fortnox007
-
Posts
783 -
Joined
-
Last visited
Never
Posts posted by fortnox007
-
-
Hi all, something is keeping screwing me up and the more i read the more confused i get, since i was thinking i was doing it right.
In a nutshell, if i have a container div, i normal do this:
#container{ width:960px; height:300px; /*since i was told IE interprets this as minimum height */ min-height:300px; /*overright the previous for decent browsers */ }The problem is dispite the fact that i told the div it has a minimum height: i doesnt grow larger when it's contents ar bigger. if i remove the height it does, but of course I would like to have the functionality that a div has a minimun height.
I someone could clear things up for me i would be extremly happy because i really don't get this part. i read the whole day about shrink wraps and other stuff, but it seems my brains gave up.
-
So, should I include something like if name is nothing return error? same for other required fields?
use javascript validation as an extra visual helper, but never trust javascript validation. (it can be turned of)
I quickly scrolled through your code and it seems there is no escaping done in the php script.
here is a nice guide which i also still have to master, but the main rule is trust no one including your own in put in an admin environment. http://phpsec.org/projects/guide/
-
just maybe good try, make a system apart from joomla, ones loged in they can use the database connection joomla uses. that way you don''t have to compensate anything and you can build it just the way you want. and maybe even better for learning, instead of using the here and than confusing joomla stuff
They only need to SELECT customer info from te joomla database right?
-
I heard of sha1. Thought it was more complicated a few yrs ago. Will look into it again.
May I ask how a hacker could generate the correct password if it's already been hashed in an md5 form.
It's a one way route, but some people just encrypted whole dictionaries so when they have a match they know your password. But ones they are in your database in such a manner i assume you are allready facked
I would use sha1() though it's bit longer
I am also still learning and this is also a tricky part for me.
What you might add, is only allow Select, update, Insert rights for the customers. That way I think an extra barrier is placed.
Also nice could be to add a formtoken. a good website (atleast i find that) is : http://phpsec.org/projects/guide/2.html I am not sure if they are updating anything there but it gives a good idea of the technique. In a nutshell a formtoken is a token placed in hidden field and on the execution page the session value is compared with the postvariable of the hiddentoken. So that execute page can only be entered via the normal form.
-
or sell your body.... erm of your already doing that
just joking -
well good to hear you have an alternative in javascript. I am not so familiar with those affiliate programmes. certainly not in that business. maybe try google it's a fairly new search engine that seems to be doing a good job
. I just don't know the name of that programme.And yeah this forum is indeed to help(people that show effort, so in the end we can all help each other, because we learned). anyways good luck!
-
Awww thank you SO much for taking the time to do this, I really really appreciate it.
Just a couple of questions, do I name this php file as monkeys.php for example and do I then have the form link to it ie get action etc?
Also, I would not know what each affiliates 6 digit ID is, so I could not input the id;s into the php file. I currently have hundreds of affiliates. The script is for them to input their ID in the form field, click generate links then all the urls from then on will have their ID in.
Thanks again
@Anti-Moronic: haha, trust me i am better looking
so that clever part didn't trick me into writing something
Sorry i love puzzles but this sentence is just too puzzling. But it can be named anything, but must end with .phpJust a couple of questions, do I name this php file as monkeys.php for example and do I then have the form link to it ie get action etc?What the affiliates stuff, you will need a database for that or textfile (not recommended).
But what i can really recommend is that you post your needs on a freelance form. Taking the fact your not interested in learning anything of this, and this forum is meant to help people that show (minimal) effort. I bet that are lots of people ready to help you. But do realise, in your industry, security is more needed that for a icecreamshop around the corner, so be ready to spend some on that otherwise you end up dancing nude for nothing
-
Okay cool i am going to try and set that up. Hope someone wants to audit it when it's finished
thanks m8 for the advice!
-
I am not sure if this can be done with an automated script really, because the script lacks the understanding of meaning. maybe ask your users to give some keywords in relation to the script.
You could of course explode the whole string and count the stuff, but that would end you up with a lot of crap i think. I think this is something only humans can do.
-
i am prettyy sure you don't mean frequently repeated words. But keywords
otherwise you end-up with words like: " I are is we do etc "
-
Hi all,
I have a small question about which way would be the best to set-up the following. Say i have a Job board and one is allowed to give a few keywords related to the post with for instance a maximum of 5 keywords.
what would be the best way to store these words in a database.
1) should i add an extra column tot the table comments and put in the keywords for instance comma separated and explode() them when needed. ie:
#table comments:| comment_id | comment | title | author| category_id | posted | keywords
2) should I make an extra table with keywords and maybe even an extra table to link keywords to comments?
ie:
#table keywords:| keyword_id | keyword
extra table:
#table keys_per_comment: | kpc_id | keyword_id | comment_id
The first method is easiest for me i think, but I am not sure which one would be fastest or better for scalability reason. if anyone has tips or ideas, or a better way i would love to hear it since i never really worked with these kind of relationships.
