|
PHP - Stop That Back Slash..!
Hello friends,
I've php script that create files for example you enter file name (ex : test.php) file content (ex: any text ) it will create test.php file with the same content you entered. but the problem it add back slah \ before " or ' how can i stop it and make it not add back slash before " and ' here is the code <?php function saveFile($filename,$filecontent){ if (strlen($filename)>0){ $file = @fopen($filename,"w"); if ($file != false){ fwrite($file,$filecontent); fclose($file); return 1; } return -2; } return -1; } ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="domain" id="domain"> File name: <input name="filename" type="text" value="<?php echo $domainbase; ?>" /> File content: <textarea name="filecontent" rows="15" cols="46"></textarea> <input type="submit" name="submitBtn" value="Save file" /> </form> <?php if (isset($_POST['submitBtn'])){ $filename = (isset($_POST['filename'])) ? $_POST['filename'] : '' ; $filecontent = (isset($_POST['filecontent'])) ? $_POST['filecontent'] : '' ; if (saveFile($filename,$filecontent) == 1){ echo "File was saved"; } else if (saveFile($filename,$filecontent) == -2){ echo "An error occured during saving file"; } else if (saveFile($filename,$filecontent) == -1){ echo "Wrong file name"; } } ?> thank you alot it will really helps me alot Similar TutorialsPlease, take a look to the following code.After clicking Next it goes to overview.php.Why when I click back on my browser to return to this page again, it is not returning back? When I click back I receive "Confirm Form Resubmission" message. After refreshing page it loads page. I guess problem is in "session_start();" part. Something to do with cookies. Please, help me it is very urgent for me. <?php session_start(); echo "<html> <head> <title>Hello World</title> <meta http-equiv='Content-Type' content='text/html; charset=Windows-1252'/> </head>"; require_once ('functions.inc'); if(!isset($_POST['userid'])) { echo "<script type='text/javascript'>"; echo "window.location = 'index.php'"; echo "</script>"; exit; }else{ session_register("userid", "userpassword"); $username = auth_user($_POST['userid'], $_POST['userpassword']); if(!$username) { $PHP_SELF = $_SERVER['PHP_SELF']; session_unregister("userid"); session_unregister("userpassword"); echo "Authentication failed " . "Please, write correct username or password. " . "try again "; echo "<A HREF=\"index.php\">Login</A><BR>"; exit; } } function auth_user($userid, $userpassword){ global $default_dbname, $user_tablename; $user_tablename = 'user'; $link_id = db_connect($default_dbname); mysql_select_db("d12826", $link_id); $query = "SELECT username FROM $user_tablename WHERE username = '$userid' AND password = '$userpassword'"; $result = mysql_query($query) or die(mysql_error()); if(!mysql_num_rows($result)){ return 0; }else{ $query_data = mysql_fetch_row($result); return $query_data[0]; } } echo "hello"; echo "<form method='POST' name='myform' action='overview.php'>"; echo "<input type='submit' value='Next'>"; echo "</form>"; ?> Hi There, I am trying to this trick with PHP that get the last Value of the URL that the user enters in the Address bar in the browser (Not that that this is not a form) and use that value. for example I have a index page that starts with the code to do trick, then your comes to my website www.abcded.com/username So what I need to do is take the value which in this case is "Username" so I can use it, and as you know in normal case it will look for the folder called username under my root folder. Thanks, Hi, as a newbee i'm trying to figure this code out:
$search = get_the_title();
$lines = file('links.txt');
// Store true when the text is found
$found = false;
foreach($lines as $line)
{
if(strpos($line, $search) !== false)
{
