Posts by mschroeder

Alright, since you responded with a great example of how to do it with regular expressions, I guess I can provide an xpath example using the DOM as i mentioned previously.

<?php
$sUrl = 'http://www.google.com';

$oDom = new DomDocument();
@$oDom->loadHTMLFile( $sUrl );

$oXpath = new DomXpath($oDom);

//Could also be //@href | //@src i just think the one used gives you more finite control over the result set.
$oRes = $oXpath->query("//a/@href | //img/@src | //script/@src");

$i=0;
foreach($oRes as $h1) {
	echo $h1->nodeValue . '<br>';
	$i++;
}

echo $i.' urls found in page.<br /><br />';

http://images.google.com/imghp?hl=en&tab=wi
http://maps.google.com/maps?hl=en&tab=wl
http://news.google.com/nwshp?hl=en&tab=wn
http://video.google.com/?hl=en&tab=wv
http://mail.google.com/mail/?hl=en&tab=wm
http://www.google.com/intl/en/options/
http://www.google.com/prdhp?hl=en&tab=wf
http://groups.google.com/grphp?hl=en&tab=wg
http://books.google.com/bkshp?hl=en&tab=wp
http://scholar.google.com/schhp?hl=en&tab=ws
http://www.google.com/finance?hl=en&tab=we
http://blogsearch.google.com/?hl=en&tab=wb
http://www.youtube.com/?hl=en&tab=w1
http://www.google.com/calendar/render?hl=en&tab=wc
http://picasaweb.google.com/home?hl=en&tab=wq
http://docs.google.com/?hl=en&tab=wo
http://www.google.com/reader/view/?hl=en&tab=wy
http://sites.google.com/?hl=en&tab=w3
http://www.google.com/intl/en/options/
/url?sa=p&pref=ig&pval=3&q=http://www.google.com/ig%3Fhl%3Den%26source%3Diglk&usg=AFQjCNFA18XPfgb7dKnXfKz7x7g1GDH1tg
https://www.google.com/accounts/Login?continue=http://www.google.com/&hl=en
/intl/en_ALL/images/logo.gif
/advanced_search?hl=en
/preferences?hl=en
/language_tools?hl=en
/intl/en/ads/
/services/
/intl/en/about.html
/intl/en/privacy.html
29 links found in page.

The only thing to be aware of here, is urls that are relative and not full paths. You would need to put some logic in place to add the domain back to them if its not there already.

the registered number of algorithms will vary by system, although in my experience most of them are commonly available. As far as execution time, that would vary drastically depending on the type of hardware your site/system is hosted on.

I would suggest running a quick benchmark on the hash_algos() output.

<?php

$aAlgos = hash_algos();
$sStringToHash = 'This is a test string';
$sSaltString = 'This is the salt';

foreach( $aAlgos as $sAlgoName)
{
	echo 'Algorithm: ' . $sAlgoName . '<br />';
	
	$iStart = microtime(true); //Only valid with PHP5
	$sHashed = hash( $sAlgoName, $sStringToHash . $sSaltString );
	$iEnd = microtime(true);
	
	
	echo 'String Length: ' . strlen( $sHashed ) . '<br />';
	echo 'Hash: ' . $sHashed . '<br />';
	echo 'Total Hashing Time: ' . number_format( ($iEnd - $iStart), 8) . ' seconds';
	echo '<hr />';

}

It is crude but should give you a fairly accurate idea of how long its taking your system to run a single hash. I'm not certain if there are other factors that would skew this benchmark or not as I'm not familiar with the internals behind the hash() function.

The hash function is a function that allows you to utilize numerous kinds of algorithms. if you run print_r(hash_algos()); it will give you an array of the hash algorithms available on your system. Whirlpool is just one type of hash, like MD5, SHA1 and CRN32

A salt is basically adding a random string(s) to whatever you are encrypting or hashing:

<?php

$sSalt = '8*S&AsEc4qUs';
$sHash = hash( 'whirlpool', $sString . $sSalt );

echo $sHash;

so if the user decided to make their password "password" the hashed password would actually be for the value of "password8*S&AsEc4qUs" which would prevent someone from using a hash lookup database as it ensures that the users password has some form of complexity to it. This is assuming that someone was looking at the actual hash stored in the database and not trying to forge logins from a from.

I *believe* phpBB3 uses the random salt for every password option i mentioned in my previous post. It would be something like this:

<?php

function getSalt( $iLength = 10 )
{
	$sPossible = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()-+=[]{}|';
	$iPossibleCount = strlen( $sPossible );
	
	$sSalt = '';
	for( $i=0; $i<$iLength; $i++ )
	{
		$sSalt .= $sPossible[mt_rand(0, $iPossibleCount)];
	}
	
	return $sSalt;
}

$sPassword  = 'password';
$sSalt = getSalt();

$sHash = hash('whirlpool', $sPassword . $sSalt );

//Store  $sHash and $sSalt in the database.

