklmnopqrstuvwxyz-_0123456789" Sanitizing User Input for Mysql (mentioned as escaping the user input above) is preventing mysql injection (I would google that). $username = mysql_real_escape_string($_POST['uname']); Hashing of a password is most commonly done by using md5($password); - The result is what you store in the database, everytime you check or update this password, the new password/password to be checked with needs to be hashed too. Though md5() is actually insecure as there are hash-tables out there that can very quickly get any password. This makes your user's password (which is very commonly used for most of their accounts etc and a lot of people have the same name for different accounts/sites etc) more secure, so if someone has gained access to your database (you must assume full access to everything the mysql user/pass used in your scipts has) then at least the usernames passwords are not compromised. Your If Statements, When something generally doesnt work the way you expect, you need to find the reason or bug in your code. For small, simple projects this can be done with simple echo/exit/print_r statements. for ex; $numofrows = mysql_num_rows($results); if ($numofrows == 0) { exit("Do Password Change... Rows: ".$numofrows); if ($npass == $cnpass) { Same applies to the query you never run, although these errors are just inexperience imo, things you forget or don't notice, just try to follow your code through in your head to make sure it makes sense to you in a logical way. Redirect/infinite loop problems can be traced by following the code in your head with a set of "default values" to use, like a username/password etc. eventually you will spot the loop, debugging is essential . hope this helps

You could also create a "whitelist" of characters that should be used in the CSS (a-z, 0-9, ; : - brackets etc...) and then a blacklist for dissallowed words like javascript: etc, but this would be difficult to know for sure that it is 100% safe against CSS java hacks. Also, going over 300 CSS files will be a pain . hope this helps

I go to your site and create a sub-domain. I create a CSS file with hacks attached to it. Now, if Joe Public comes over and views this XSS stylesheet they are vulnerable to attacks from that sub-domain, eg, I could write some java code that implements a secuirty vulnerability in an older browser that could potentially upload a virus or worse to "joe public". Your website *might* be ok, depending on how each browser (and old ones of course) controls cookie-domains, some will only allow the current domain/sub domain access to cookies it recieves from it, some i bet are a little more leniant by letting a sub-domain set a cookie for the whole domain, or let a sub-domain view cookies from a whole domain. either way, I think you see my point . I would highly encourage a set of "pre-defined" css layouts that can be "modified", like changing colors, etc. So basically you would have CSS "template" layouts, with a default/generic color/image scheme. The user would choose one. Then the user could go to a CSS Edit page, and select colors for certain parts of the CSS, and put images in etc. This way you could santize all the input properly, and prevent any "hacking" in the CSS as the user only has access to field "values" and it should be sanitized. hope this helps

What category links? Seems fine to me on the site, just the drop-downs aren't created and i cannot see any "category links". Im guessing it's to do with your CSS though if by "active state" you mean "Style for an 'Active' link".

$_SESSION['fpass'] needs to be set on the Disclaimer page. Or use a different session var - $_SESSION['viewed_disclaimer']; Also, I would get people to register, and save their details on a database, then save the value in the database that they viewed the disclaimer (which would be required to register). hope this helps

It looks ok, albeit lacking a little code consistency and standards but it should work really, try this, though; mail($to_supplier, $subject_supplier, $message_supplier, $headers_supplier); mail($email_to, $email_subject, $email_message, $headers); Header('location: $url_success'); exit(); Also, you may want to echo all the variables your using in each mail() functuion to make sure they are not wrong, eg. exit(" -SUPPLIER- $to_supplier $subject_supplier $message_supplier $headers_supplier -EXTRA- $email_to $email_subject $email_message $headers "); hope this helps

MySpace was hacked using a method of niserting javascript into a style tag on a profile page. This is basically what a CSS file is. And mainly internet explorer clients will have the vulnerability (of course..). Also, some websites apparently Parse .css files like .php (so you acn write php code inside the CSS file itself). http://ha.ckers.org/xss.html A good reference to know what types of attacks people can use. Should get some ideas on how to defend against such attacks. But I would highly discourage any completely user-written CSS files unless you have better html security and control than myspace did when it got hacked . The only other thing would be to to never let the SCS files be loaded by a browser and only included and displayed in plain text (like a user-repository of CSS files) - and/or - only let the user that created the CSS file actually use it - then they could only hack themselves . Basically, unless you do some serious research into this matter i would advise against it, especially if it's not an especially needed/wanted feature . Good luck though, hope this helps