$found = true;
echo $line,"<br/>";
}
}
// If the text was not found, show a message
if(!$found)
{
echo 'not found';
links.txt file contains links like: <a href="https://blabla.com/blablabla/blablablabla/The word or file to search" target="_blank" rel="noopener noreferrer">The word or file to search</a> I just want to search the this part: ( ">The word or file to search</a> ) of the url then return it as an clickable url and also limit search results to 3. Could somebody help me which code and where to put in php code above? Thanks in advance. I got these 2 rewrites:
RewriteRule ^user/([0-9]+)/(.*)/(.*)/ ./board/user.php?ID=$1&FIRSTNAME=$2&LASTNAME=$3 [L,NC] RewriteRule ^user/([0-9]+)/(.*)/(.*) ./board/user.php?ID=$1&FIRSTNAME=$2&LASTNAME=$3 [L,NC]And i want to combine them but when i do this: RewriteRule ^user/([0-9]+)/(.*)/(.*)(/|$) ./board/user.php?ID=$1&FIRSTNAME=$2&LASTNAME=$3 [L,NC]It doesnt work.. when i type this in the url https://www.mysite/board/users.php?ID=1&FIRSTNAME=Richard&LASTNAME=Grant/ the variables are retrieved like this: (has trailing slash) ID="1" FIRSTNAME="Richard/Grant" LASTNAME="" when i type this in the url https://www.mysite/board/users.php?ID=1&FIRSTNAME=Richard&LASTNAME=Grant the variables are retrieved like this: (doesn't have trailing slash) ID="1" FIRSTNAME="Richard" LASTNAME="Grant" This topic has been moved to mod_rewrite. http://www.phpfreaks.com/forums/index.php?topic=313168.0 Can someone tell me what's wrong with this? I'm trying to remove any folders listed in the url but maintaining the rest of the structure.... Example: http://example.com/test/test.php changes to http://example.com/test.php My current config is removing the folder but leaving a double slash - i.e. http://example.com//test.php Any help is greatly appreciated! Code: [Select] <?php function modify_url($mod) { $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; $query = explode("/", $_SERVER['QUERY_STRING']); // modify/delete data foreach($query as $q) { list($key, $value) = explode("/", $q); if(array_key_exists($key, $mod)) { if($mod[$key]) { } else { $url = preg_replace('/&?'.$key.'wp'.$value.'/', '', $url); } } } // add new data return $url; } $url = modify_url(array('' => '')); ?> <?php echo $url ?> This topic has been moved to mod_rewrite. http://www.phpfreaks.com/forums/index.php?topic=359558.0 This topic has been moved to mod_rewrite. http://www.phpfreaks.com/forums/index.php?topic=325383.0 I want to remove the file extension - I have done that.
I want to remove the trailing slash. - I have done that
But I cannot for the life of me get the the regular page to display instead of the folder which show a tree of files within it.
site.com/website-tips.php site.com/website-tips/increase speed.php The extension drops off and the trailing slash too but when I navgate back through the vreadcrumb to website-tips (without php in html code) it gives me the folder and shows the file tree (files within website tips folder) How would I solve this? right now if I access the website-tips.php file, it shows the directory and its interior pages Pls hlp out. I am trying to create a page for customers to enter their details. I am using a html form.
When the submit button is pressed the form posts the inputs to the same page, which then checks if the inputs are empty. If they are not then each post variable is allocated a session variable so this info can be accessed late on in the system.
If some of the inputs are empty then the value of the input forms become equal to the session variables that they were just allocated to so that the customer doesn’t have to retype their information.
This is where the problem occurs. When I load the page each input box has a slash inside it and when the submit button is pressed a mother slash is added.
