Posts by cwarn23

Hi,

Do you think I can use $_POST for this...

If it is possible, can u help me with the code...

Yes but why can't you use $_POST ?

Well when you assign username wouldn't you do it like the following?

<?php session_start();
if (isset($_POST['user']) && !empty($_POST['user'])) {
$_SESSION['Username']=stripslashes($_POST['user']);
}
?>

<?php session_start();
echo $_SESSION['Username'];
?>

Maybe you should think again.
Maybe it's ok to do as a personal intellectual exercise, but what's the point of compromising sha1 for everybody?
I don't get it.

For better security practices to be taken into place. IMO any hash function can be cracked and I am going to prove that by going to selected algorithms and cracking them. If you truly want a secure hash then you would need to use something like the following:

function truehash($hashzzz) {
return hash('sha1',hash('whirlpool',$hashzzz));
}

A function like that will never be cracked unless both algorithms are cracked with a third algorithm written. So pritty much the reason why I am revealing the weaknesses in SHA1 is to prove that no hash is truly secure. I heard some officials in America have already cracked sha1 but is closed source. As for my source at digital-ethers request is below. I have managed to store both the previous temp variable value and the core data of the word variable/subarray into a single variable. This variable changes on each loop round. The next step is to separate rotateleft(a,5) from word[m] which are stored in val. After that it is possible to gain access to the word array which will lead to the next set of equations.

//#include<stdio.h>   
#include<string.h>   
#include<malloc.h>   
#include<math.h>   
#include<stdlib.h>   
#include<iostream>

#include <sstream>

#define rotateleft(x,n) ((x<<n) | (x>>(32-n)))   
#define rotateright(x,n) ((x>>n) | (x<<(32-n)))   

#define rotateleftrev(x,n) ((x<<n) | (x>>((32-n)+n)))   
    
void SHA1(unsigned char * str1)   
{   
	int i;
    unsigned long int h0,h1,h2,h3,h4,a,b,c,d,e,f,k,temp;   
    h0 = 0x67452301; …

Second page should be changed to the following.

<?php  session_start();
 
// loop through the session array with foreach
foreach($_SESSION['Username'] as $key=>$value)
    {
    // and print out the values
    echo $value;
    }
 ?>

Hi Zodiac,

I think u r correct... I have to use session arrays... I don't kow how to do it... coz my array is a variable $row... How do i do it...

I tried the following code:

In the first page:

<?php
session_start();

$my_array=array($row['Username']);
 
$_SESSION['Username']=$my_array;

?>
In the second page:

<?php  session_start();
 
// loop through the session array with foreach
foreach($_SESSION as $key=>$value)
    {
    // and print out the values
    echo $value;
    }
 ?>

Any suggestions..

Thanx in advance

My wife said "Ipad?? does it come with wings? Is it only useful 5 days a month?"

Good one. I would say the only wings it comes with are bug wings that is if bugs have wings. My preference is reading a good old book instead of an ipad.

Thanks for that. So it is a free subdomain service.

Where he bought it?
and where can I check his whois neither in co.cc local whois?

I checked it on .co.cc's local whois:
http://www.co.cc/whois/whois.php

please imagine this:

[example]
there are a co.cc extension (in your mind).
please type on the address bar: http://co.cc
If .co.cc is an extension, where is the domain?

co.cc has a database of subdomains, and they are unique.

So, co is the domain, and the tld/extension is .cc
please refer to this link:
http://who.is/dns/co.cc/

I want to create like it

Do you think it is wise to post that in the public domain so that every nut and his brother can run a muck on the internet?

What do you mean by "run a muck"? I thought it would be wise.

Are you serious? Are you willing to share with us how you're cracking it? It would be quite amazing if you did.

Yes, tomorrow I will have an update where I should have a data array cracked which will lead to the original data. Btw I'm using c++ and I will post some code in 24 hours. If I don't just remind me in 24 hours and I will post.

sorry...explain briefly.

