Posts by nav33n

fest

ply
rep
yep

Implement

What do you mean by 'remote pc' ?

;)

thanks! lol..that makes me feel lil 'old'. :P

bacause firstly it's not that much, secondly, there's a nice wizard installer and the package comes with preinstalled webUI for mysql (phpmysql I think)

you mean phpmyadmin.

Welcome to Daniweb Vimal !

Yep. Exactly.

It depends on the loopholes in your script. It wont be a threat if you handle it in a right way.

You are welcome ! I am glad your problem was solved. If you have any questions/problems, you can post it here. That will help those who might be facing the same problem :)

Cheers,
Naveen

<?php //test.php
if(isset($_POST['submit'])){
	$area=$_REQUEST['area'];
	$fd=fopen("test.txt","w+");
	fwrite($fd,$area);
	fclose($fd);
	$file_contents=file_get_contents("test.txt");
	print $file_contents;
}
?>
<html>
<body>
<form method="post" action="test.php">
Enter something: <textarea cols=40 rows=10 name="area"></textarea><br />
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>

file_get_contents reads the entire file into a string.
Cheers,
Naveen

huh! loaded configuration file says no value ? Now that's strange :S !

I wonder why you are still getting header already sent error even after using ob_start and ob_end_flush. But the reason why you get this error is, you shouldn't output anything(not even html tags) to the browser before calling a header function. Instead of header function, use,

echo "<script type='text/javascript'>location.href='$MM_redirectLoginSuccess';</script>";

I guess that will solve the problem.

What does your phpinfo say about the loaded configuration file ?

umm.. I have never worked with linux. But you should make changes to that ini file mentioned in "Loaded Configuration File", because its that configuration file that will be used by apache.

hmm.. Try this.

<?php 
ob_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title>Cycle Tracks Portal - Validation Page</title>
		<style type="text/css" media="all">@import "images/style.css";
</style>
	<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="rss/" />
</head>

<body>
<?php
// connection to MySQL server
mysql_connect('localhost','root','root');
mysql_select_db('administration');

// *** Validate request to login to this site.
//session_start();

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $loginPassword=$_POST['password'];
  $MM_redirectLoginSuccess = "validated.php";
  $MM_redirectLoginFailed = "index.html";
  $MM_redirecttoReferrer = true;
  mysql_select_db('administration');
      
  $loginUsername = get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername);
  $password = get_magic_quotes_gpc() ? $password : addslashes($password);
  $LoginRS__query = "SELECT username, password FROM adminprofile WHERE username='$loginUsername' AND password='$loginPassword'";
  
  $LoginRS = mysql_query($LoginRS__query) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    header("Location: " . $MM_redirectLoginSuccess );
	}
  else {
    header("Location: ". $MM_redirectLoginFailed );
}
}
?>

</body>
</html>
<?php 
ob_end_flush(); 
?>

Check for "Loaded Configuration File" in phpinfo and change that file. I think you are changing some other php.ini file !

Execute a script with phpinfo function. Check if the path in upload_tmp_dir is valid. Also check if you have given permissions for the temp directory.

Have you restarted you apache ?

Oh! So, is this the way you find girlfriends in India too :-O I thought you were much more reserved and old-fashioned, meaning getting introduced to GF by a family member.

There was a time(long time ago) when this used to happen. (Well, not exactly "introduction to your would-be Gf" but "arranged marriage".) But now, everyone is mocking the west ! But there are still a few places(villages) at some remote part of the country where people are still arranging marriages.

lol.. nice to know you :P

lol.. Thats a very late intro ! I cant really say welcome to Daniweb because you are already "in" with 400+ posts :P

LOL.. Great thread ! I think it should be bookmarked. *Tips to find a girlfriend* ! :P

ah ! ok.. :)

Welcome to Daniweb !

Welcome to Daniweb !~

Welcome to Daniweb ! :) But what does this mean ?

Glad fi know seh wi deh yah to!

Congrats !

-561

vest

pie
tail
paste

Gradient

>Is this a web Bots who posted automatic message?
Yes, I am an automated web bot. Just one of Dani's side projects that she works on when she's bored.

Wow! hello Web bot :P lol..

If you have a startup disk(win 98 startup disk), you can boot from floppy, use fdisk to delete the partitions, create new partitions and reinstall windows xp.

you are welcome! and ofcourse, i ll check this thread. I ll be here almost 17 hrs a day. lol.. I hope your code worked! Just in case you didn't find where to put } brace.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title>Cycle Tracks Portal - Validation Page</title>
		<style type="text/css" media="all">@import "images/style.css";
</style>
	<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="rss/" />
</head>

<body>
<?php
// connection to MySQL server
mysql_connect('localhost','root','root');
mysql_select_db('administration');

// *** Validate request to login to this site.
//session_start();

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $loginPassword=$_POST['password'];
  $MM_redirectLoginSuccess = "validate.php";
  $MM_redirectLoginFailed = "index.html";
  $MM_redirecttoReferrer = true;
  mysql_select_db('administration');
      
