Tasos Posted June 30, 2013 Share Posted June 30, 2013 Hello all i am searching for a safe search script and pagination, i have searched the web for days to find what i want but nothing do somebody know where to find a free sript or to buy ? I already have a script but is not safe i can hack my own website. Thanks. Quote Link to comment https://forums.phpfreaks.com/topic/279713-where-to-find-a-safe-search-pagination-script/ Share on other sites More sharing options...
mac_gyver Posted June 30, 2013 Share Posted June 30, 2013 if you could not find a script that has the search and pagination features you want and was secure, what makes you think someone on a forum knows what search and pagination features you were looking for? and no, that's not a suggestion for you to list the features you want. we are not here to find things for you (you would hire a personal assistant for that). the point of programming help forums are to help you with problems in your code. why not spend your time fixing your existing code? if you post it and state what method you were able to use to 'hack' your site, someone in this programming help forum will likely give suggestions on how to fix the problem. Quote Link to comment https://forums.phpfreaks.com/topic/279713-where-to-find-a-safe-search-pagination-script/#findComment-1438655 Share on other sites More sharing options...
Tasos Posted June 30, 2013 Author Share Posted June 30, 2013 @mac_gyver i will post my script here, maybe somebody could help me. Thanks Quote Link to comment https://forums.phpfreaks.com/topic/279713-where-to-find-a-safe-search-pagination-script/#findComment-1438656 Share on other sites More sharing options...
Tasos Posted June 30, 2013 Author Share Posted June 30, 2013 (edited) Here is the complete script.... <?php include 'extern/connect.php'; $categories = file_get_contents('extern/categories.php'); $footer = file_get_contents('extern/footer.php'); $logo = file_get_contents('extern/logo.php'); $report = file_get_contents('extern/report.php'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="keywords" content="//////" /> <meta name="description" content="/////" /> <title>///////<title> <link rel="shortcut icon" href="images/favicon.ico" /> <link rel="stylesheet" type="text/css" href="/css/style.css" /> <!--[if IE]> <link rel="stylesheet" type="text/css" href="/css/ie-style.css" /> <![endif]--> <script type="text/javascript" src="extern/stats.js" ></script> <script type='text/javascript' src='ajax/jquery-1.8.1.js'></script> <script type="text/javascript"> $(document).ready(function(){ $('._bxn').click(function(){ var file_id = $(this).attr('id'); $.ajax({ type: "POST", url: 'ajax/count.php', data: 'file_id=' + file_id }); }); }); </script> </head> <body> <div id="container"> <div id="header"> <div class="img"><?php echo $logo; ?></div> <div id="form"> <form action='search.php' class='form-srch sr' method='GET'> <input type='text' name='search' placeholder='Search here...' required> <button type='submit' name='submit'>Search</button> </form> </div> </div> <div id="categories"> <?php echo $categories; ?> </div> <?php $button = $_GET ['submit']; $search = $_GET ['search']; echo "<div id='containerbartop'> <div id='dateadded'>Watch funny videos <b>$search</b> </div> <div id='populair'><a href='populair.php'>Populair</a></div></div><div id='thumbcontainer'><ul class='mainv'>"; include 'extern/connectsearch.php'; $search_exploded = explode (" ", $search); foreach($search_exploded as $funny) { $x++; if($x==1) $construct .="title LIKE '%funny%'"; else $construct .="AND title LIKE '%funny%'"; $constructs ="SELECT * FROM videos WHERE $construct"; $run = mysql_query($constructs); $foundnum = mysql_num_rows($run); if ($foundnum==0) echo "Please try something else"; $per_page = 36; $id = $_GET['id']; $max_pages = ceil($foundnum / $per_page); if(!$id) $id=0; $getquery = mysql_query("SELECT * FROM videos WHERE $construct ORDER BY date DESC LIMIT $id, $per_page"); $thumbs = $runrows ['thumbs']; $title = $runrows ['title']; $channel = $runrows ['channel']; $url = $runrows ['url']; $duration = $runrows ['duration']; while($runrows = mysql_fetch_assoc($getquery)) { echo '<li class="thumbcontent"><a href="'. $runrows['url'] .'" class="_bxn" id="'. $runrows['id'] .'" target="_blank"><img src="'. $runrows['thumbs'].'" class="thumb" name="'. $runrows['title'] .'" alt="'. $runrows['title'] .'" title="'. $runrows['title'] .'" width="240" height="180" /> </a><span class="thumbreport"><a href="raport.php?url= '. $runrows['url'] .'&thumb='. $runrows['thumbs'] .'&title='. $runrows['title'] .' " target="_blank">Report</a></span><span class="duration">'. $runrows['duration'].'</span><span class="out"><a href="'. $runrows['exlink']. '">'. $runrows['ex'] .'</a></span></li> '; } echo "<center>"; ?> </ul> </div> <div id="containerbarbottom"> <?php //Pagination ids echo "<center>"; $prev = $id - $per_page; $next = $id + $per_page; $adjacents = 5; $last = $max_pages - 1; if($max_pages > 1) { //previous button if (!