ty
-
no problem m8, as long as i an on top of the highscores list hehe
: -
weird stuff maybe add the following line:
<?php $con = mysqli_connect('localhost', 'webuser', 'davidknag', 'games')or die(mysqli_error($con)); if(isset($_GET['id'])){ $query_var = (int)$_GET['id']; // force it to be an integer $query=" SELECT * FROM games WHERE id = '$query_var'"; $result = mysqli_query($con, $query)or die(mysqli_error($con)); while($row = mysqli_fetch_array($result)) { //this output should be filtered in a real world $string1= '<td><h2 class="blye2"><i>'.$row['title'].'</i></h2><br />'; $string2= 'dd'.$row['swfname'].'<br />'; $string3= 'Description: '.$row['description'].'<br/>'; $string4= 'How To: '.$row['howto'].'</h3>'; $mysupertitle = $row['title'];// <----------------------------------------------I added this line } } ?>and than in between <title></title>
place
<?php echo $mysupertitle; ?>
make sure the first part is in the head or ontop of your page since it read from top to bottom.
-
yes i can error reporting:
like this:
$con = mysqli_connect('host','user','pass','database') or die(mysqli_error($con));//gives error when your connection is not right. $query ="SELECT * FROM your_table WHERE id = 4 LIMIT 1";//just some bogus query $result = mysqli_query($con, $query)or die(mysqli_error($con));//so it gives an error if you query sucks -
its working now right, because i can see it.
-
nice
lol, good luck matenice looking site btw, (despite the interesting use of tables
) -
lol place echo infront of it! (read some about php btw lols)
<title><?php echo $row['title'];?></title>
-
are you sure
: i just saw a fancy looking site with all the stuff needed except for howto, but you didnt fill that in in the database -
this should work (i removed tables just to make sure they aren't faking up)
<?php $con = mysqli_connect('atomicpool.com', 'webuser', 'davidknag', 'games')or die(mysqli_error($con)); if(isset($_GET['id'])){ $query_var = (int)$_GET['id']; // force it to be an integer $query=" SELECT FROM games WHERE id = '$query_var'"; $result = mysqli_query($con, $query)or die(mysqli_error($con)); while($row = mysqli_fetch_array($result)) { //this output should be filtered in a real world $string1= '<h2>TITLE: '.$row['title'].'</h2><br />'; $string2= 'some flash object here with the right variable'.$row['swfname'].'<br />'; $string3= '<h3>How To: '.$row['howto'].'</h3>'; } } ?> <html> <head> <title><?php $row['title'];?> - AtomicPool.com</title> <link rel="icon" type="image/png" href="icon.png"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251"> <link href="style.css" rel="stylesheet" type="text/css"> <style type="text/css"> <!-- .style1 {color: #FF0000} --> </style> </head> <body bgcolor="#FFFFFF" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <?php echo $string1.$string2.$string3; ?> </body> </html>-edit: so $sql is now $query and $dbc is now $con I also added some error reporting stuff.
-
change $sql in to $query,
than your ready
-
no no no, you need to echo those strings between the body tag.
try to do some error reporting, I can't do anything with , "not working"
$con = mysqli_connect('atomicpool.com', 'webuser', 'davidknag', 'games') or die(mysqli_error($con));oh hehe i think i found it:
$sql=" SELECT FROM games WHERE id = '$query_var'";
make it
$query=" SELECT FROM games WHERE id = '$query_var'";
-
lol ok, but did you even look at my example, it should pretty much work, and i placed some parts in the <head> to give <title> a dynamic value.
Are you sure your credentials are correct, and the names used in the query? do they match the table column's
-edit seems your columns match
-edit I supose you typed in an id like this http://yourdomain.com?id=1
otherwise nothing will pop up since it wont enter the first part of the if clause.. and maybe also put something in the how to.
also for now i would leave out the table crap, to isolate the problem instead of bringing in more stuff to cause an error.
-
you mean importing
and look at my edit2......
you still have:
$result = mysqli_query($dbc, $query);
instead of
$result = mysqli_query($con, $query);
-
your using the old mysql_connect use mysqli_connect
<?php $con = mysqli_connect('host', 'user', 'password', 'database'); if(isset($_GET['id'])){ $query_var = (int)$_GET['id']; // force it to be an integer $sql=" SELECT FROM games WHERE id = '$query_var'"; $result = mysqli_query($con, $query); while($row = mysqli_fetch_array($result)) { //this output should be filtered in a real world $string1= '<h2>TITLE: '.$row['title'].'</h2><br />'; $string2= 'some flash object here with the right variable'.$row['swfname'].'<br />'; $string3= '<h3>How To: '.$row['howto'].'</h3>'; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="nl" lang="nl" > <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title><?php $row['title'];?></title> </head> <body> <?php echo $string1.$string2.$string3; ?> </body> </html>-edit this can be done cleaner, but it works i guess
-edit2: i changed var $dbc into $con
Could someone clear up min-height in combi with a div for me?
in CSS Help
Posted
hmm i think i noticed somthing weird.
in case i have a container div with 2 child divs floated in it the following seems to work:
#container{ width:960px; overflow:auto; } #childleft{ width: 500px; height:300px; min-height:300px; float:left; } #childright{ width: 460px; height:300px; min-height:300px; float:left; }I have absolutely no idea why this works, and if someone does know please tell, its easier to remember ones understood