Kindly dont spoil my site but try to find flaws and report to me

[Mchl]

I feel bad for you...

 

Don't. This means he will have a lot of time and motivation to make it better

[Maq]

I feel bad for you...

 

Don't. This means he will have a lot of time and motivation to make it better

 

I said it because it's his only source of income.  :-\

[om]

Value Error : top  Parse Error

 

take out :

<body style="color: rgb(51, 255, 51); background-color: rgb(0, 51, 0);"
onload="sp_resetcbe()" text="#00ff00" 
vlink="#ffcc00" alink="#ff0000" 
bgcolor="#004300" link="#ffff00"> 

 

replace with:

<style type="text/css">
BODY {
background-color:#030;
color:#3F3;
vlink:#fc0;
alink:#fc0;
text:#0f0;
link:#ff0;
}
</style>

1. Too cluttered

2. Marquee is bad

3. iFrames are bad

 

tHANKS i JUST FINISHED SANITIZATION AT SERVERSIDE SUBMIT HANDLING CODE, FOR BASIC FILES SOME ADVANCED NEED TO BE STILL DONE.

 

iS THERE ANY CLIENT SIDE SANITIZATION  CODE???????

 

sOU all of my dear friends worring of lay out have to bear it for few days.

 

Concentrate now on breaking into www.ucy.in/tcmb

 

Thanks again for you good feedback.

[DarkWater]

1) The design is really, really...abysmal.  I thought it was a joke at first.

 

2) I could not decipher the point of the website at all.  It was too cluttered and just unappealing.

 

3) Good luck making money.  You might need it.

[ardyandkari]

i took a look at the "new" page that you have...("Concentrate now on breaking into www.ucy.in/tcmb")

 

that looks the same...i dunno what you are doing or will do...i do suggest using a template because it is easier and less time consuming...

 

iS THERE ANY CLIENT SIDE SANITIZATION  CODE???????

if it were client side there would be no point.  javascript can be turned off.  anything client side could possibly be messed with since the client is the one processing the request...dont bother.  keep it server side and you will be safe.

[dropfaith]

there is client side code to sanitize things but as sated i can turn it all off so i dont use it because its not secure at all

[ardyandkari]

does it even really sanitize???  or does it just check to make sure that a form was filled completely and maybe was alphanumeric or something?  i cant see a practical client side script that actually sanitizes an entry...

[darkfreaks]

Improved Version of clean() and how to call it:

 

<?php
function clean($var) {

$var=strip_tags(trim(mysql_real_escape_string($text)));
$var=htmlspecialchars($var,ENT_QUOTES);
return filter_var($var,FILTER_SANITIZE_STRING);
}
$hregcd=clean($_POST['hregcd']);
$hu_grp_id=clean($_POST['hu_grp_id']);
$hcuna=clean($_POST['hcuna']);
$huid=clean($_POST['huid']);
$htpwd=clean($_POST['htpwd']);
$htpwd1=clean($_POST['htpwd1']);
$ribtn=clean($_POST['ribtn']);
$cbe=clean($_POST['cbe']);
$jbs_reg=clean($_POST['jbs_reg']);
?>

[Mchl]

Services are subject to acts of God

 

I like this disclaimer for some reason... Wish I could use it.

[om]

Improved Version of clean() and how to call it:

 

<?php
function clean($var) {

$var=strip_tags(trim(mysql_real_escape_string($text)));
$var=htmlspecialchars($var,ENT_QUOTES);
return filter_var($var,FILTER_SANITIZE_STRING);
}
$hregcd=clean($_POST['hregcd']);
$hu_grp_id=clean($_POST['hu_grp_id']);
$hcuna=clean($_POST['hcuna']);
$huid=clean($_POST['huid']);
$htpwd=clean($_POST['htpwd']);
$htpwd1=clean($_POST['htpwd1']);
$ribtn=clean($_POST['ribtn']);
$cbe=clean($_POST['cbe']);
$jbs_reg=clean($_POST['jbs_reg']);
?>

 

I struggled with your clean on my localhost for 3 hrs then it struck me, i was using mysqli, anthen later another for 8 hrs just to debug to know that number of connections were limited on local host, then I had re code my dbaccess part at last I give all my share of clean,

 

Thanks all of you God bless you, as I am 37+, i some times loose intrest but your feed back got me cracking. And I need to market my product my self

 

As It is now Complete One human co.

 

function clean($text) {

  /* check connection */

  {

  $sp_dbcn = new sp_dbcon();

    $link = $sp_dbcn->sp_getConc();

$text=strip_tags(trim(htmlspecialchars(mysqli_real_escape_string($link, $text))));

/* determine our thread id */

$thread_id = mysqli_thread_id($link);

/* Kill connection */

mysqli_kill($link, $thread_id);

/* close connection  $_SESSION[cnt_con]++;*/

mysqli_close($link);

  }

return htmlspecialchars($text);

  }

 

 

 

[om]

Services are subject to acts of God

 

I like this disclaimer for some reason... Wish I could use it.

As i thank god allowing me to feel, invoke him. NOW I LOOK FORWARD FOR SALVATION. AND IN PROGRAMMING FOR IT.

 

GOD==>  god.csprgurukul.in

 

U CAN ALWAYS, BECAUSE WE JUST LIVE FOR HARDLY 100 YRS.

