Posts by cwarn23

I'm not sure how many people here would be familiar with Bank Wire but I suspect it is an api and I assume you've read the documentation. Then if there are other troubles with the api could you please post the code and any error messages so we can see what's wrong.

Yes, all you need to do is give each row a unique id (eg number) and use ajax to make the php request.

Hi - it's me again. I have the following code but don't exactly know what it means or how to make the opposite code. The code I currently have is

#define rotateleft(x,n) ((x<<n) | (x>>(32-n)))   
#define rotateright(x,n) ((x>>n) | (x<<(32-n)))

Then can be used like the following

a = rotateleft(123,456)
b = rotateright(123,456)

But as for the question, I have the values a and b stored. But now I need to reverse the formula so I get parameter 1 back (123). So say in the above code I have value a, I put it through a function then it should be 123 just like b. So how exactly do I do that because none of this makes any sense. Please help... Thanks.

WOW! Now I see it. The int was so big that it exceeded it's 32bit signed int. Therefore needed converting to 64bit then back to 32bit unsigned long int. Thanks for that. Now I can crack the second layer of SHA1 hopefully with no problem. THANKS!!

sigh. Its practically the same concept as before, when I gave you
toHex() function. This time try to learn whats going on, please.

#include <iostream>
#include <sstream>
#include <string>

using namespace std;
template<typename Type>
string toHex(const Type& value, bool showBase = true){
	stringstream strm;
	if(showBase)
		strm << showbase;
	strm  <<  hex << value;
	string to_hex;
	if(!(strm >>  to_hex)) throw std::exception("Conversion to hex failed!\n");
	return to_hex;
}
typedef __int64 int64;

int64 hexToInt64(const string hexStr){
	stringstream strm;
	strm << hex << hexStr;
	int64 value = 0;
	if(!(strm >> value)) throw std::exception("Conversion to int64 failed!\n");
	return value;
}
int main(){
	cout << hexToInt64(toHex(3145131833)) << endl;	
	cout << toHex( hexToInt64("bb76e739")) << endl;
}

I just tried the following function but again it doesn't work. Does anybody know why hex's with high decimal values like bb76e739 just won't convert? I know it should equal 3145131833 but this function just like every other one shows different.

int hex2int (std::string str)
{
int num;
std::istringstream i(str);
i >> std::hex >> num;
return num;
}

Can anybody suggest a function that will convert with 100% accuracy as this is just crazy because when I convert to from dec to hex 3145131833=bb76e739 but when I try to reverse the process it does not reverse the sum. Any ideas?

Hi and I have a hex to int function but it isn't converting the hex to integers properly. Below is the code an example is the hex bb76e739 which should = 3145131833 but with the function it equals 2147483647. I heard sprintf or something like that can convert the hex to int and assign it to a variable but have no code for it. Below is my current function which doesn't always work.

long hex2int(const std::string& hexStr) {
  char *offset;

  if (hexStr.length( ) > 2) {
    if (hexStr[0] == '0' && hexStr[1] == 'x') {
      return strtol(hexStr.c_str( ), &offset, 0);
    }else{
		std::string str="0x";
		str.append(hexStr);
		return strtol(str.c_str( ), &offset, 0);
    }
  }
}

Can anybody suggest a better function where the input is a std::string because this is causing all sorts of troubles?
Edit: I'm using C++ with VC++

When buying 1TB of ram is just that little bit too expensive.

Now that's a test I would like to take.

According to Australian copyright laws it says you may not fame anothers website as your own unless you receive permission from the contents author. So basically if you were to embed a Flash game or webpage from another site on your site then that would be breaking the law unless you received permission from the contents owner. Also note that the moment something is written down it is immediately copyrighted under Australian law. Hope that helps.

Hi all
I have a website and I have put some links to another websites in my website , but when my users click on the links, I show the content of other websites in iframe is this
Copyright violation?
thanks.

The only problem with inserting the <p> tags is that unless there are two blank lines to represent a removed <p> tag then it would be impossible to reverse because how would the computer know where to insert these tags? It is best not to strip them in the first place.

But we need a code that will reverse what has been posted
and then selected from and to the database.

The text area posts carrige returns and line breaks to the database
and spits all that into the text div. The tags you suggest I keep are the ones I want to get rid of they will just appear as <p>paragraph</p>.

I'm looking for output - or update to a text field where html tags are output to a textarea just like

this

not like<br />this

I may be barking up the wrong tree but I've done some solid code on this and appreciate your input and output, He He :^) Thanks to date().