Basically the problem is here: if (req) { req.onreadystatechange = function() { if (req.readyState == 4) { // only if "OK" if (req.status == 200) { document.getElementById('userDataEdit').innerHTML=req.responseText; document.getElementById('userDataEdit').style.display = 'inline'; document.getElementById('userDataList').style.display = 'none'; } else { alert("There was a problem while using XMLHTTP:\n" + req.statusText); } } }; req.open("GET", strURL, true); req.send(null); } Either as mjdamato stated a caching problem (you can fix with a no-cache/pragma header - google if you want), or a known IE DOM innerHTML editing bug (possibly also related to some sort of caching the DOM, just a guess). You should, as mjdamato stated, find the cause of the issue -> Debug! Debugging code is real simple and it looks like you know how to already since you have commented an alert() to check the url you were fetching data from. This time though, check the result of the xmlhttp request. If the result is the same as the data that was on the page then you have a problem with IE' caching as mjdamato stated. On the other hand If the results are as predicted (you should use no-cache headers anyway just to be safe), and it is just not updating the div properly, then something like this should do the trick: if (req.status == 200) { var newdiv = document.createElement("div"); newdiv.innerHTML = req.responseText; var userDataEditDiv = document.getElementById('userDataEdit'); userDataEditDiv.appendChild(newdiv); document.getElementById('userDataEdit').style.display = 'inline'; document.getElementById('userDataList').style.display = 'none'; } else { alert("There was a problem while using XMLHTTP:\n" + req.statusText); } hope this helps

Try this and see what it says: <?php session_start(); include("inc/session.inc.php"); include("inc/conf2.inc.php"); print_r($_POST); echo("\n\n<br />"); foreach($_POST['checkbox'] as $value){ $sql_query = "DELETE FROM messages WHERE ID = '$value'"; $sql_result = mysql_query($sql_query); } ?> use "view page source" and copy/paste the results, maybe you will find the answer yourself

Aside from being a Javascript question, specifically, a Javascript DOM Modification Compatibility Issue - Quite a common problem, I would check here for some good info and a quick-fix solution: http://domscripting.com/blog/display/99 To re-iterate... Instead of just editing the DOM like this: var container = document.getElementById("container"); container.innerHTML = xhr.responseText; You would first create a new element and edit the inner HTML of that, then insert this next to an element: var newdiv = document.createElement("div"); newdiv.innerHTML = xhr.responseText; var container = document.getElementById("container"); container.appendChild(newdiv); hope this helps

Sounds quite interesting. I guess either way I will have better results if I wait . Thanks