 

vISIT THE LINKS GIVEN DOWN.

[om]

it doesnt look like you have made any changes at all...

 

this is what i suggest:

              __________

layout->  |  header  |

              ------------

              |m|    c    |

              |e |    o      |

              |n |    n      |

              |u |    t      |

              |  |    e    |

              |  |    n    |

              |  |    t      |

              -------------

              |    footer    |

              -------------

 

this can all be done w/ css to keep a fast loading page.  you can also have the menu right under the header...

 

i was going to try to help you split up the one page into a few, just for an idea...but i still cant decide what you are doing with your page...what is the purpose?  you DEFINITELY want to split that one page up into many because more than likely you WILL NOT make any money with the layout (or lack thereof) that you have now.  a page not only has to have content, but also needs to be easy on the eye.

 

http://www.freecsstemplates.org/

http://www.free-css-templates.com/

http://www.free-css.com/    <--this one even has just layouts...not templates.

 

Now i do really want to know you likes and dislikes

 

I hope the lay is now much better thanks once again and GBU ALL

 

www.ucy.in/tcmb[/size]]www.ucy.in/tcmb

 

 

[om]

wAS SOME ONE ABLE ENTER INTO MY SITE WITHOUT VALUES,

 

WAS IT VULNERABLE TO ANY KIND OF ATTACKS, PLEASE LET ME KNOW,

 

BUT PLEASE DONT DESTROY.

 

www.ucy.in/tcmb/

[darkfreaks]

can we see how you are calling your function because it is not working at all ???

[DarkWater]

1.  The layout still looks incredibly bad.  Do you really think that it looks good?

 

2.  Stop posting with random caps lock.

 

3.  I'm surprised that nobody has actually said anything to you about the err...religious propaganda.  Everyone doesn't believe in god, you know.  Just saying.

 

4.  It seems, like darkfreaks said, that you aren't sanitizing your input still.  In the clean() function, why are you starting a new connection every single time?

[Mchl]

3.  I'm surprised that nobody has actually said anything to you about the err...religious propaganda.  Everyone doesn't believe in god, you know.  Just saying.

 

Nobody did since it's irrevelant to topic... we're adhering to the rules here you know

 

And I'm always confused if "everyone does not" == "not everyone does" ?

[darkfreaks]

you should use this function and call it like i said before

 

 

<?php

//*****Please do not change this part********//////
function clean($var) {

$var=strip_tags(trim(mysqli_real_escape_string($var)));//changed $text to $var my bad
$var=htmlspecialchars($var,ENT_QUOTES);
return filter_var($var,FILTER_SANITIZE_STRING);
}

//***************************************/////
$hregcd=clean($_POST['hregcd']);
$hu_grp_id=clean($_POST['hu_grp_id']);
$hcuna=clean($_POST['hcuna']);
$huid=clean($_POST['huid']);
$htpwd=clean($_POST['htpwd']);
$htpwd1=clean($_POST['htpwd1']);
$ribtn=clean($_POST['ribtn']);
$cbe=clean($_POST['cbe']);
$jbs_reg=clean($_POST['jbs_reg']);
?>

[DarkWater]

Nobody did since it's irrevelant to topic... we're adhering to the rules here you know

 

And I'm always confused if "everyone does not" == "not everyone does" ?

 

"Everyone does not" and "not everyone does" have the same meaning, although the second one seems more unwieldy and I never really say it like that.  =P

 

@darkfreaks: Why don't you just make it recursively handle arrays so he can clean $_POST in one function call?

[Maq]

Or, you could call clean() inside a foreach loop.

 

foreach($_POST AS $key => $value)

[darkfreaks]

thats a good idea actually thanks

<?php
if(get_magic_quotes_gpc())
{
//clean XSS/SQL injection
function clean($var) {

$var=strip_tags(trim(mysqli_real_escape_string($var)));//changed $text to $var my bad
$var=htmlspecialchars($var,ENT_QUOTES);
return $var;
}

array_walk_recursive($_POST,'clean');
} 
?>

[ardyandkari]

its better...

 

#1 = get rid of the iframe.

 

#2 = change colors PLEASE!!!

 

#3 = try to put some sense into the page.  it's still very random and i cannot decide what to pay attention to...

 

which brings us to #4 = GET RID OF THE MARQUEES!!!  this is not a please and thank you issue...they are annoying and distracting...not to mention pointless.

[blueman378]

lol the thing thats interesting is a site that was designed to show what a bad website looks like (http://www.angelfire.com/super/badwebs/) is easier to look at than this...

 

 

btw can you explain to me what your site actually is (i couldnt look at it long enough to tell)

[om]

its better...

 

#1 = get rid of the iframe.

 

#2 = change colors PLEASE!!!

 

#3 = try to put some sense into the page.  it's still very random and i cannot decide what to pay attention to...

 

which brings us to #4 = GET RID OF THE MARQUEES!!!  this is not a please and thank you issue...they are annoying and distracting...not to mention pointless.

 

 

You have said "Iframes is bad", so what is the substitute for it?

 

Well in my marq, there is no text to read  it directs one to click at some thing

 

with out using flash.

Because now notime to learn flash.

[darkfreaks]

used div's instead of iframes

[om]

used div's instead of iframes

 

I tried it but it, but doesnot  give the functionality as that of iframe.

 

when you click on left link the target should appear in the same rectangular area of  window.