May I suggest googling for a tutorial. I myself have written one if you want to read.
http://syntax.cwarn23.net/PHP/Making_a_basic_blog

Why don't you use strip_tags like the following?

$input='input<br><b>string</b>';
strip_tags($input,'<p><br>');

That will strip every tag except the <p> and <br> tags. I believe that is the solution to your problem...

Try this.

<?php
 
$a = 0;
 
if($handle = opendir('./images/new_images')) {
  while(false !==  ($file = readdir($handle))) {
    if(trim($file,"\r\n\t/\\")!= '.' && trim($file,"\r\n\t/\\")!= '..') {
    echo $nfile[] = $file;
    }
  }
}
 
foreach($nfile as $key => $value)
  {
  $add .= $value."\n";
  $a = $a + 1;
  }
 
$add1 = "[PICTURES]\n";
 
$INIadd = $add1 . $add;
 
echo $INIadd;
closedir($handle);
 
?>

thanks to both of u for the replies...

also can i do this without using AJAX , by using simple php

@cwarn23 - can u please help me with an example code .... as i have no idea about this...

Thanks.

So as for the options, as mentioned you don't want ajax which IMO would be the best solution. Then the next option would be to use Java or Flash. They are both binary files that search engines can't read but can do some amazing stuff. And since you are new to the situation I wouldn't recommend taking up a new language just for the one job so the last option would be to use iframes. Then you can just get the individual iframes to reload instead of the entire page. But again iframes just like java and flash are not search engine friendly. That is why ajax is recommended. But if you wish to continue without ajax then perhaps search about iframes. Also if you would like to follow the idea of Flash instead then Google "3d Flash animator" and you might find some interesting software.

How to fix you broken computers

http://www.youtube.com/watch?v=PFcL6hiyyuc&NR=1

I watched the video and while your at it why don't you add some C4 along with TNT.

Were any of those three files meant to have the access denied/granted if statement because I noticed you didn't use the if statement on any of those files. I would suggest following the example if statement in my previous post and embed it where necessary and just to make it easier below is the if statement I am talking about.

if ($idsec != $propsec) {
	echo "NOT allowed" . "<br>";
}else {
	echo "Allowed" . "<br>";
}

I will be signing off now but will be back sometime tomorrow as it is getting late where I am. So following the above example is the answer but as I am unfamiliar with your design I'm not sure where exactly to place these if statements.

But isn't that what the if statement is for. I mean doesn't the if statement prevent other users seeing things they shouldn't? For example.

<?php
session_start();
echo "i am propsec.php" . "<br>";
$emailsec = $_SESSION['user_email'];
$idsec = $_SESSION['user_id'];
$host="localhost"; // Host name
$username="un"; // Mysql username
$password="pw"; // Mysql password
$db_name="db"; // Database name


// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

$_GET['id']=mysql_real_escape_string((int) $_GET['id']);
$sql="SELECT owner_id FROM tbl_sellers WHERE id=".$_GET['id'];

//$_SESSION['user_type'] = $user_type;
$result=mysql_query($sql);
$row = mysql_fetch_array($result);

$propsec = $row['owner_id'];
echo $idsec;
echo $propsec;
if ($idsec != $propsec) {
	echo "NOT allowed" . "<br>";
}else {
	echo "Allowed" . "<br>";
}
// If result matched $myusername and $mypassword, table row must be 1 row
//if (!$checkemail = $emailsec) { 
//	echo "You are not authorised to view this record/page.  Very naughty of you";
//}else{
//	exit();

?>

...
the url shows http://URL/edit.php?id=20

the id is taken and that shows the details. say id 20 to 23 are mine, i can change it to 24 and see something thats not mine

Your sql string, shouldn't it be modified with a WHERE clause so it only matches one row?

$sql="SELECT owner_id FROM tbl_sellers";

Do you mean like this?

<?php
$clientid = mysql_real_escape_string($_GET['client']);
$query = "SELECT * FROM client_details INNER JOIN users ON client_details.userID = users.id WHERE userID = $clientid";
$result = mysqli_query($dbcon,$query) or die('Error executing database query');
if (mysqli_num_rows($result) < 1) {
    die('Error obtaining client details, no rows found. <a href="' . $_SERVER["HTTP_REFERER"] . '">Go Back</a>');
    }
echo '<table border=1 cellpadding=5 cellspacing=0>';
while ($row = mysqli_fetch_assoc($result)) {
    echo '<tr><td>'.$row['firstname'].'</td><td>'.$row['lastname'].'</td></tr>';
    }
echo '</table>';
exit();
?>

Alternativley there is Adobe Flash but I myself prefer ajax and if you post some code then I shall try and embed the ajax.