My code is below:
<?php
session_start();
if(isset($_POST['NextPage'])){
if (!empty($_POST['CName'])){
$_SESSION["CName"] = $_POST['CName'];
if (!empty($_POST['CStreet'])){
$_SESSION["CStreet"] = $_POST['CStreet'];
if (!empty($_POST['CTown'])){
$_SESSION["CTown"] = $_POST['CTown'];
if ($_POST['Counties'] != "-"){
$_SESSION["CCounty"] = $_POST['Counties'];
if (!empty($_POST['CPostcode'])){
$_SESSION["CPostcode"] = $_POST['CPostcode'];
if (!empty($_POST['CEmail'])){
$_SESSION["CEmail"] = $_POST['CEmail'];
if (!empty($_POST['CNumb'])){
$_SESSION["CNumb"] = $_POST['CNumb'];
$NotEmpty = true;
}else{
$ErrorMsg = "Number is empty. </br>";
}
}else{
$ErrorMsg = "Email is empty. </br>";
}
}else{
$ErrorMsg = "Postcode is empty. </br>";
}
}else{
$ErrorMsg = "County is empty. </br>";
}
}else{
$ErrorMsg = "Town is empty. </br>";
}
}else{
$ErrorMsg = "Street is empty. </br>";
}
}else{
$ErrorMsg = "Name is empty. </br>";
}
}
$content = ' <h3 id="CTitle"> Customer Details </h3>
<p><i>'.$ErrorMsg.'</i></p>
<form action=" " method="POST" name="CDetails" id="CDetails">
Name: * <input type="text" name="CName" size="30" value='.$_SESSION["CName"].'/></br>
First line of your address: * <input type="text" name="CStreet" size="40" value='.$_SESSION["CStreet”];.’/></br>
Town: * <input type="text" name="CTown" size="25" value='.$_SESSION["CTown"].'/></br>
Postcode: * <input type="text" name="CPostcode" size="11" value=‘.$_SESSION["CPostcode"].'/></br>
Email address: * <input type="text" name="CEmail" size ="35" value='.$_SESSION["CEmail”];.’/></br>
Phone Number: * <input type="text" name="CNumb" value='.$_SESSION["CNumb"].'/></br>
<input type="submit" name="NextPage" value="Next" id="Next”/>
</form>
?>
when I send a post variable to another page for processing using cURL and then I echo the variable I am getting extra slashes and periods this is where I set the fields to send. Code: [Select] curl_setopt($ch, CURLOPT_POSTFIELDS,"name='. $name .'&email='. $email .'&serial='. $serialnumber .'"); this is what happens when I echo $serial on the processing page. Code: [Select] \'. SLNM7IV6ZM98YJRXO8D5 .\' it should look like Code: [Select] SLNM7IV6ZM98YJRXO8D5 I have a system setup to pull a while() query out of a file. As follows: // In another file that is included into the one I'm running. $support_1_start = './includes/modules/while/support.1.open.php'; $support_1_stop = './includes/modules/while/support.1.close.php'; // The actual file. include($support_1_start); // This starts the mysql while() query. ?> // Data should be displayed here... <?php include($support_2_stop); // This ends the mysql while() query. The only problem is that I'm getting the following error: Code: [Select] Parse error: syntax error, unexpected $end in /home/nuke/public_html/includes/modules/while/support.1.open.php on line 16 I assume its because I included the while() function, but didn't close it in that file, but instead another file. Maybe you know how to fix this? If you want my complete source code in order of what is ran: http://www.nuclear.apnx.us/source.txt I made a file for updating data. I do get the id back from the view page, but not the variable. What do I do wrong? I'm puzzling a few days, but just don't see it. This my code: Code: [Select] <?php // init $msg = ''; $errorMsg = ''; $rep_id = array(); $componist = ''; $repertoire = ''; $titel = ''; $formOK= false; // + + + + + + + + GET + + + + + + + + if(isset($_GET['id'])) { $rep_id = inputControl($_GET['id']); } if(isset($_GET['componist'])) { $componist = inputControl($_GET['componist']); } //print "session: $login_id, $login_recht"; // TEST van de sessie // + + + + + + + + + + + + + + + + POST + + + + + + + + + + if (isset($_POST['UpdateRepSubmit'])) { if (isset($_POST['componist'])) { $componist = inputControl($_POST['componist']); } if (isset($_POST['titel'])) { $titel = inputControl($_POST['titel']); } } //print'<pre>'; print_r($repertoire); print '</pre>'; //TEST2 // + + + + + + + + + + + + + + + + + + + queries $select_query= "SELECT * FROM repertoire_eng ORDER BY componist ASC "; print $select_query; // TEST 3 // # # # # # # # # # # # database connectie # # # # # # # # # # $dblink = mysqli_connect($host,$user,$pass,$db) or die ('Mysql-connectie heeft gefaald.'); if (!