Search Results

Search found 72 results on 3 pages for 'ggfan'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 3/3 | < Previous Page | 1 2 3 

  • How do I make non-framework code to framework code? (PHP)

    - by ggfan
    I just started using CakePHP and it's very different from just normal procedural or basic OOP PHP. I am still learning PHP and still read "beginning PHP/mysql" books that teaches you basic PHP. Also lots of sites online provide code that isn't for a framework. Is the only way to make non-framework code to say a framework, say cakePHP, by learning cakePHP thoroughly than rewriting the code yourself to fit the MVC model?

    Read the article

  • How do people deal with mental plateaus in programming?

    - by ggfan
    Please excuse if this isn't the right type of question to ask here on SO. For the past few days, I just can't seem to get any quality programming done. I feel in the slumps when doing work and just can't concentrate. I also do happen to be learning a new skill(PHP framework) and I think that is the main reason why I feel I can't do anything. Are there anything you all do to "recharge" the brain and get back on track? Possible activites: 1. get away from the PC for a few days

    Read the article

  • How do I get the icons of TinyMCE to show?

    - by ggfan
    I installed TinyMCE and I have the textbox and the functions work(such as , ) but I don't see the tool box that has displays all the functions. Like in this example. How do I get the images to show? All I have is the textbox. I used the code from the example link and theirs has the images and all I have is the textbox. What part do I edit to be able to see the icons? //my source link <script type="text/javascript" src="/tinymce/jscripts/tiny_mce/tiny_mce.js"> tinyMCE.init({ // Example content CSS (should be your site CSS) content_css : "style12.css", // Drop lists for link/image/media/template dialogs template_external_list_url : "/tinymce/examples/lists/template_list.js", external_link_list_url : "/tinymce/examples/lists/link_list.js", external_image_list_url : "/tinymce/examples/lists/image_list.js", media_external_list_url : "/tinymce/examples/lists/media_list.js",

    Read the article

  • Will these security functions be enough? (PHP)

    - by ggfan
    I am trying to secure my site so I don't have sql injections and xss scripting. Here's my code. //here's the from, for brevity, i just show a field for users to put firstname <form> <label for="first_name" class="styled">First Name:</label> <input type="text" id="first_name" name="first_name" value="<?php if (!empty($first_name)) echo $first_name; ?>" /><br /> //submit button etc </form> if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //then insert into the database. ....... } mysqli_real_espace_string: I know that this func escapes certain letters like \n \r, so when the data gets inputted into the dbc, it would have '\' next to all the escaped letters? --Will this script be enough to prevent most sql injections? just escaping and checking if the data is a string. For integers values(like users putting in prices), i just: is_numeric(). --How should I use htmlspecialchars? Should I use it only when echoing and displaying user data? Or should I also use this too when inputting data to a dbc? --When should I use strip_tags() or htmlspecialchars? SOO with all these function... if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //gets rid of any <,>,& htmlspecialchars($first_name); //strips any tags with the first name strip_tags($first_name) //then insert into the database. ....... } Which funcs should I use for sql injections and which ones should I use for xss?

    Read the article

  • How do I get this php statement that gets all the values from database and outputs as checkboxes to

    - by ggfan
    I am a bit lost in all these "" and '' and . in this statement. Basically this query is to get all the tagname from table "tag" and display them for the users as checkboxes. If they have clicked 'submit' and they missed another field(say the title of a post), it would still have the tag they chose displayed. The part I need help with is the echoing part. It doesn't seem to remember the tag when they click submit. $query4 = "SELECT * FROM tags ORDER BY tagname"; $data4 = mysqli_query($dbc, $query4); while ($row4 = mysqli_fetch_array($data4)) { echo "<li><input type='checkbox' name='postingtag[]'"; if (!empty($postingtag)){ echo "value='$postingtag'"; } else{ echo "value='{$row4['tagID']}'"; } echo ">{$row4['tagname']}</li>"; }

    Read the article

  • What's wrong with my If-statement to check uploaded file? (PHP)

    - by ggfan
    I am trying to test if the uploaded file is the image type I want. If it isn't a gif,jpeg, png, it should echo "Problem". But when I execute this code, it always says there's a problem. What's wrong with my if statement? $uploadfile_type=$_FILES['userfile']['type']; if ( ($uploadfile_type !='image/gif') || ($uploadfile_type !='image/jpeg') || ($uploadfile_type !='image/png')) { echo 'Problem: file is not a gif or jpeg or png!'; exit; } This code works when I am only checking one type of image. Ex: if($uploadfile_type !='image/gif') -- this statement would work but when I add a OR it doesn't.