If this is solved than please click the solved button but if it's not then continue reading...
The only 2 ways I have known php to create subdomains is 1 - by getting php to edit the apache config file which I wouldn't recommend. The second option is to create a wildcard subdomain pointing the wildcard subdomain to a php script which can then process the actions.

I wonder how long until they invent replicators. Replicators would be able to wipe out the robots with no problem. Or what about hackers hacking into a robot network. A hacker could send a Trojan to all robots in the United States and give those robots the command to destroy everything in sight. G' the future hackers have a lot more to play with...

Some nice Christmas cake even though Christmas is long gone.

Hi and I have been searching the web but my answer isn't looking very hopeful. I need javascript or preferably css to make my text vertical so the result is something like the following.

t
e
s
t
i
n
g

However with the result each of the characters need to be rotated 90 degrees with the bottom of the characters facing to the left. Does anybody know how this is possible with css or javascript? If worst comes to worst I guess I could use Java but css is my preference. Also below is a sample code I tried but didn't work.

<html><head><title>Test</title>
<style>
<!--
.verticaltext {
writing-mode: tb-rl;
filter: flipv fliph;
}
-->
</style>
</head><body>
<div class="verticaltext">Test-1</div>
</body></html>

Please respond...

Can you please tell me whats type of attacks they are

Basically xss attacks are when a user tries to inject code into a webpage. For example, the following is an xss attack.

URL=http://example.com/index.php?code="><script>alert("xss attack");</script>&id=1

<img src="http://<?php echo $_GET['code']; ?>.example.com/<?php echo $_GET['id']; ?>">

As you can see they put html code into the url and it made that html code appear into the webpage. This can cause security problems which is why url data should always be filtered.

If your going to do that then I would suggest the following:

<img src="http://<?php echo urlencode($_GET['code']); ?>.example.com/<?php echo urlencode($_GET['id']); ?>">

That will stop xss attacks.

Do you mean like this?

<?php
$variable='i45';
echo '<img src="http://'.$variable.'.expamle.com/'.urlencode($_GET['code']).'">';
?>

Thank you very much...I appreciate very much your help, but my Superior (our team leader) told me..."Please try to use server side scripting because some js may not support every browsers....?
can you tel me please..

Well php is only a preprocessor or more specifically a "hypertext preprocessor". Since php is a preprocessor it can only process the page before the page loads. So the only way you can make php validate this in addition to your javascript is with the following:

$_POST['field1']=$_POST['second_field'];

That will guarantee that both fields are the same.

Is there any browser compatibility problem with my js code block..?

This is not so much a compatibility issue but in any browser the user has the option to disable javascript and cookies because not everybody likes the idea of javascript and cookies as handy as they are.

cwarn23, I am the owner of 1dollarhoster.com how is 1dollarhoster.com a scam? I guess you never actually tried the service because you are allowed to have your own domain, mysql db, and more. With over 7k happy customers.

I'd like to know what facts did you base your statement on?

Thank You,

Yoni

Well when I signed up for the plan and went to purchase a domain with 1dollarhoster the domain never attached to the account meaning my website url was something like http://123.456.789/~cwarnnet/
And when I tried to contact support I never got a reply. The only time I ever got a reply from support was when canceling the account. Also note that with the type of url that I was given many php scripts didn't work because the ~ symbol is not accepted in cms's such as phpbb. The only part of the service that I was satisfied with was the fact that I could store files (not websites). Other than that there was nothing else I could really do with the service.

Hello Kyle, thanks a lot for your reply.

I'm not placing my php scripts in the cgi-bin/php folder, my scripts are inside the folder structure of my website. As you say, they were executed fine anywhere in the server when I had my website in another hosting so I thought this would be the case in this new hosting aso, but for some reason it isn't.

Anyway, I tried copying the php scripts in the cgi-bin/php folder, but still it's not working because it is trying to find the whole path following the folder. For instance, if the script is in:

www.mywebsite.com/edition/myscript.php

it is trying to execute:

cgi-bin/php/mywebsite.com/edition/myscript.php

which of course can't find.

I'm really lost here...

Why don't you move the php folder out of the cgi-bin and place it at the proper location so the url's dont need rewriting. Also having php files in a cgi-bin can cause problems as for example the server may treat the php files as cgi/perl files. And permissions are different in the cgi-bin directory resulting in possible productivity loss. So I would suggest moving those files to a place where they wont need rewriting to.

You should use the target="_Top" method. For example, below is an example of making a link.

<a href='test.php' target="_Top">test</a>

And below are other possibilities you can try out.

