PHP - Clean If Statement

Hi,

I am creating a website but am having trouble with the following:

I have an include file(db.inc) which contains the following:

function clean($input, $maxlength)
{
$input = substr($input, 0, $maxlength);
$input = EscapeShellCmd($input);
return ($input);
}

The file I am having the problem with is my view.php file. I get the following error:

Notice: Undefined variable: file in C:\wamp\www\fermpix\view.php on line 4

Line 4 contains the following:

$file = clean($file, 4);

My view.php does have the line:

include 'db.inc';


Does anybody have any idea what the issue might be?

Cheers
Paul

I've been messing around with clean urls in php and I've been having some trouble. I'm working on a private messaging system and when I go to "sitename.com/mail/view.php?page=inbox" it correctly displays the users inbox messages but when I put "sitename.com/mail/view/inbox/" it just displays the page like the GET value isn't set. Why is that?

this is the HTACCESS file for clean url

RewriteEngine on

RewriteCond %{REQUEST_FILENAME} !-d

RewriteCond %{REQUEST_FILENAME}\.php -f

RewriteRule ^view/([a-z]) view.php?page=$1 [NC,L]

 

Hi

Im trying to write a script to clean up my image directory which has quite a lot of unused images that have built up over time.
In order to do this I am doing the following.

First Create a database table called 'image_clean' Then I'm searching through 3 tables and collecting all the image file names and dumping the names in the table 'image_clean'

Can do that no problem. So now I have all the images I need in this one table 'image_clean' I now want to go through my directory 'image_uploads' and delete anything thats not in the 'image_clean' table.

I know how to delete the files using unlink Im just unsure how to search through the directory file by file and check the file against the database. Im asumming I need to put them in an array. Could anyone give be a clue or two to get me started.

I have no problem checking a database against a directory but when its the other way round 'checking a directory against a database I'm lost. What I might do is pop the files to delete in a new database called 'image_delete' so that I can then check the images to delete before I write the unlink script. But I'm just not sure how to pick up each file and compare it to the table.

Thanks in advance.

I'm new to OOP and trying to write tiny classes to get practice.

The next class I want to create will be used to clean HTTP data from when a form gets submitted.

I'm embarrassed to say, but I'm scratching my head trying to figure out what types of things I should do as far as "sterilizing" POST and GET data?!   

Can someone get me started here?

Thanks,


TomTees

if any body copy and paste anything from word to editor some unwanted css also coming with that pasting. when we request the data same css also coming with that. so how to clean data  when we request
$desc =$_request['contents'];


how to solve this issue. please help me.

I created a new homepage for my network of sites I run. I tried to go for a simple and clean look. The pages themselves function how I'd like, but I'm unsure if the menu system is easy to understand or not.   I even added a time limited message on the front page of the site indicating that the logo was clickable, but purposely left it off of other sub-pages to try and keep the design as clean as possible.   Check it out, let me know what you think.   http://ctenetwork.com

I currently use the following function to clean form inputs to prevent MySql injection,

Does this function do enough to prevent MySql injection? is there anything i have missed?

 
<?php

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}

?>

I've been using clean URLs and it's been giving my PHP sessions for my user system some trouble. I display the logged in users username on every page via a header.php file that I require on every page. Sometimes when I click a link to navigate to a page with a clean URL, the session information "disappears" and asks the user to login but if I navigate to another page from the clean url that the session "disappeared" on, the logged in users username is displayed at the top of the page like normal. Any idea certain pages cause the session to "disappear"

 

Header.php where the user info is displayed. $_SESSION['username'] is set on the login page

<?
session_start();

if (isset($_SESSION['username'])) {

	echo "Welcome back, " . $_SESSION['username'];
}
?>

 

Edited June 13, 2020 by Nematode128

I am currently using my own error handler so i can log all mysql errors into a mysql table:
mysql_query('select data from table')or trigger_error(mysql_error(),256);

If there's an error i need to know the line number where the mysql_query function was called.

Is it possible to instead use this code:
mysql_query('select data from table');

but somehow transparently log a mysql error and the line number if there is an error in the query?

thanks

i have my form with 5 fields that are not required to be filled out.
Code: [Select]
<input class="inputbg" type="text" name="MAC[]"  />
<input class="inputbg" type="text" name="MAC[]"  />
<input class="inputbg" type="text" name="MAC[]"  />
<input class="inputbg" type="text" name="MAC[]"  />
<input class="inputbg" type="text" name="MAC[]"  />

On my process page I want to remove all of the empty index's that did not have data entered. I am new to sending array data via POST do I need to do anything else other then what is below?