Ok upon further investigation i cannot find a way to do this. (well, one idea but could be a major task). a) You cannot set a cookie using another domain (you cant make cookies for other domains to use, cookies are tied to the domain they were made from). b) You cannot spoof a domain/ip address (at least, via php setcookie). c) You cannot pass PHPSESSID via a URL to another website, there are several reasons for this but it is all about security, eg, http_referer checks etc. This is how far I got before I gave up... curl.php <?php session_start(); $custom_headers = array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0. Gecko/20061025 Firefox/1.5.0.8"); $url="http://local/phpf/curl_remote.php"; $remote_domain = "local"; // No HTTP, no Slash / $cookie_time = 30; // 60*60*24*30; $cURL_post = "username=demo&password=demo"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $cURL_post); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, $custom_headers); curl_setopt($ch, CURLOPT_MAXREDIRS, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_HEADER, 1); $result = curl_exec($ch); curl_close ($ch); if($result === FALSE){ exit("cURL Fail."); } // get headers preg_match("/(.*)<!--RESPONSE_BODY-->/si",$result,$matches); if(count($matches) <= 0){ exit("Cannot Find a Match in Response for Header"); } $header_block = $matches[0]; $theaders = preg_split("/\n/",$header_block); array_pop($theaders); // get rid of the two empty lines/not headers array_pop($theaders); if($theaders <= 0){ exit("No Headers from cURL Response."); } // put the header content into an easily accessible array $headers = array(); $cookies = array(); for($i=0;$i<count($theaders);$i++){ // Get rid of first one as it doesnt have a key-value pair if($i == 0 && strpos($theaders[$i],":") === FALSE){ $headers['Protocol'] = $theaders[$i]; continue; } // move cookies to a different array $key_val = preg_split("/\:/", $theaders[$i], 2); if(count($key_val) <= 1){ exit("Malformed Header Encountered. No Value or Key."); } if($key_val[0] == "Set-Cookie"){ $cookie_params = explode(";", $key_val[1]); if(count($cookie_params) <= 1){ exit("Malformed Cookie Data in Header. Not Enough Parameters."); } $cookie_key_val = explode("=", $cookie_params[0]); if(count($cookie_key_val) <= 1){ exit("Malformed Cookie Parameters in Header. Missing Key or Value."); } $cookies[trim($cookie_key_val[0])] = trim($cookie_key_val[1]); continue; } $headers[$key_val[0]] = $key_val[1]; } // Get Body $body = str_replace($header_block, "", $result); if($body === $result){ exit("Could Not Remove Header From Response. Unknown Error."); } $redirect_url = $url.'?PHPSESSID='.$cookies['PHPSESSID']; // Print some debug information: $debug = "<!--// cURL Target: ".$url." cURL Post Data: ".$cURL_post." cURL Custom Header String: ".implode("\n\t\t",$custom_headers)." cURL Header Response: ".str_replace("<!--RESPONSE_BODY-->",NULL,$header_block)." cURL Cookie Values: ".implode("\n\t\t", $cookies)." Header Redirect URL: ".$redirect_url." //-->"; $fp = fopen("debug.txt", "a+"); fwrite($fp, $debug); fclose($fp); Header('location: '.$redirect_url); echo($debug."\n\n Check Source Code (rightclick->view source), also check 'debug.txt', it will hold the debug info so you can view it after the header redirect."); ?> NOTE: The only other solution would be to make a sort of "cURL Browser", so that you would basically browse the remote website via cURL requests (never actually going to that site, only the PHP server will request stuff for you). This way you can make cookies persist and hopefully, subsequent cURL requests via a planted cookie in the request should let you hold your session . hope this helps :S

Do you know what this error means? if not, go to the topic list for this forum (click "PHP Coding Help" above). Look for the sticky "HEADER ERRORS - READ HERE BEFORE POSTING THEM". You should see why you are getting this error . hope this helps

No don't get me wrong I'm not offended in any way . Though I disagree with only thinking about the majority of users. Every user is important and yes, in some situations the majority and minority will have incompatible views. But in this case, these are problems that could only benefit all parties, an extra feature (POST available on error page), the Tab->Enter scenario i see could be just me not learning from my mistakes as i have done it a few times now, and also the edit time I will take your word and hold my hands up as It's a fairly obviously vigerously tested variable. But may I ask, what do you think would need to happen to make such changes? repeated topics about this subject (not supposed to be)? Heavily discussed topic (could be crap idea but fun to think about lol)? Honestly just wondering Thanks

$this->_controller = new $controller; Would imo be $this->_controller = new $controller($this->_route); Because in PHP, objects are by default, passed by reference, any object manipulation from a sub class will reflect the class that was passed from, and that goes bettween sub-classes also. So all your classes and subclasses can technically "juggle" the same class, in this case: _route. In your Controller object your constructor would be similar to: <?php class Sometest_Controller { private $_route; public function __construct(Router $_route_object){ $this->_route = $_route_object; // ... } } hope this helps

That was explained.. unfortunately.. in the lost post. here is an example of using the function: <?php include("myqsl.func.php"); // make username for testing purposes $username = "someuser"; // with a user logged in $result = get_avatar_array($mysql_conn, $username); // $mysql_conn is created when we include the mysql file // without $result = get_avatar_array($mysql_conn); // using session $result = get_avatar_array($mysql_conn, $_SESSION['username']); // debug the result to a human-readable format print_r($result); ?> hope this helps

No offense but how did you manage to code your original post without knowing the most basic operation in PHP (setting variables). $cookies['PHPSESSID']; also, header errors? problem or? you gave no information on that subject.

I appreciate your response and i can see why phpfreaks doesn't hack the smf code. But they have hacked it, and they seem to keep up fine . This hack would be so simple (a simple javascript addition that would giev you an option to view the POST data in a new window for ex.) that i highly doubt any updates would break it. Anyway, I'm certain SMF have bigger issues to contend with but nonetheless i will attempt to voice my concerns over there. Though imo it's quite unique to coding forums, so a small percentage of their community base. Also, - My intention was never to bitch about anything The edit time is extremely short, though, i would reccommend approx 20minutes - this would do the same as it is doing now by stopping people from removing irrelevant posts, but will allow someone a decent amouint of time to correct smoe cod they posted that doesn't work. Also, my responses are quick usually and I don't feel you should have to "watch your back" with these forums (replying in a text-editor for ex.)