    Read the article

  • How can I make my password fields always empty?

    - by ggfan
    I have a form field where users can change their passwords, but if they set their settings to remember passwords, their password shows up. Is there a way to make the field always empty? So that they always have to type their password. <label for="oldpassword" class="styled">Old password:</label> <input type="password" id="oldpassword" name="oldpassword"/><br />

    Read the article

  • Is putting $_GET in headers safe? (PHP)

    - by ggfan
    In my profile.php script, I have a flag function that allows users to flag that user. If they flag a user, it sends data (user_id, reason, etc) to a file called flag.php which does all the banning and stuff. The data is sent to flag.php through header("Location: flag.php?user_id=___&reason=___") Then in flag.php, after it does all the banning, it redirects the user back to the profile through another header. The user never sees the flag.php. Is my flag.php safe? because they never see the script?

    Read the article

  • How can I secure my $_GETs in PHP?

    - by ggfan
    My profile.php displays all the user's postings,comments,pictures. If the user wants to delete, it sends the posting's id to the remove.php so it's like remove.php?action=removeposting&posting_id=2. If they want to remove a picture, it's remove.php?action=removepicture&picture_id=1. Using the get data, I do a query to the database to display the info they want to delete and if they want to delete it, they click "yes". So the data is deleted via $POST NOT $GET to prevent cross-site request forgery. My question is how do I make sure the GETs are not some javascript code, sql injection that will mess me up. here is my remove.php //how do I make $action safe? //should I use mysqli_real_escape_string? //use strip_tags()? $action=trim($_GET['action']); if (($action != 'removeposting') && ($action != 'removefriend') && ($action != 'removecomment')) { echo "please don't change the action. go back and refresh"; header("Location: index.php"); exit(); } if ($action == 'removeposting') { //get the info and display it in a form. if user clicks "yes", deletes } if ($action =='removepicture') { //remove pic } I know I can't be 100% safe, but what are some common defenses I can use. EDIT Do this to prevent xss $action=trim($_GET['action']); htmlspecialchars(strip_tags($action)); Then when I am 'recalling' the data back via POST, I would use $posting_id = mysqli_real_escape_string($dbc, trim($_POST['posting_id']));

    Read the article

  • Problem with echoing my array data in PHP

    - by ggfan
    I want to create an array of numbers: 10, 9,8...to 1. But when I echo $numbers, I get "Array" as the output as to the numbers. There is probably a simple thing I missed, can you please tell me. thanks! $numbers=array(); for ($i=10; $i>0; $i--){ array_push($numbers, $i); } echo $numbers;

    Read the article

  • Why does this sql statement keep saying it is a boolean and not a parameter? (php/Mysql)

    - by ggfan
    In this statement, I am trying to see if there if the latest posting in the database that has the exact same title, price, city, state, detail. If there is, then it would say to the user that the exact post has been already made; if not then insert the posting into the dbc. (This is one type of check so that users can't accidentally post twice. This may not be the best check, but this statement error is annoying me, so I want it to work :)) Why won't this sql work? I think it's not letting the title=$title and not getting the value in the $title... ERROR: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in postad.php on line 365 //there is a form that users fill out that has title, price, city, etc <form> blah blah </form> //if users click submit, then does all the checks and if all okay, insert to dbc if (isset($_POST['submit'])) { // Grab the pposting data from the POST and gets rid of any funny stuff $title = mysqli_real_escape_string($dbc, trim($_POST['title'])); $price = mysqli_real_escape_string($dbc, trim($_POST['price'])); $city = mysqli_real_escape_string($dbc, trim($_POST['city'])); $state = mysqli_real_escape_string($dbc, trim($_POST['state'])); $detail = mysqli_real_escape_string($dbc, trim($_POST['detail'])); if (!is_numeric($price) && !empty($price)) { echo "<p class='error'>The price can only be numbers. No special characters, etc</p>"; } //Error problem...won't let me set title=$title, detail=$detail, etc. //this statement after all the checks so that none of the variables are empty $query="Select * FROM posting WHERE user_id={$_SESSION['user_id']} AND title=$title AND price=$price AND city=$city AND state=$state AND detail=$detail"; $data = mysqli_query($dbc, $query); if(mysqli_num_rows($data)==1) { echo "You already posted this ad. Most likely caused by refreshing too many times."; } }

    Read the article

  • How do I select the most recent entry in mysql?