  $loginUsername = get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername);
  $password = get_magic_quotes_gpc() ? $password : addslashes($password);
  $LoginRS__query = "SELECT username, password FROM adminprofile WHERE username='$loginUsername' AND password='$loginPassword'";
  
  $LoginRS = mysql_query($LoginRS__query) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    header("Location: " . $MM_redirectLoginSuccess );
	}
  else {
    header("Location: ". $MM_redirectLoginFailed );
}
}
?>

</body>
</html>

:)

no problem. Put a } before line 40. That will probably solve it.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title>Cycle Tracks Portal - Validation Page</title>
		<style type="text/css" media="all">@import "images/style.css";
</style>
	<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="rss/" />
</head>

<body>
<?php
// connection to MySQL server
mysql_connect('localhost','root','root');
mysql_select_db('administration');

// *** Validate request to login to this site.
//session_start();

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_redirectLoginSuccess = "validate.php";
  $MM_redirectLoginFailed = "index.html";
  $MM_redirecttoReferrer = true;
  mysql_select_db('administration');
      
  $LoginRS__query=sprintf("SELECT username, password FROM adminprofile WHERE username='%s' AND password='%s'",
  get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 
  $LoginRS = mysql_query($LoginRS__query) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    header("Location: " . $MM_redirectLoginSuccess );
	}
  else {
    header("Location: ". $MM_redirectLoginFailed );
}
?>

</body>
</html>

How come you keep missing one thing or the other :S ! Missing , this time. If this doesn't work, you can try this. It will surely work.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title>Cycle Tracks Portal - Validation Page</title>
		<style type="text/css" media="all">@import "images/style.css";
</style>
	<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="rss/" />
</head>

<body>
<?php
// connection to MySQL server
mysql_connect('localhost','root','root');
mysql_select_db('administration');

// *** Validate request to login to this site.
//session_start();

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_redirectLoginSuccess = "validate.php";
  $MM_redirectLoginFailed = "index.html";
  $MM_redirecttoReferrer = true;
  mysql_select_db('administration');

  $loginUsername=get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername);
  $password=get_magic_quotes_gpc() ? $password : addslashes($password);  
  $LoginRS__query="SELECT username, password FROM adminprofile WHERE username='$loginUsername' AND password='$password'";
  
  $LoginRS = mysql_query($LoginRS__query) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    header("Location: " . $MM_redirectLoginSuccess );
	}
  else {
    header("Location: ". $MM_redirectLoginFailed );
}
?>

</body> …

line 24. $MM_redirectLoginFailed = "index.html; <<< you haven't closed it.
It should have been
$MM_redirectLoginFailed = "index.html";
Use the code that I have posted in previous post. I guess it will work. Your new modified code has a different select query !

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title>Cycle Tracks Portal - Validation Page</title>
		<style type="text/css" media="all">@import "images/style.css";
</style>
	<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="rss/" />
</head>

<body>
<?php
// connection to MySQL server
mysql_connect('localhost','root','root');
mysql_select_db('administration');

// *** Validate request to login to this site.
//session_start();

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_redirectLoginSuccess = "validate.php";
  $MM_redirectLoginFailed = "index.html";
  $MM_redirecttoReferrer = true;
  mysql_select_db('administration');
      
  $LoginRS__query=sprintf("SELECT username, password FROM adminprofile WHERE username='%s' AND password='%s'",
  get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 
  $LoginRS = mysql_query($LoginRS__query) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    header("Location: " . $MM_redirectLoginSuccess );
	}
  else {
    header("Location: ". $MM_redirectLoginFailed );
}
?>

</body>
</html>

There was a missing ". :)

Hello The Judge. Welcome to Daniweb !

The syntax isnt wrong. Print whats in $MM_redirectLoginSuccess and $MM_redirectLoginFailed. Header function fails if you are outputting ANYTHING before calling a header function.

You dont need $adminprofile. mysql_query takes 2 parameters. 1. The query and 2. The connection resource. The second one is optional.

You are welcome.

Okay ! after much head scratching and testing, this is what I found. (I hope the div class will remain the same! :S)

<?php
$url = 'http://www.directcosmetics.com/results/products.cfm?ctype=ME&range=Hummer&code=34744';
$html = file_get_contents($url);
$reg = '/<div class=\"value\">(.*)<font size="3">(.*)<\/font><\/div>/s';
preg_match($reg,$html,$matches);
print str_replace("&pound;","",$matches[1]);                                       
?>

Hope that helps ! :)

You are welcome !

On line 23, mysql_select_db($database, $administration); What are you trying to do ?
If administration is the database name, you should give, mysql_select_db('administration'); Read more on mysql_select_db here.

yep. Also post relevant code. :)

Its more of a css issue. Post it here.

Cheers,
Naveen

It wont. Because, it will check if the eid is valid. I am adding all the valid eids to an array remember :P. It will display the error message if eid is not in the array. So, this way, the user can't alter with eids !

Welcome to Daniweb Safdar Ali!

http://dev.mysql.com/downloads/ ! :S