This is so annoying that tbh, I won't be posting near as much as i could until soemthing is done as it really ticks me off when you spent 20 minutes+ on a reply and POOF it's gone. Problems: 1. When creating a post/reply/topic w/e, if you press tab, and then press enter, you will submit the post. This is very common for me when coding to try a tab and then enter for a newline. unfortunately it means i post an incomplete and confusing post. 2. When editing the post/creating the post/topic, if you submit and for some reason it wont let you (either the really short time limit for editing or some other permissions error), you cannot go back to retrieve your post. It's gone. 3. Really short editing time is pointless unless you spot your mistake within 5 minutes. These are really annoying problems and if it happens to people they may leave and never come back - over being that frustrated that they lost 20min-1 hour writing a reply that just vanished. Solution: 1. create a fake tab button, add a form element so that a tab wil take you other than the submit button, or prevent the submit button from being "focused" via a tab. 2. Hack smf so that the form data is either retrievable via a link (very..very..very simple), or is still thjere on the previous page (quite difficult). 3. Up the editing time. Thanks for reading. (this is a little bit of a rant but my points are valid).

Ok so i did write an ellaborate description of this but im really p***** off because of the rediculously short edit time period and the fact that returning to the previous page loses your form data so i cant get it back im not writing it again here is the code i hope you get it from this alone. <?php $mysql_conn = mysql_connect("host","user","pass"); mysql_select_db("database"); // returns an array of avatars and usernames. $c_user is "current user", so that it wont giev your own avatar. // $mysql_c is the connection handler held in $mysql_conn function get_avatar_array($mysql_c, $c_user=null){ $query = "SELECT `avatar_url`,`username` FROM `user_table`"; if($c_user != null){ $query .= " WHERE `username`='".mysql_real_escape_string($c_user,$mysql_c)."'"; } $result = mysql_query($query, $mysql_c); // make array to return $r_array = array(); while($row = mysql_fetch_assoc($result)){ $r_array[$row['username']] = $row['avatar_url']; } // return result return $r_array; } ?> hope this helps

Here's an example mysql.func.php : one moment...

Seemed intrigueing, here; curl.php <?php session_start(); $headers = array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0. Gecko/20061025 Firefox/1.5.0.8"); $url="http://localhost/curl_remote.php"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "username=demo&password=demo"); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); // curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_MAXREDIRS, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_HEADER, 1); $result = curl_exec($ch); curl_close ($ch); // get headers preg_match("/(.*)<!--RESPONSE_BODY-->/si",$result,$matches); $header_block = $matches[0]; $theaders = preg_split("/\n/",$header_block); array_pop($theaders); // get rid of the two empty lines/not headers array_pop($theaders); // put the header content into an easily accessible array $headers = array(); $cookies = array(); for($i=0;$i<count($theaders);$i++){ // Get rid of first one as it doesnt have a key-value pair if($i == 0 && strpos($theaders[$i],":") === FALSE){ echo("\n<br>count1!"); $headers['Protocol'] = $theaders[$i]; continue; } // move cookies to a different array $key_val = preg_split("/\:/", $theaders[$i], 2); if($key_val[0] == "Set-Cookie"){ $cookie_params = explode(";", $key_val[1]); $cookie_key_val = explode("=", $cookie_params[0]); $cookies[trim($cookie_key_val[0])] = trim($cookie_key_val[1]); continue; } $headers[$key_val[0]] = $key_val[1]; } // Get Body $body = str_replace($header_block, "", $result); // Get Cookies // Set the cookie session setcookie("PHPSESSID", $cookies['PHPSESSID'], time()+64000); print_r($_COOKIE); print_r($headers); echo "\n\n<BR>"; print_r($cookies); echo "\n\n<BR>"; print_r($body); ?> curl_remote.php <?php session_start(); if(!isset($_SESSION['test'])){ $_SESSION['test'] = date("h:i:s"); } echo("<!--RESPONSE_BODY-->"); echo $_SESSION['test']; ?> hehe hope this helps. (seemed to work for me)