<a href='test.php' target="_Blank">test</a><br>
<a href='test.php' target="_New">test</a><br>
<a href='test.php' target="_Self">test</a>

My question is how I handle this case by php..?

I received your pm and as ardav explained, php does not really have any involvement in this situation. Also I tested your script and it works like it should. So what is your script not doing as it does exactly what you describe you want it to do?

So my question is, "Does the browser have an effect on the type of a file uploaded?"

Yes because if you go into the Opera preferences you will see that Opera will only recognize web related mime types. Other mime types are not programmed into Opera where as a browser like firefox may use the windows file system to recognize file types.

Do you mean $_POST['text1']=$_POST['text2']; ?

Line 19 and 20 should be replaced with the following.

if (mail($to, $subject, $message, $headers))

Also if you want to check the results in your cgi script then it would be as simple as comparing the return value. Eg.

if ($result=='Success the email was sent.') {
//success message
} else {
//fail message
}

At login.php, when i echo the session data that was passed it is null. Why.?

Do you have cookies enabled? Also does $_POST exist? And is $_POST a radio button? You need cookies enabled for sessions to work and as for radio buttons, sometimes they will return null if no option is selected or not used properly. I would suggest checking if $_POST has the same value as $_SESSION.

Try make action="success.php" and in success.php place the following code.

$url = 'http://www.mywebsite.com/cgi-bin/cgiemail/form/form.txt';

//url-ify the data for the POST
foreach($_POST as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string,'&');

//open connection
$ch = curl_init();

//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);

//execute post
$result = curl_exec($ch);

//close connection
curl_close($ch);

That should forward the post to your other action.

I think you should read a forms tutorial as some of the things your unsure about are the most vital things to know in php.

Well $answer. it equals $row in the loop of the table resulting of $answer being the value of the last row of the table. But what I'm saying is shouldn't $answer and it's surrounding variables be replaced with the user input?

Then you would set it for a really big number like

$ExpireTime = (time() + 999999999);

That is about as long as you can set a cookie before hitting the Unix timestamp bug and will last till the year 2037.

if ($TheCookie[3] == 1) {
			$ExpireTime 
 
= time() + 31536000;
		} else {
			$ExpireTime 
 
= 0;
		}

The latest version of php is 5.3 although I would recommend version 5.2. Also try replacing the above with the below.

$ExpireTime = (time() + 31536000);

So to completely remove the if statement and just place that line there to see if that will set the cookie.

I just checked your script and found $question, $answer and $id all equals the value of the last row. This is because of the following section.

while($row = mysql_fetch_array($result))
			{
				echo "<tr><td>";  
				echo "<font size = 1><input name='answer' type='text'>";		
         		echo "</font></td><td><font size = 1>";	
				$question = $row['question'];
				$answer = $row['answer'];
				$id = $row['questionid'];
				echo $question;
      			echo "</td></tr>"; 
			}

Now is $answer meant to be $_POST or $_GET etc. That would be your problem.

No it didnt work... Let me explain how the login works a little better... When you login it gives you the right to view pages that you couldnt view if you werent logged in. Like if you log in you can go to overview.php but if your not logged in then it redirects you back to login. I tried to go to overview with the code you gave me but it didnt work... Is it possible it uses something else to set the cookie?

I have heard that it is possible to use javascript or even java to set cookies but I wouldn't recommend it because if a user has javascript disabled then the cookie will not be set. This is an unusual bug and may I ask what version of php you have?

Try setting line 57 of Mauzam's script to the following

$expiretime = (time()+((3600*24)*30))

Perhaps one of the following two.

$count = mysql_query("SELECT * FROM qqq WHERE question = '$question' AND answer = '$answer'") or die(mysql_error());

$count = mysql_query("SELECT * FROM qqq WHERE answer = '$answer'") or die(mysql_error());

Then is this what you need?

$count = mysql_query("SELECT * FROM qqq") or die(mysql_error());

Well how are you trying to filter it. Are you trying to filter it to one row because that is how it is currently set up. The items after the word WHERE will need changing to match your needs. What is the basic theory behind how it needs to be filtered and what is the column structure. If you can explain those two things I may be able to piece together a mysql query for ya.

Well your where clause is filtering it to 1 row. I would suggest changing the where clause to match what you need. At the moment it looks like the where clause is designed to match 1 row and that could be your problem.

I see the bug. Try the following.

$count = mysql_query("SELECT * FROM qqq WHERE question = '$question' AND answer = '$answer' AND questionid = '$id'") or die(mysql_error());
	$score = mysql_num_rows($count);

Do you only have the one cookieset function because the code in Muazam's post looks very correct.