($id<=0)) echo "<div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$prev'>Prev</a> </div>"; //pages if ($max_pages < 7 + ($adjacents * 2)) //not enough pages to bother breaking it up { $i = 0; for ($counter = 1; $counter <= $max_pages; $counter++) { if ($i == $id){ echo "<div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$i'><font color=orange><b>$counter</b></font></a></div> "; } else { echo "<div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$i'>$counter</a></div> "; } $i = $i + $per_page; } } elseif($max_pages > 5 + ($adjacents * 2)) //enough pages to hide some { //close to beginning; only hide later pages if(($id/$per_page) < 1 + ($adjacents * 2)) { $i = 0; for ($counter = 1; $counter < 4 + ($adjacents * 2); $counter++) { if ($i == $id){ echo "<div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$i'><font color=orange><b>$counter</b></font></a></div> "; } else { echo "<div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$i'>$counter</a></div> "; } $i = $i + $per_page; } } //in middle; hide some front and some back elseif($max_pages - ($adjacents * 2) > ($id / $per_page) && ($id / $per_page) > ($adjacents * 2)) { echo " <div class='paginate'><a href='funny.php?search=$search&submit=search&id=0'>1</a></div> "; echo "<div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$per_id'>2</a> ....</div> "; $i = $id; for ($counter = ($id/$per_page)+1; $counter < ($id / $per_page) + $adjacents + 2; $counter++) { if ($i == $id){ echo " <div class='paginate'><a href='funny.php?search=$search&submit=search&id=$i'><font color=orange><b>$counter</b></font></a></div>"; } else { echo " <div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$i'>$counter</a></div> "; } $i = $i + $per_page; } } //close to end; only hide early pages else { echo " <div class='paginate'> <a href='funny.php?search=$search&submit=search&id=0'>1</a></div> "; echo " <div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$per_id'>2</a> ....</div> "; $i = $id; for ($counter = ($id / $per_page) + 1; $counter <= $max_pages; $counter++) { if ($i == $id){ echo "<div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$i'><font color=orange><b>$counter</b></font></a></div>"; } else { echo " <div class='paginate'><a href='funny.php?search=$search&submit=search&id=$i'>$counter</a></div> "; } $i = $i + $per_page; } } } //next button if (!($id >=$foundnum-$per_page)) echo "<div class='paginate'> <a href='funny.php?search=$search&submit=search&id=$next'>Next</a></div> "; } echo "</center>"; } ?> </div> <div id="reclame"> <iframe src="ifr.html" height="275" width="1050" frameborder="0" scrolling="no"></iframe> </div> <div id="footer"> <?php echo $footer; ?></div> </div> </body> </html> Edited June 30, 2013 by Tasos Quote Link to comment https://forums.phpfreaks.com/topic/279713-where-to-find-a-safe-search-pagination-script/#findComment-1438658 Share on other sites More sharing options...
Tasos Posted July 1, 2013 Author Share Posted July 1, 2013 This is what i changed from line 54 $search = mysql_real_escape_string(htmlentities(trim ($_POST['search']))); $search = preg_split('/[\s]+/', $search); But this is not working what is wrong here please help me.. Can i also make from the pagination <a href='funny.php?search=$search&submit=search&id=$prev'>Prev</a> </div>"; into php server self ? Quote Link to comment https://forums.phpfreaks.com/topic/279713-where-to-find-a-safe-search-pagination-script/#findComment-1438784 Share on other sites More sharing options...
mac_gyver Posted July 1, 2013 Share Posted July 1, 2013 (edited) you should only use your database escape function on string data that goes into a database query. by escaping the $search variable, you are messing up all the other places that $search is used. also, by splitting/exploding what is in $search and putting that back into the $search variable, you are messing up all the other places that $search is used. you should only use htmlentities on data you are outputting to the browser. it should not be used on data you are putting into a database query. Edited July 1, 2013 by mac_gyver Quote Link to comment https://forums.phpfreaks.com/topic/279713-where-to-find-a-safe-search-pagination-script/#findComment-1438835 Share on other sites More sharing options...
uMSUSBdGGx Posted July 2, 2013 Share Posted July 2, 2013 More Bonuses buy viagra johannesburg - buy viagra online yahoo answers Quote Link to comment https://forums.phpfreaks.com/topic/279713-where-to-find-a-safe-search-pagination-script/#findComment-1438993 Share on other sites More sharing options...
DZvvVPHfPV Posted July 2, 2013 Share Posted July 2, 2013 cheapest viagra super active order viagra online without script - order cheap viagra online us Quote Link to comment https://forums.phpfreaks.com/topic/279713-where-to-find-a-safe-search-pagination-script/#findComment-1438997 Share on other sites More sharing options...
generic79 Posted July 2, 2013 Share Posted July 2, 2013 Tasos, What you mean you could hack your own website? Quote Link to comment https://forums.phpfreaks.com/topic/279713-where-to-find-a-safe-search-pagination-script/#findComment-1439004 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.