Jump to content
xisto Community

Spectre

Members
  • Content Count

    1,034
  • Joined

  • Last visited

Everything posted by Spectre

  1. That is the most retarded waste of time and energy I have ever seen. To think that someone sacrificed a small part of their life, and killed a large number of their brain cells to put that together.It's quite tragic.
  2. The first two options that spring to mind would be assigning the value to a string variable type, or using the number_format() function (which returns the value as a string, and also groups the digits in blocks of three seperated by a comma, by default). For example: // If printed, would display '1.e+14'$number = 100000000000000;// If printed, would display the value as a string, exactly as you see it// (the quotes indicate a string value)$number = '100000000000000';// If printed, would display the number with digit grouping$number = number_format(1.e+14); Hope that explains things for you.
  3. Spectre

    Include Help

    I would recommend going with round's suggestion. A folder may contain other files that you do not wish to include, such as, for example, .htaccess. Having a configuration file which explicitly specifies which files to include might take a little longer to put together, but would be a much better idea overall.
  4. Please don't bump posts. Someone will get around to answering them when they have the time.The error you are receiving is a result of a previous MySQL query not completing successfully or not returning a result. I'll assume this is on the line '$result=mysql_query($query);', meaning that the query contained within the $query variable is not valid or is not returning anythng. Try adding some more error detection/prevention.
  5. One possible way would be to attempt to establish a connection to the host on common proxy ports, such as 8080, 3128, 80, etc. The only problem is that it would also stop people who either had a web server running on their machine on one of the ports (usually 80), and those who have to connect via an ISP-supplied proxy (there are such circumstances).
  6. I'm assuming you want it to be \n. So change it to echo "<br>\n";. A string is indicated by a value between two quotation markes - single or double (you can use either, as long as it is consistent in assigning the value - you can't start it with a single quote, and end it with a double). A backslash indicates a literal character - so in this case, it would add the double quote to the string, and cause everything from there until the next standalone double quote to become apart of the string.I'm a little tired to be explaining things, but you should get the idea.
  7. On line 56, you have: echo "<br>n\";This will cause the final quotation mark to become part of the string, rather than signal the end of it, so it is still assuming that everything thereafter is to be included in the string being sent to 'echo'.
  8. You aren't finalizing the if() statement. Place a closing brace } after 'return;' on line 9. That is the most likely cause of the errors that I can see. Does it say 'unexpected $', or 'unexpected $end'? The later means an if(), while(), etc statement or a function hasn't been closed correctly, and the PHP engine isn't expecting to reach the end of the script.
  9. Well, I screwed that one up good and proper. Please ignore all of my posts within this thread, and could a moderator please delete the above? Thanks.
  10. There is an SQL query executed: $sql = "SELECT title, sub_title, details, price FROM sport_specials WHERE sub_title = '$cso' ";$result = mysql_query($sql);Seeing as they aren't getting any connection errors (at least, they haven't mentioned it) I think it's safe to assume that they are connecting to the database prior to this. It doesn't appear to be the entire script. kvarnerexpress, exactly where does the error occur, and what is it that happens? You are obviously free to do as you will, but I would rewrite the given code to something along the lines of: // Drop down menu$query ='SELECT sub_title FROM sport_specials'; //run query$result = mysql_query($query);if ($result) { $data = mysql_fetch_array($result); echo '<select name="cso" class="textarea" id="cso">'; while ($special = mysql_fetch_array($result, MYSQL_NUM)) { echo "<option value=\"".$special[0]."\">$special[0]</option>\n"; //Display available sports drop down menu }} I don't think you're structuring the mysql_result() function properly either. So: // SQL 'statement'if( isset($_POST['submit']) && $_POST['submit'] == 'Get Details' ) { echo 'start'; // I'm going to assume that $cso already has a value. $sql = "SELECT title, sub_title, details, price FROM sport_specials WHERE sub_title = '$cso' "; $result = mysql_query($sql); if( mysql_num_rows($result) > 0 ) { echo 'hello'; $db = mysql_fetch_assoc($result); $title = htmlentities($db['title']); $sub_title = htmlentities($db['sub_title']); $details = htmlentities($db['details']); $price = htmlentities($db['price']); } else { echo 'error'; $error[sizeof($error)] = "There is no description in this offer for selected special"; }} Formatting and coding style obviously doesn't matter, and I don't know if this will fix your error or not - a little more detail of the problem wouldn't go astray.