$dblink) { // + + + + + + fout bij met maken van databaseverbinding $errorMsg = "Geen verbinding met de MySQL-server"; } else { $result = mysqli_query($dblink, $select_query); if($result) { $i = 0; while ($row = mysqli_fetch_array($result)) { // uitlezen resultaat $repertoire_ids[$i] = $row['id']; $componisten[$i] = $row['componist']; $titels[$i] = $row['titel']; $i++; } } else { // + + + + + fout bij het uitvoeren van de query $errorMsg = "De query kon niet worden uitgevoerd."; } // # # # # # # # # # # einde database connectie # # # # # # # # # mysqli_close($dblink); } ?> In the html block: Code: [Select] <div id="container"> <form action="edit_repertoire.php" method="post" name="edit_repertoire" onsubmit = "return checkForm(this)"> <fieldset> <legend>Update repertoire in your list:</legend> <!-- # # # # # # Toevoegen van een hiddenfield om de id op te halen uit de URL # # # # # # --> <input type="hidden" name="id" value = "<?php echo $rep_id; ?>" > <p>ID= <?php echo $rep_id; ?></p> <p> Componist = <?php echo $componisten; ?></p> <!-- + + + + + + + FORMREGELComponist + + + + + + + --> <div class="formregel"> <div class="formkolomlinks">Composer name:</div> <div class="formkolomrechts"><input name="componist" id="componist" type="text" maxlength="128" value="<?php echo $componist; ?>" /> Name first, then the initials! </div> </div><!-- Einde formregel --> <!-- ++ + + + + + FORMREGEL Compositie en of rol + + + + + + + --> <div class="formregel"> <div class="formkolomlinks">Composition and or role</div> <div class="formkolomrechts"><input name="titel" id="titel" type="text" maxlength="128" value="<?php echo $titel; ?>" /></div> </div><!-- Einde formregel --> <!-- +++++++ FORMREGEL +++++++ --> <div class="formregel"> <div class="formkolomlinks"><input name="updateRepSubmit" type="submit" value="Update repertoire" /></div> </div><!-- Einde formregel --> </fieldset> </form> <div class="clear"></div> </div><!-- einde container --> </div><!-- einde tot_wrap --> edit: added [code][/code] blocks And we're back online... again! It may have taken 3-4 days, but we're back.
Hello everyone! I am a new user and I have a simple question. How to download the database and create a backup. I have the following code. Before back button was working. Now don't understand what happend but when I click Back button I receive "Webpage has expired" window in my browser. What may be the reason? Code: [Select] <html> <head> <title>Økern Frukt og Grønt</title> <link href="calendar/calendar.css" rel="stylesheet" type="text/css" /> <script language="javascript" src="calendar/calendar.js"></script> <style type="text/css"> textarea { resize: none; } </style> <meta http-equiv="Content-Type" content="text/html; charset=Windows-1252"/> </head> <?php if(!isset($_POST['userid'])) { echo "<script type='text/javascript'>"; echo "window.location = 'login.html'"; echo "</script>"; exit; } require_once ('functions.inc'); require_once('calendar/classes/tc_calendar.php'); global $default_dbname; $link_id = db_connect($default_dbname); mysql_select_db("okern", $link_id); $letters1 = array ("A1", "B1", "C", "D","E", "F", "G", "H","I", "J", "K", "L", "M", "N", "O", "P","Q", "R", "S", "T","U", "V", "W", "X", "Y", "Z", "&#198", "&#216", "&#197"); $letters = array_merge(range("A", "Z"), array("&#38;#198", "&#38;#216", "&#38;#197")); echo "<table border='0' align='center'> <tr> <td colspan=3><b><center>Du har valgt f&#248lgende produkter</center></b></td> </tr> <tr> <th align=left>Produkt</th> <th align=left>Antall</th> <th align=left>Enhet</th> </tr>"; echo "<form method='POST' action='order.php'>"; $userid = $_POST['userid']; echo "<INPUT TYPE='hidden' NAME='userid' VALUE='$userid'>"; foreach($letters as $letter) { if(isset($_POST[$letter])) { $selected = $letter . '1'; $antall = $letter . '2'; $enhet = $letter . '3'; echo "<tr>"; echo "<td>" . "<INPUT TYPE='hidden' NAME='$selected' VALUE='$_POST[$selected]'>" . "$_POST[$selected]" . "</td>"; echo "<td>" . "<INPUT TYPE='hidden' NAME='$antall' VALUE='$_POST[$antall]'>" . "$_POST[$antall]" . "</td>"; echo "<td>" . "<INPUT TYPE='hidden' NAME='$enhet' VALUE='$_POST[$enhet]'>" . "$_POST[$enhet]" . "</td>"; echo "</tr>"; } } for ($i = 1; $i < 400; $i++) { if (isset($_POST[$i])){ $selected = 'a' . $i; $antall = 'antall' . strval($i); $enhet = 'enhet' . strval($i); echo "<tr>"; echo "<td>" . "$_POST[$selected]" . "</td>"; echo "<td>" . "$_POST[$antall]" . "</td>"; echo "<td>" . "$_POST[$enhet]" . "</td>"; echo "</tr>"; } } echo "<tr height=10></tr> <tr><td colspan=2>Velg dato for bestillingen:</td> <td colspan=1>"; $myCalendar = new tc_calendar("date5", true, false); $myCalendar->setIcon("calendar/images/iconCalendar.gif"); $myCalendar->setDate(date('d'), date('m'), date('Y')); $myCalendar->setPath("calendar/"); $myCalendar->setYearInterval(2000, 2015); $myCalendar->dateAllow('2008-05-13', '2015-03-01'); $myCalendar->setDateFormat('j F Y'); $myCalendar->setAlignment('left', 'bottom'); $myCalendar->setSpecificDate(array("2011-04-01", "2011-04-04", "2011-12-25"), 0, 'year'); $myCalendar->writeScript(); echo "<INPUT TYPE='hidden' NAME='date' VALUE='this.form.date5.value'>"; echo "</td></tr>"; echo "<tr height=10></tr><tr> <td colspan=3>Skrive din melding nedenfor:</td> </tr>"; echo "<tr> <td colspan=3><textarea name='melding' cols='50' rows='5' resize=none></textarea></td> </tr>"; echo "<tr> [b]<td><center><input type='button' value='Tilbake' onClick='history.go(-1)'></center></td>[/b] <td colspan=2><center><input type='submit' value='Bestil'></center></td> </tr>"; echo "</form>"; echo "</table>"; ?> </html> Hey everyone. So lately I've been searching for someone to do this for me but I figure if I learned it myself it'd be much more helpful to me in the future. I run a gaming clan, and we have a roster. You can view it he http://www.zealotgam...s.php?pageid=15 Obviously, you can see a few things. The default page lists all our staff. That is very easy, and not really the part I need help with. The help begins with the games list you see at the side. When you click a game, it lists all users who have that Game listed as their Main Game in a profile field, and lists other info, such as their rank, In-Game contact (which is another profile field) and join date/last active. The games are also themselves divided into categories. Our code is relatively simple. We keep a manual array of info that keeps these together you can see below:
// Define Games and Lists //
$gameslist = array();
//SETUP $gamelist[] = array("Game Name","urlshortcode","Name of In-Game Name or Account", "field# for that profile field");
$gameslist[] = array("Battlefield 4 (PS4)", "bf4ps4", "PlayStation ID", "field7");
$gameslist[] = array("Counter Strike: Global Offensive (EU)", "csgoeu", "Steam ID", "field8");
$gameslist[] = array("Counter Strike: Global Offensive (NA)", "csgona", "Steam ID", "field8");
$gameslist[] = array("Elder Scrolls Online (NA)", "esona", "Main Character", "field45");
$gameslist[] = array("League of Legends (EUNE)", "loleune", "Summoner Name", "field12");
$gameslist[] = array("League of Legends (EUW)", "loleuw", "Summoner Name", "field31");
$gameslist[] = array("League of Legends (NA)", "lolna", "Summoner Name", "field32");
$gameslist[] = array("League of Legends (OCE)", "loloce", "Summoner Name", "field47");
$gameslist[] = array("Minecraft", "mc", "Username", "field14");
$gameslist[] = array("Smite (EU)", "smiteeu", "Smite Account", "field22");
$gameslist[] = array("Smite (NA)", "smitena", "Smite Account", "field22");
$gameslist[] = array("Titanfall", "tfall", "Origin ID", "field29");
$gameslist[] = array("WildStar (EU)", "wseu", "Main Character", "field48");
$gameslist[] = array("WildStar (NA)", "wsna", "Main Character", "field48");
$gameslist[] = array("World of Tanks (EU)", "woteu", "WarGaming.NET ID", "field46");
$gameslist[] = array("Other Game", "other", "", "");
// Game Type Categories
$gamecats = array();
// ADD the # of the game in the list above (starting from 0) to the appropriate category array number list.