Code: [Select]
           

    foreach($MAC as $key => $value) {
                  if($value == "") {
                     unset($MAC[$key]);
                   }
            }

            $mac_addresses = array_values($MAC);

  if(empty($mac_addresses)){
      $error = "You did not enter any MAC adresses.";
     $valid = "false";
    }

Hello everybody,   I am honestly quite a newb when it comes to mod_rewrite.   We run a small social media page with different areas and I would like to change the URLs to something more clean and professional.   User profiles look like this:

http://www.sky-mp3.com/index.php?action=cm&siteid=59&wahl=artists&tat=details&keyid=477

siteid 59 is the artists list and the keyid at the end is the ID of the artist but should be like:

http://www.sky-mp3.com/mischura 

or in worse case like:

http://www.sky-mp3.com/user/mischura 

CMS pages look like this:

http://www.sky-mp3.com/index.php?siteid=106

but should be like:

http://www.sky-mp3.com/charts

(page name instead of siteid)   What I know so far: - I have to add something to the .htaccess file - I need to change something in the code (but I don`t know where)   Im good he?   What would be the first step on the path to clean URLs for me? I found alot of infos here and there but found nothing yet for this specific case.   Kind regards from and thx in advance from Cologne            

I'm having issues with the following:

Code: [Select]
<?php
session_start();
$_SESSION['username']=$_POST['username'];
$_SESSION['password']=$_POST['password'];
if($_SESSION['username']=="username" && $_SESSION['password']=="password"){
if($_GET['product']=="add"){
$content.='
<p><label>Product Name:</label> <input type="text" name="product_name" size="30" />
<label>Product Price:</label> <input type="text" name="product_price" size="5" />
</p>
<p><label>Product Category:</label> <input type="text" name="product_category" size="30" /></p>
<p><label>Product Link:</label> <input type="text" name="product_link" size="30" /></p>
<p><label>Product Image:</label> <input type="text" name="product_image" size="30" /></p>
<p><label>Product Tag:</label> <input type="text" name="product_tag" size="30" /></p>
<p><label>Product Keywords:</label> <input type="text" name="keyword" size="30" /></p>
<p><label>Product Features:</label><br />
<textarea name="product_features" rows="10" cols="60"></textarea>
</p>
<p><label>Product Pros:</label><br />
<textarea name="product_pros" rows="5" cols="30"></textarea>
</p>
<p><label>Product Cons:</label><br />
<textarea name="product_cons" rows="5" cols="30"></textarea>
</p>
<p><label>Product Description:</label><br />
<textarea name="product_description" rows="10" cols="60"></textarea>
</p>
<p><label>Product Notes:</label><br />
<textarea name="product_notes" rows="5" cols="30"></textarea>
</p>
';
$logout='<div><a href="./acp_admincp.php?log-out">Log-Out</a></div>';
}
elseif($_GET['product']=="view"){
}
else{
$content.='
<a href="./admincp.php?product=add">Add New Product</a>
<br />
<a href="./admincp.php?product=view">View Products</a>
';
}
}
elseif(isset($_GET['log-out'])){
session_start();
session_unset();
session_destroy();
header("Location: ./admincp.php");
}
else{
$content='
<form action="./admincp.php" method="post">
<p><label>Username:</label> <input type="text" name="username" size="30" />';
$content.='</p>
<p><label>Password:</label> <input type="password" name="password" /></p>';
$content.='<p><input type="submit" value="Submit" name="Submit" /></p>
</form>';
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<base href="http://ghosthuntersportal.com/" />
<title>Ghost Hunter's Portal - Admin Control Panel</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="verify-v1" content="" />
<meta name="keywords" content="ghost, hunters, hunter, ghosts, spirit, spirits, paranormal, investigation, investigator, investigators, k2, emf, meter, kii" />
<meta name="description" content="Ghost Hunters Potal. Parnormal research equipment store." />
<meta name="author" content="Andrew McCarrick" />
<meta name="robots" content="index, follow"
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<img src="./logo.png" alt="Ghost Hunter's Portal Admin Control Panel" />
<br />
<div style="color: #AA44AA; font-size: 26px; margin-top: -30px; margin-left: 125px;">Admin Control Panel</div>
<?php
echo $logout;
echo $content;
?>
</body>
</html>

I can log-in, and get to the page with the two links on it. However, once I click one of the links it falls back to the log-in page, and it ends up being a never ending loop.

It's doing this:
Log-In --> Page with links ---> Log-In page again

Should be doing this:
Log-In --> Page with links --> Add Product page or View Products page

I can never get into the the actual sub page.

Just to be clear, the address bar actually shows product=add or product=view, but it still shows the log-in page.

Hello Everyone,
I have to change the if statements to a switch statement, in this game. Can anyone help? Thanks.

var checkKeyPressed = function (e) {
// Press key A or key D to make dog run to the left or right
// The running speed is specified by the step variable, 10 by default.
// If you replace 10 with a larger integer, the dog will run faster.

    //press A, dog runs left
    if (e.keyCode == "65") {
        if (prex[0] > 5) {
            prex[0] = prex[0] - step;
        }
    }
    //press D, dog runs right
    if (e.keyCode == "68") {
        if (prex[0] < right) {
            prex[0] = prex[0] + step;
        }
    }
};

I'm having a problem whit the pdo - sql statement:
It dosen't return anything
but when i try $sql = " SELECT en FROM word WHERE MATCH (sp) AGAINST (:word IN BOOLEAN MODE ) "; without the pdo it's working perfectly
Code: [Select]

$sql = " SELECT en FROM word WHERE MATCH (:sp) AGAINST (:word IN BOOLEAN MODE ) ";
$st = $con->prepare($sql);
$st->bindValue(":word",$word,PDO::PARAM_STR);

  $st->bindValue(':sp','sp',PDO::PARAM_STR);


   
$st->execute();