I was just explaining to evstevemd how pdf files in a database can be retrieved just as easily as files in the filesystem. Not that it helps to solve your problem. ;)

It is possible to link to files in a database by using dynamic urls like the following.
page.php?file=test.pdf
Then you would use a mysql_query() on $_GET.

So you just use

hash('whirlpools', 'some text to encode');

Except drop the s.

hash('whirlpool', 'some text to encode');

I would suggest sending the files as a zip and maybe find a class or library that can zip a group of files.

I believe there are some custom scripts/functions that you can be downloaded so perhaps a google search for "php uniord function" might reveal a few functions.

Man you are commited to crack that algorithm! Do you want to get into world record? ;)

And whirlpool, what is it?

The whirlpool algorithm can be used with the following code:

<?php
echo hash('whirlpool', 'The quick brown fox jumped over the lazy dog.');
?>
//outputs
802dc377bf6dc4f905b90cf2f1ddb39d4958526c3772bce41c03488701630eeede8 51f5ddc195714ea9e35311a513e31c3b616ffce5756bd963e0fdc092b2f87

As you can see it has a longer hash and although I haven't checked the algorithm's core I would assume that it is by far more secure as 8 characters of hex = one number to decode into words.

FYI, actualy co.cc is not tld

That is incorrect because a friend of mine has a domain named obvioussiteisobvious .co.cc and so two people can't have the same domain or did you give my friend a subdomain?

مرحب

They are non-ascii characters and are unable to convert with the ord function. I would suggest finding a replacement for the ord function as the ascii table ranges from 0 to 255 and those characters are out of that range.

Don't you just hate it when nobody asks a question in hours on an irc help chat room for myself to answer. (PHP Freaks irc #help)

The ipad - thats an apple breakthrough. Can only do one task at a time and has little memory *cough* dos *cough*. Microsoft and Unix/linux has done better than that since the early 1990's with multitasking apps. That might be good for your presentation. Anyways a breakthrough technology - I would say Robotics. It is said robotics will have a 20 million dollar market by the year 2020 according to Microsoft. Also currently universities and private companies have had some breakthroughs such as visual interfaces and making it walk. So I would say robotics is the real breakthrough in technology.

Try this.

FindEdits($HtmlContent,"@<h1(.*)?class=\"(.*)?cmsedit(.*)?\"(.*)?>(.*)?</h1>@ius");

Also could you post the data your trying to match.

That function works perfectly. A hex is made of the values 0-9 and A-F. When I test that function it seem to follow those rules and does it perfectly. But are you after a function that converts string to decimal and not string to hex? Because that's a completely different thing.

Do you mean like this?

$result = mysql_query("SELECT Fieldvalue FROM kid_rsform_submission_values WHERE SubmissionId IN (SELECT SubmissionId FROM kid_rsform_submission_values WHERE FieldValue = '850830126317') LIMIT 14");

I thought I would let you's php gurus know that I am starting to come close to cracking the Sha1 algorithm. And surprisingly it is an easy one to crack. So I would recommend switching to something like the whirlpool algorithm.

Could you elaborate on that. Are you trying to get a dll that isn't designed for php to work with php because if that is the case then it will not be compatible and will need recoding to compile with php. Other than that I don't have a clue what your talking about.

It works on any domain but are you trying to get wildcard tld's? Because the Top level domain (eg. .co.cc) cannot be changed automatically unless you have registered all combinations. But for subdomains it's a completely different story. If your trying to create infinit combination subdomains then my previous post describes how to do that.

I'll try your nice suggestion, thanx mate...
Does it work like .co.cc?
Please read my case from the begining.

No htaccess is needed for that wildcard domain but instead a single php file. You will be able to retrieve the subdomain entered with the $_SERVER; variable. So the user can enter any subdomain then the php script will receive it in that variable and you can preprocess it.