$gamecats[] = array("Divisions",array(4,5,6));
$gamecats[] = array("Guilds",array());
$gamecats[] = array("Gaming Groups",array());
$gamecats[] = array("Divisions in Development",array(0,1,2,3,7,8,9,10,11,12,13,14));
$gamecats[] = array("Miscellaneous",array(15));
This gets tedious to keep track of manually, and my admins with no programming experience can barely understand what is happening. The listing of users is very easy, and I do not need any help with that. What I would like to add is a manager in the admin panel where you could save the information listed above to a table such as PREFIX.games. I imagine having several drop down boxes. A mockup is below: I'd then Like a list of games that includes these rows in the table with a [ ] Remove checkbox. I do not know how to add this to the admin panel and would love guidance on how to begin doing this. The sorting would go by Game Status (the second array in my php code) then Alphabetical. This would go a long way in helping my staff edit this list themselves. Any help would be appreciated. Skype: j.c.will my be better to work personally with me. I'm tired and want to sleep so my mistakes are getting lots now. Anybody awake that can explain my problem with the code below. <? function directoryToArray($directory, $recursive) { $array_items = array(); $i = "0"; if ($handle = opendir($directory)) { while (false !== ($file = readdir($handle)) && $i < "3") { if ($file != "." && $file != "..") { if (is_dir($directory. "/" . $file)) { if($recursive) { $array_items = array_merge($array_items, directoryToArray($directory. "/" . $file, $recursive)); } } else { $file = $directory . "/" . $file; $array_items[] = preg_replace("/\/\//si", "/", $file); $i++; } } } closedir($handle); } natsort($array_items); return array_reverse($array_items); } $data = directoryToArray('images/screenshot/', TRUE); print_r($data); ?> What I want is for the while loop to stop after 4 hits and exit and give me the return results. But now it continue until readdir end. Hi, Just received this email from a random person saying they were able to obtain the username and password for the site admin page from the MySql Database: [07:33:33] [INFO] testing if GET parameter 'id' is dynamic [07:33:34] [INFO] confirming that GET parameter 'id' is dynamic [07:33:35] [INFO] GET parameter 'id' is dynamic [07:33:35] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis [07:33:35] [INFO] testing unescaped numeric injection on GET parameter 'id' [07:33:37] [INFO] confirming unescaped numeric injection on GET parameter 'id' [07:33:37] [INFO] GET parameter 'id' is unescaped numeric injectable with 0 parenthesis [07:33:37] [INFO] testing for parenthesis on injectable parameter [07:33:40] [INFO] the injectable parameter requires 0 parenthesis [07:33:40] [INFO] testing MySQL [07:33:41] [INFO] confirming MySQL [07:33:41] [INFO] query: SELECT 0 FROM information_schema.TABLES LIMIT 0, 1 [07:33:41] [INFO] retrieved: 0 [07:33:51] [INFO] performed 13 queries in 9 seconds [07:33:51] [INFO] the back-end DBMS is MySQL web server operating system: Linux Red Hat web application technology: PHP 5.2.11, Apache 2.2.3 back-end DBMS: MySQL >= 5.0.0 +-------+------------------------ +----------- +---------- +---------------------------------- +--------+--------------- + | admin | email | firstname | lastname | password | userid | username | +-------+------------------------ +----------- +---------- +---------------------------------- +--------+--------------- + | 1 | blah | blah | blah | blah | 1 | blah | +-------+------------------------ +----------- +---------- +---------------------------------- +--------+--------------- + blah MD5 : blah -- I've changed all the details to 'blah' for the purpose of this post. Does anyone know how I can secure my PHP to stock this injection? Thanks, Jack hi i need some help . i see some person use bot traffic or proxey taffic software or script like jiggling and hitleap . they give a url of any sites then this software proxey view this websites.. i want asked can it possible stop these bot traffic its any procedure in php or javascript to stop this traffic..
|
|||||||