Although I imagine when you get into generating random salts, you are going to be just as comparable to double hashing the same string, in terms of cpu usage …

hashing and encryption are two different things.
hashes like MD5, SHA1, Whirlpool etc. are one way. There *should* NOT be a way to reverse them.

Encryption however is two way. you can encrypt a string and when decrypted returns the same string.

For hashes I agree with cwarn in the use of whirlpool, but i would have to argue that salting the string to be hashed prior to running it through whirlpool, would be just as strong as double hashing the string, but would require less cpu work. You could also make it infinitely harder by generating a random salt for every password and then storing the salt along with the hashed string in the database.

If the op is interested in encryption I would suggest taking a look at this post in the php documentation using the mcrypt library. http://us2.php.net/manual/en/function.mcrypt-encrypt.php

There are also a few different mysql methods for dealing with encryption:
aes_encrypt/aes_decrypt
encode/decode
des_decrypt/des_encrypt

I've worked on projects where for example, passwords needed to be hashed to prevent their snooping by people with access to the database, and also where passwords needed to be encrypted so that support staff could view the password if the user had forgotten it, without having to reset it to a random string or a default password.

<?php

$xYahooXML = '
<ysearchresponse responsecode="200">
	<prevpage> /ysearch/web/v1/sunflower%20seeds?appid=e4j0dGfIkY0.VnPaj_m8JivWDmAdWAV50uTRuIaqvA--&amp;format=xml&amp;count=1&amp;start=0 </prevpage>
	<nextpage> /ysearch/web/v1/sunflower%20seeds?appid=e4j0dGfIkY0.VnPaj_m8JivWDmAdWAV50uTRuIaqvA--&amp;format=xml&amp;count=1&amp;start=2 </nextpage>
	<resultset_web count="1" start="1" totalhits="376055" deephits="11600000">
		<result>
			<abstract> Home to the <b>seed</b> brand featuring products, nutrition facts, and more. </abstract>
			<clickurl> http://lrd.yahooapis.com/_ylc=X3oDMTRrYzhoc210BF9TAzIwMjMxNTI3MDIEYXBwaWQDZTRqMGRHZklrWTAuVm5QYWpfbThKaXZXRG1BZFdBVjUwdVRSdUlhcXZBLS0EcG9zAzEEc2VydmljZQNZU2VhcmNoV2ViBHNsawN0aXRsZQRzcmNwdmlkA2ZIUnh2RVBEQjJHQjIxOF9zZjhLc3dsa1RNTzJsa21qWS5FQUE2WkI-/SIG=10v00dabm/**http%3A//www.davidseeds.com/ </clickurl>
			<date>2008/12/12</date>
			<dispurl>www.<b>davidseeds.com</b></dispurl>
			<size>7122</size>
			<title>David <b>Sunflower</b> <b>Seeds</b></title>
			<url>http://www.davidseeds.com/</url>
		</result>
	</resultset_web>
</ysearchresponse>';

$oSimpleXML = new SimpleXMLElement( $xYahooXML );
echo $oSimpleXML->resultset_web->attributes()->totalhits;

First, I used SimpleXML as it is generally easier to parse this kind of xml with.

Second, I don't know if the DOM will complain about this, but to my knowledge for XML to be valid a node can not contain an html entity that is not in entity format aka & => & Also, besides 5 entities quot, amp, apos, lt, gt any other element has to be numerically defined. http://en.wikipedia.org/wiki/List_of_XML_and_HTML_character_entity_references
I had to change the &'s to & in the url's in your code to get SimpleXML to not complain about it being invalid xml etc.

Let me know if you have any additional questions.

<script type="text/javascript">
document.write('Clock');
</script>

But, seriously, how about you do some searching, try to put something together and when you have problems you post what you have so far and we provide you with some assistance.

If the server is configured to allow access from the outside world, then just use the ip of the machine to connect to it.

At least in terms of cPanel you need to add external hosts to the permissions for connections outside of localhost.
I *believe* DirectAdmin was/is the same way.

<td width=""><p><?php echo nl2br(wordwrap($message, 75, PHP_EOL, true)); ?></p></td>

The wordwrap function breaks your content down with PHP_EOL which is a constant that is defined to match the proper end of line charachter for your operating system.

Then uses nl2br to convert them to <br>'s including any ones the user entered.

the only thing i caution is against using the last parameter of "true" as this will allow php to cut words in half instead of breaking at the nearest word break

I'm not seeing whats so difficult with the code i posted.
I tend to believe the problem is, you don't want to look at, and apply the concepts to your code, you simply want the exact solution to your problem.

The code I posted not only handles the click events on EVERY checkbox on the page but also provides the mechanisms for capturing the value of the checkbox and the name of the field.

It also handles the AJAX request. The only difference is I used a function designed for returning JSON as an example of the flexibility you gain by working with a javascript library. You could just as simply make an ajax call with $.ajax and return xml or anything else you would like.

If my solution doesn't appease you, then I would suggest having a look here.

in your parameter_check function
$_SESSION[] = $error_list;