Simply use method="POST" in your html form and some php code along the lines of the following.

if (isset($_POST) && !empty($_POST)) {
mysql_query('INSERT INTO `table` SET `column1`="'.mysql_real_escape_string(stripslashes($_POST['fieldname'])).'", `anothercolumn`="'.mysql_real_escape_string(stripslashes($_POST['anotherfield'])).'"') or die(mysql_error());
}

Did you create a wildcard subdomain and make the php script sort the subdomains? for example the subdomain of example.com would be *.example.com

I don't want to show code to every body

Could you elaborate on that. Php is server-side so php can't replace html however php can replace some sections of javascript. So please expand on that sentence.

Yea, perhaps the best thing to do when your computer is broken is do a cheap repair then add the computer to your server farm and get a new one that's faster.

I never try to fix the problem, i always use to call a service provider:D

<?php
session_start();

//rest of my code
$_SESSION['Username']=$row['Username'];
?> 

//code on second page for the form is

<td><input readonly="Username" type="text" name="Username"  value="<?php  session_start(); echo $_SESSION['Username']; ?>"></td>

That code is invalid and should be as follows:

<?php
session_start();

//rest of my code
$_SESSION['Username']=$row['Username'];
?> 

//code on second page for the form is

<td><input readonly="Username" type="text" name="Username"  value="<?php echo $_SESSION['Username']; ?>"></td>

Note that the page must start with session_start(); before any browser output otherwise errors will occur.
enjoy.

It is in the users cache and although they can press back and view the pages they can't click any links or make any changes. Then this comes to the question disabling the back button which I believe isn't possible but you never know what's possible.

Can you remove the ob_start() and remove the headers then tell me any errors that are popping up. Because an E_Notice error could make the headers fail.

@cwarn

You say you disagree, but from reading your post, you say the same:

1. I say that you can't copy/reproduce/ADAPT another's work.
2. You can use somebody's IDEA.

Have I misunderstood? I admit to being really naive w.r.t this and always err on the side of caution. I only ever use code that is open and use it with the same licence from which the original code originated (as imposed by the terms of use).

Those two points are correct. And the adapting work agreement can vary depending on license. Some licenses will allow you to adapt while others wont. But many licenses don't allow you to adapt.

There's no team -- I do all of the development work myself.

Amazing the amount of work you have accomplished. And to think the site was all done by one person plus the mods. Good job.

A lot of images are loaded from the CSS so a custom CSS would actually do the trick.

Would that mean all that would need to be done is to have an option to load a different css sheet which doesn't use images? To me it sounds like an easy job but being vbulletin I'm not sure weather there are any hard parts.

That code inside the input field will trigger a custom javascript function. Then the javascript function can set the css of the input box so that the writing in the background disappears. The writing is usually just a simple background image and javascript can be used to make it disappear.

if you donot mind let me know how to do.

i did like this as a text format. text will disappear in text box.how the image to insert in text box. hw to do the above one.

That is a mixture of css and javascript. Basically you use css to make it look pretty then to make the background disappear simply use onclick="javascript:myfunction();" Then javascript can change the css properties to make the background disappear.

Your headers are invalid. Don't forget the function names are case sensitive. So turn HEADER() to header() like the following.

header("Expires: time()");
header("Pragma: no-cache");
header("cache-control: no-cache, no-store, must-revalidate");

But I'm not sure about those strings inside the header though.

Close to the answer. The only thing is it appears we would need to open the full thread then open a printable version. Would it be possible to have 2 options where first is where threads open in printable view automatically and second option for forum categories automatically appear in printable view without having to keep on changing the url? So basically 2 options that set the default view to printable view. Would that be possible?

You could use the printable version?

And also, once the images are in the cache it should load faster

Ya would think so but for some reason it doesn't. Wierd.
Also is it just dani that does all of this work or is there a team? There must be a team is there? The only other easier option which would be less work for dani would be to have a clone site with a low/no pictures on its interface. I always liked the interface daniweb has but on 2kbps it is as slow as.