  11. Heh, thanks a lot, people. I know this topic is kind of old now, but I never had a chance to thank you for it. So... thanks.I actually stumbled accross Xisto quite by accident the other day, and decided that seeing as I had a bit of free time, I might as well post a bit and check up on how things are going. The 'new' management seems to be running things well.
  12. Ok, thanks. It seems that SQL injection via GET is taken care of, so it isn't as potentially dangerous as I at first thought it might be.I've notified Opaque of it all the same. Hopefully it will be cleared up soon.
  13. That's just your opinion, thomas4. Not everyone sees things the same way you do. Modifying someones reputation simply because they disagree with you is childish and stupid.Are you saying that Sony sucks because they are trying to make money? Wow, what a concept - a company trying to earn profits.
  14. Heh, I didn't notice the MD5 hashing. My apologies. It goes through some stripping, but certainly not enough to be considered secure. A 'salt' is bascially just a random generation used in conjunction with the cipher key, essentially causing the end result to be harder to break. If you are using the md5() function alone, then you shouldn't need to worry about it. I not 100% sure what you're asking in regard to comparing hashed values. If you encrypt the password entered in registration and then store that encrypted value in the database, then yes, you need to encrypt it again when entered during login for comparison. The password entered by the user will obviously not be in an encrypted form, so you can't compare a raw value against an encrypted value and come out positive. I think that's what you're asking about. Because there are no visible errors in the script shown here, I am going to assume that the problem lies either in the registration script, or your database structure. Try looking into both of these.
  15. That it is to say, it's better to use single quotes if you can. There are obviously many situations in which the alternative is required. (We need an edit button.)
  16. It does matter. Unless you can hash strings in MD5 in your head, I'm assuming you are entering your password in plain-text - so basically, the plain-text password is going to be compared to the hashed password, meaning they won't match. Try using: $pass = md5($pass);(assuming you haven't used a custom salt) after '$pass=addslashes($pass);'. Also, just a tip - where possible, use a single quote instead of a double quote, as it is quicker and less memory intensive. Strings within double quotes are checked for variables, escape characters, special formatting etc, so it takes longer to process. You could also use urldecode() instead of checking for '%20'. For example: $user = urldecode($user);$pass = urldecode($pass);$user=str_replace(' ','',$user);$pass=str_replace(' ','',$pass); Oh, and you want to be careful when passing user-entered values directly to a MySQL query. It can create all sorts of problems of the security kind.
  17. Try and avoid making short, pointless posts; they won't count towards you earning free hosting. Remember that applications are manually reviewed, and all of the requestee's posts are looked over. If the majority of them in no way contribute anything (ie. they are spam), your application will probably be denied.
  18. Hmm, this could turn into something serious. Which user is it, and where abouts are you trying to view their reputation from?
  19. I just started skating last week, and I'm still trying to master the kickflip, which I still can't do consistantly. It's damn hard to get it the first time. I guess technique will come with practise.Most of the people I know have lived on their boards since they were around twelve or thirteen, so I'm quite a few years behind. I just never really got into it.
  20. I most certainly agree with having the Edit button reinstated. And s243a's suggestion is certainly workable - simply recalculate the point value for the post upon editing, and adjust the users points accordingly.Opaque, if you want help with this, get in touch with me. I haven't spoken to you in a while.
  21. Argh, what am I thinking? That would select the character, not the first 5 characters. It's 3:00am, so you'll have to excuse my incoherence.
  22. You can also use $variable[length], eg. $variable[4]. Remember that the starting position is 0, not 1, so this would extract the first 5 characters.
  23. I'm not a huge advocate of CMS', but there are already an expansive number of them freely available that have been extensively tested and refined. Seeing as you aren't willing to pay for the work, I would suggest you look at using one of the available alternatives.
  24. The statement is doing exactly what it should do. It's funny how people will blame anything/anyone other than themselves.HmmZ, in PHP, a period is used to join two variables or add data to an existing variable. Because you have enclosed the condition in quotes, it would become exactly what you see (with the variables replaced by their respective values).
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.