Jump to content

ageattack

New Members
  • Posts

    6
  • Joined

  • Last visited

ageattack's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Ok thanks, I guess I'll do my research on 2nd order injection to ensure security.
  2. Thank you cronix for your input, I'll definitely do what you have suggested. However Jacques1, I'm not too sure what your explaining? Is the way I am doing still secure or no?
  3. <?php if(isset($_POST['submit'])){ $uname = $_POST['username']; $pword = $_POST['password']; /*** mysql hostname ***/ $hostname = 'localhost'; /*** mysql username ***/ $username = 'root'; /*** mysql password ***/ $password = 'anty90'; try { $link = new PDO("mysql:host=$hostname;dbname=gambling", $username, $password); /*** echo a message saying we have connected ***/ echo 'Connected to database<br />'; /*** INSERT data ***/ $stmt = $link->prepare("INSERT INTO gamb(username, password) VALUES (?, ?)"); try{ $stmt->execute(array("$uname", "$pword")); } catch(PDOException $e){ echo "Exception caught: $e"; } /*** echo the number of affected rows ***/ //echo $count; /*** close the database connection ***/ $link = null; } catch(PDOException $e) { echo $e->getMessage(); } } ?> <html> <form action='home.php' method='post'> <input type="text" name="username" > <input type="password" name="password" > <input type="submit" name="submit" value="submit"> </form> </html> I'm new to databse programming so I was just wondering if this was vulnerable to sql injection or not.
  4. $count = count($bytes); for($x=0; $x<$count; $x++){ ${'h' . $x} = substr($bytes[$x],8,-; $array1[${'h' . $x}] = array(); $array2[${'h' . $x}] = array(); $array3[${'h' . $x}] = array(); $array4[${'h' . $x}] = array(); $array5[${'h' . $x}] = array(); $offset[${'h' . $x}] = array(); $avg[${'h' . $x}] = array(); $avg2[${'h' . $x}] = array(); $percentage[${'h' . $x}] = array(); $values[${'h' . $x}] = null; } This is my code, where $bytes is an array containing the preg_match_all. The thing is, sometimes there is the same matchable string twice, meaning that it will create the same array key 2 times. Also, there will be two different variables, such as h2 and h13, which will have the same value. That doesn't screw the program up at all, but it makes a hell of a lot of error messages pop up. I just want to make sure that there are no $hx variables with the same value. P.S. I apologize if my code looks like crap. I'm still learning.
  5. I want an if statement that not only checks for the existence of a variable, but which also checks all the variables already created for one with a specific value. For example, I have a loop which creates variables, but I don't want it to make two variables with the same value. The problem is, using if(isset(${'h'.$x}==false) && ${'h'.$x} != 3{ } won't work since the variable equal to 3 could be named h4, whereas this one will be named h5. I hoped I explained this efficiently enough, sorry about any confusion.
  6. This is my preg_match code: preg_match("/(\d+)|(T)|(A)/", $link, $matches, PREG_OFFSET_CAPTURE, ($off-30) It works and matches the number I want, except it only returns the first character in the $matches array. For instance, if the number it finds is 10, it only returns 1. Now I understand that is what preg_match does, but how would I make that regex ungreedy? I tried adding a *, but it just made an error, and preg match all would keep searching for strings after the first one. All I want is for the first number, regardless of the length of it, to be returned in full. Thanks for any help.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.