    - by ggfan
    i want to select the most recent entry from a table and see if that entry is exactly the same as the one the user is trying to enter. How do I do a query to "select * from the most recent entry of 'posting'"? $query="Select * FROM //confused here (SELECT * FROM posting ORDER BY date_added DESC) WHERE user_id='{$_SESSION['user_id']}' AND title='$title' AND price='$price' AND city='$city' AND state='$state' AND detail='$detail' "; $data = mysqli_query($dbc, $query); $row = mysqli_fetch_array($data); if(mysqli_num_rows($data)>0) { echo "You already posted this ad. Most likely caused by refreshing too many times."; echo "<br>"; $linkposting_id=$row['posting_id']; echo "See the <a href='ad.php?posting_id=$linkposting_id'>Ad</a>"; } else { ...insert into the dbc }

    Read the article

  • How do I create a timed ban on an account? (PHP/mysql)

    - by ggfan
    I want to create a function that allows me to ban an account for 10days. In the dbc, I have a field called "ban" and Boolean of 1=notban, 0=ban. I also have a field called "date_banned" which is just the timestamp of when the user got banned. My question is how do I create a time frame of 10days from the date the user was banned? ex: James was banned on "2010-05-03 20:43:48". So how can I go about adding 10days to the timestamp? And after 10days, it would set the "ban" equal to 1(which is not banned).

    Read the article

  • Are all CAPTCHA the same?

    - by ggfan
    I just downloaded and put an captcha test to my website. It's a free version and it does seem to do the job right. Is there any major difference between a free one and a professional one? Is there a recommended one I should use? That's free :)

    Read the article

  • Why doesn't this require_once statement find the file? (PHP)

    - by ggfan
    I not sure what's going on..maybe I missed something simple. In my connectvars.php file, I connect to the database using the variables in my config.php folder. Here's the hierarchy: admin(folder) config.php includes(folder) connectvars.php I want to get information from config.php to use in connectvars.php, so I use: require_once("../admin/config.php"); But everytime I do this I get Warning: require_once(../admin/config.php) [function.require-once]: failed to open stream: No such file or directory in /home/a8879415/public_html/includes/connectvars.php on line 2 BUT when I type: require_once("admin/config.php");, it works. I thought I had to go up a level, then go down to admin, then get config.php. So how come I just need to go into the admin folder then get config.php?

    Read the article

  • What's the safest way to remove data from mysql? (PHP/Mysql)

    - by ggfan
    I want to allow users as well as me(the admin) to delete data in mysql. I used to have remove.php that would get $_GETs from whatever that needed to be deleted such as... remove.php?action=post&posting_id=2. But I learned that anyone can simply abuse it and delete all my data. So what's the safest way for users and me to delete information without getting all crazy and hard? I am only a beginner :) I'm not sure if I can use POSTs because there is no forms and the data isn't changing. Is sessions good? Or would there be too many with postings, user information, comments, etc. Ex: James wants to delete one of his postings(it is posting_id=5). So he clicks the remove link and that takes him to remove.php?action=post&posting_id=5.

    Read the article

  • Is there a way to combine these 3 tables? (mysql)

    - by ggfan
    I'm creating a "flagged" func that flags users, postings, and comments. I am currently using three tables: "flagged_users" "flagged_postings" and "flagged_comments". And in each table, there's: flagged_id, user_id/posting_id/comment_id, reason. Is there a way to combine into just one table? or is 3 tables the best?

    Read the article

  • How to get my checking MIME type script to work? (PHP)

    - by ggfan
    For this script, it checks to see if the file is a microsoft words doc or ppt. I am not sure why this isn't running because it works for image MIME and text/plain. I am using PHP 5.3.1 so it should have all the MIME types installed already right? I am uploading words and powerpoint 2007. //Does the file have the right MIME type? if ($_FILES['userfile']['type'] !='application/msword') { echo 'Problem: file is not words doc.'; exit; }

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3