anups

Hi I need to test for XSS attack and aim is to break my own site. I am using strip_tags to strip all the HTML and tags. Is there any way for successful XSS attack even if strip_tags is used.

try this $vowels = array("a", "e", "i", "o", "u", "A", "E", "I", "O", "U"); $onlyconsonants = str_replace($vowels, "", "Hello World of PHP"); echo $onlyconsonants ;

u can use filter_var function for validation $valid_email = filter_var('[email protected]', FILTER_VALIDATE_EMAIL); if($valid_email){ echo "valid"; }else{ echo "In valid"; }

hey.. I got a PEAR library to parse the query I thing it may help you http://pear.php.net/package/SQL_Parser Simple Usage require_once ‘SQL/Parser.php’; $parser = new SQL_Parser(); $struct = $parser->parse("SELECT a,b,c FROM Foo"); print_r($struct); SAMPLE OUTPUT Array ( [command] => select [column_tables] => Array ( [0] => [1] => [2] => ) [column_names] => Array ( [0] => a [1] => b [2] => c ) [column_aliases] => Array ( [0] => [1] => [2] => ) [table_names] => Array ( [0] => foo ) [table_aliases] => Array ( [0] => ) [table_join_clause] => Array ( [0] => ) )

u can use php's in-built csv function to read an write files for your example I will suggest u to use this <?php $row = 1; if (($handle = fopen("meeting.survey", "r")) !== FALSE) { while (($data = fgetcsv($handle)) !== FALSE) { $num = count($data); echo "<p> $num fields in line $row: <br /></p>\n"; $row++; for ($c=0; $c < $num; $c++) { echo $data[$c] . "<br />\n"; } } fclose($handle); } ?>

user mysql_tablename :- string mysql_tablename ( resource $result , int $i )

If u are using HTML form something like this this <form method="post" enctype="multipart/form-data"> <input type="file" name="file[]" /><br> <input type="file" name="file[]" /><br> <input type="submit" /> </form> And if you print $_FILES you will get output like Array ( [file] => Array ( [name] => Array ( [0] => ALIM5004.JPG [1] => ALIM5005.JPG ) [type] => Array ( [O] => image/jpeg [1] => image/jpeg ) [tmp_name] => Array ( [0] => D:\xampp\tmp\php7AD4.tmp [1] => D:\xampp\tmp\php7AF4.tmp ) [error] => Array ( [0] => 0 [1] => 0 ) => Array ( [0] => 2750396 [1] => 2786816 ) ) ) so to uload the form u can use $files = $_FILES; if(isset($files['error'])){ for($i=0;$i<count($files['name']);$i++){ if($files['error'][$i] == 0 ){ move_uploaded_file($files['tmp_name'][$i], "$uploads_dir/$name"); } } }

Just give a simple try it may help "use HTML5 standards" <!doctype html> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> </head>

Hi All, Can someone help??

Hi In my comment plugin i can see comment using "facebook", "yahoo", "aol" and "hotmail" is there a way to remove {"yahoo", "aol" and "hotmail"} I tried using "Setting" => "Allow users to post using other login providers." but still its showing the same. [attachment deleted by admin]

I have 3 pages on my website 1. http://xyz.com/user.php 2. http://xyz.com/admin.php 3. http://xyz.com/superadmin.php Now I want to show http authentication using ".htaccess" && ".htpasswd" for "admin.php" & "superadmin.php". I cannot use php code header('WWW-Authenticate: Basic realm="My Realm"'); As per my knowledge http authentication using ".htaccess" files works only on directories not on pages. Please help me in achieving this.

Simply use library written at http://www.phpclasses.org/package/2957-PHP-Generate-RSS-2-0-feeds.html It will simplify your life and save lots of time

wheneveryou get ajax response you can modify it... instead of creating drop down you can create checkbox, hardly matter of 10-15 mins.... OR else in drop down you can set the 2 properties of <select> "multiple" & "Size" so that without checkbox uses can select multiple.

look at http://www.dhtmlgoodies.com/index.html?page=ajax "Chained select boxes" Source Code http://www.dhtmlgoodies.com/index.html?whichScript=ajax_chained_select Demo http://www.dhtmlgoodies.com/scripts/ajax-chained-select/ajax-chained-select.html

You can use .htaccess file basically you'll have to expand on that .. what's happening here is all in the rewrite condition and rule - so to take an example from another blog: RewriteCond %{HTTP_USER_AGENT} “Windows CE” [NC,OR] #Windows CE and Pocket PC RewriteCond %{HTTP_USER_AGENT} “NetFront” [NC,OR] #PalmSource WebBrowser 2.0 RewriteCond %{HTTP_USER_AGENT} “Palm OS” [NC,OR] #Eudora Web Browser for Palm RewriteCond %{HTTP_USER_AGENT} “Blazer” [NC,OR] #Handspring Blazer Browser RewriteCond %{HTTP_USER_AGENT} “Elaine” [NC,OR] #RIM Devices RewriteCond %{HTTP_USER_AGENT} “^WAP.*$” [NC,OR] #WAP Browsers RewriteCond %{HTTP_USER_AGENT} “Plucker” [NC,OR] #Plucker Offline download client RewriteCond %{HTTP_USER_AGENT} “AvantGo” [NC] #AvantGo Service RewriteRule ^index.php http://m.yourdomain.com/ [L,R] basically if the browser's user agent matches one of these strings, then the rewrite rule kicks in... it's not the most basic of concepts and rewrite stuff can be quite touchy, so it could be tricky to implement, but that's how you'd go about it... hope that helps a bit!