- Strength to Increase Rep
- +0
- Strength to Decrease Rep
- -0
- Upvotes Received
- 2
- Posts with Upvotes
- 2
- Upvoting Members
- 2
- Downvotes Received
- 0
- Posts with Downvotes
- 0
- Downvoting Members
- 0
25 Posted Topics
 | The handyman is telling the truth, the rest are lying. The detective could tell which witnesses were lying through instinct, experience, story comparison and knowledge of human behavior, although circumstance (dark light, only getting a glimse of the subject, etc etc) could create a situation where the witness story was …  |
 | Try doing a: [code] telnet localhost 3000 [/code] To see if the service is really starting on that port or there's some other issue. If it times out the service definitely isn't started. Check your firewall settings too. Try unplugging your network cable, turning firewall completely off and hitting it. … |
| | Re: CNAME records [QUOTE=PC_Nerd;616778]Hi, Im trying to find out about redirecting my site to another daomain - and I couldnt quite pick the right forum to post in so this seemed the best one since im most familiar with PHP. short and to the point. xyz.com I want that to be viewing abc.def.com … |
| | University of MD has an online school umuc.edu. You can down online courses all you want but for some people it's the only option (because of work and kids)... As far as what the degree means, I know people without them worth their weight in gold, and total douchebags that …  |
| | [QUOTE=Salem;604795]Effective time management and doing just what is necessary and sufficient is all part of the deal.[/QUOTE] In other words, git'er DONE! |
| | [QUOTE=nanodano;359068]I think it is unfair to stick the Ruby discussion forum inside Web Development. Ruby on Rails is a really handy web framework, but Ruby has other capabilities. I think it should be put under Software Development, does anyone agree?[/QUOTE] True, and where's the python forum? They should really have …  |
| | [QUOTE=webwareshop;620466]Hello All, I have a chat friend online who said to me that if I don't know java or .Net then my web design will not make me money. I know how to program in php, asp html etc and willing to learn more as knowledge has no age limit. … |
| | In reading and posting on this forum, I see a lot of code here that doesn't consider sql injection. SQL injection is an attack where the attacker terminates or modifies an sql query with input data. Here are some samples: [url]http://en.wikipedia.org/wiki/SQL_injection[/url] [url]http://www.unixwiz.net/techtips/sql-injection.html[/url] [url]http://www.securiteam.com/securityreviews/5DP0N1P76E.html[/url] In Michael Howard's blog, he wrote up … |
| | [QUOTE=ryy705;616925]Hello, Is it okay to save credit card data in the database. I know it will be password protected but still, it will be a disaster if someone ever hacks in. How do real world companies(mine is school project) save their customer's credit card information? Thank you in advance.[/QUOTE] Storing … |
 | you need to add a session checker to everything... pseudocode: [code] if([user is not logged in]) { header("Location: /login.php\r\n"); } [/code] Determining what an authenticated session is is more or less unique to every implementation so that check depends on how you define "valid". By default, I'm pretty sure php … |
| | Aieeee! First, never execute mysql queries in a loop. This is very very bad. Any data you need from the database, unless from unrelated tables, can be pulled with one query. I've found my self in the position where it would be the "easy" way out, but by increasing my …  |
| | Re: Session problem Determine what constitutes a logged in session. Codify it into an include and include the session checker in each script you want to protect. Unfortunately, example code would be hard to produce since we don't have a session printed out here to know what to look for. For further info, … |
| | This script is also vulnerable to sql injection. [I]Always filter your input variables.[/I] Google "sql injection prevention in php" or someone will steal all of your data and compromise your accounts. It would take under 5 minutes with this script. You need to do length checking, and character filtering. If … |
| | Re: variable values you can break caches by appending a ?[somevar]=[random string] after the image tag. They determine freshness by url (is it the same?) then, if the url is the same, by checking last modified date, E-Tag, etc. You can also serve them up using php to load the image and pass … |
| | Re: help with code Quick sanity check... In your original post you first saved the image with a random value, then you generated a new value and inserted it in the database. How could you possibly match the file if you are using a new random number after you already wrote the file? instead … |
| | I'm actually surprised this works at all anywhere because the result will look like: [code] <li class="linkLevel01"><a href="index.php" class="homy"style="background-color: #6C674F">Home</a></li> [/code] when printed to the page. You need a space before style= so you end up with: [code] <li class="linkLevel01"> -------------------------------| |----------- <a href="index.php" class="homy" style="background-color:#6C674F">Home</a> </li>[/code] If the browser … |
| | [code] $formvar = preg_replace("/[^\w\d]/g","",$formvar); [/code] inside the brackets add any special characters you want to allow. example: [^\w\d\-\@\.\&\n ] (note the unescaped space) A whitelist is far more powerful than just removing characters you think are bad. It's future proof. This regex tells preg it wants to replace everything except … |
| | [QUOTE=nav33n;606689]No.. That wouldn't be a problem.. You can pass an integer like a string, but not vice-versa. I still believe its the form action which was causing the problem! :-/[/QUOTE] yea tacking get variables onto a form action is very bad form(no pun intended). Put the data in a hidden … |
| | The cleanest way to handle this is: [code] $id='ha12345'; switch(true) { case preg_match("/^\w{2}\d{5}$/",$id): //user is LLNNNNN echo "LLNNNNN"; break; case preg_match("/^\w{3}$/",$id): //user is LLL echo "LLL"; break; default: //put login error here. use "username or password" is wrong so they //can't brute-guess your id format or ids. You also don't … |
 | think of "shell" as "dos prompt for unix". there are several of them and each has a superset of the same basic commands. When you log into a host via ssh, after logging in you "get a shell" where you can type commands. Most people mean Bourne Shell (or Born … |
| | Re: i`m lost!!! You have [url]http://localhost[/url] hardcoded in your script, use the host name of the web server. This would explain why it works on your workstation but not the server. When you have no session data it's because you've been transferred to the web server running on your workstation, and the session … |
| | [QUOTE=2xldesign;605773]I am trying a different approach and I think I am on the right track. I put the file upload script in Page 2 and I am trying to use UPDATE to insert the rest of the information (I hope I am going in the right direction). Now!.... what would … |
| | [QUOTE=Suhacini;605414]Hi, Can I change the information of a site depending on ip address. For example: I have different folders for each geographic location, say for USA it should show a different site, for UK it should show a different site, like wise depending on the IP address it should go … |
| | [QUOTE=ryy705;606379]Hello, Given a string like <form method="post" action="xyz.com"> I have to change it to <form method="post" action="myurl.com">. Could someone help me with this please? I think its something like [code]preg_replace("/(<form.*action=")xyz.com(*.>;)/", "$1myurl.com$2")[/code] but its not working. Kindly help.[/QUOTE] there's a quote after action= which is breaking the first string argument and … |
| | write a stored function in postgres that outputs the data in mysql's bulk insert format. bulk insert it into mysql. -r |
The End.