Hi and I often use daniweb on computers with an internet speed of around 2kbps to 24kbps to 64kbps and when using daniweb while on 2kbps and 24kbps compared to other sites like google and phpfreaks, daniweb takes a long time to load (~2mins). My suggestion is would it be possible to give members the option to disable all graphics? This would make daniweb much faster when using it on a dialup computer. Thanks...

Good points. I will think twice before buying a dell from what I have read. Instead I will go to a local pc store to get it custom made.

I beg to differ. You get what they want to send you. You do get the option of a few Dell-approved upgrades -- like a couple graphic cards, maybe a couple disk drives -- but very limited real options. And you have no choice on some software like AOL and other trial software cluttering up your drive that no sensible person would want.

And you do NOT get OS install disks. You usually get a directory on the HD (taking up space you should be able to use) which is useless if the disk crashes. But you get charged for the entire OS...

I would suggest using javascript (not ajax). Simply put an empty div field at the end and when the user clicks the button to add a row then javascript will append to that div making another row. That's the theory but I am guessing you want code. Below is a little snippet.

var newrow;
newrow='<input type="text" name="blah"><input type="text name="test">';
document.getElementById("rowid").innerHTML=document.getElementById("rowid").value+newrow;

That is just some code to give you a rough idea.

Perhaps you should become familiar with a php forms tutorial. Because forms will be able to solve most of your problem and if you want it to make changes without the page refreshing then you will need to follow an ajax tutorial in addition to the forms tutorial.

I disagree. What your describing is you get a book written in french then translate it to english and have a uncopywrited work. Obviously that isn't how it works in the real world nor is it how it works in programming languages. So clearly changing it to another programing language with the same concepts and principles will make it illegal. The only thing in this world that is not copywrited is ideas. So therefore you may copy ones idea but how you go about doing that idea must be different or original. So in this case you have some open source or purchased code and you want to adapt it to your project, the only way you can really do it is study the code for the ideas then write your own version based on those ideas. Hope that helps as I have read all about the australian copywrite laws.

That's a tricky one. We all base our codes on stuff we learn from books, tutorials, help from forums etc. When one is sufficiently proficient, "original code" may be possible.

If you're producing 'drastically different' code from the original, but have used it as a 'resource' / 'idea' / 'starting point', you may be OK. Have you contacted the author to check whether this would be OK? Omission of the copyright symbol etc, on a website does not, *as far as I know* mean that there is no copyright. Any code written by the author and published online has "implied" …

It would be better to place all the data into a database and perhaps you could make a script that will insert it into the database for you. Then to display the content you just select from the database and display the contents from the database.

The scanned by signature is added by the virus scanner and therefore needs to be disabled by the virus scanner. So if you go into your servers virus scanner configurations you would untick the box for showing the scanned by in the signature. You would also do the same with the virus scanner on your local computer.

My code was just a brief outline that shows the hard stuff but all you need to do is create the ajax function with the row input and to do the mysql query. I would suggest following an ajax tutorial for that bit so you can get an understanding of how it works.

To make it easier
http://dev.mysql.com/doc/refman/5.0/en/windows-installation.html
http://httpd.apache.org/docs/1.3/windows.html
http://php.net/manual/en/install.php

Try something like this:

<?php
$line=82; //includes zero as 1.
$newdata='this is a test 123';
$data=file('path/to/file.txt');
$data[$line]=$newdata."\r\n";
$data=implode($data);
file_put_contents('path/to/output.txt',$data);

This is a brief code...

echo '<table border=1 cellpadding=5 cellspacing=0>';
for ($i=0;$row=mysql_fetch_assoc($sql_result);$i++) {
echo '<tr id="'.$i.'">';
echo '<td>'.$row['column1'].'</td>';
echo '<td>'.$row['column2'].'</td>';
echo '<td><a href=# onclick="javascript:ajaxfunction(\''.$i.'\');">Send</a></td>';
}
echo '</table>';