PHP - Urgent I'm Under Attack

Hello All,

I am in desperate help here since my site was DDoS attacked by some one in turkey (Ips originate mostly from turkey, Germany, and some other Europe countries). I have installed the ddos deflation and most of the IPs are now blocked.


I have a php file in my server that I use to input data into my database and my streaming servers. This file is called connect.php and the hacker is basically created an automated script that repeatedly call the connect.php file from a botnet resulting in both apache and mysql dead. I use connect.php in the following way

http.open('get', "ajax/createchannel_1.php?channel=" + channelname + "&sitename=" + sitename + "&privateurl=" + privateurl + "&privateurlcheck=" + privateurlcheck);

How can i change the connect.php so that it only accept execution from my server/
Please your help is greatly appreciated.

hI for all
Am developping a script that allow to each user (seperatly ) upload or download his files and list all files in categories (such music or photos...) but i can 't achieve that the main problem is to upload files to server and store them in data base also i have to list for each user his files seperatly when he log in
any idea please
 

I am creating a member site and I need help with coding the database. Here go the code

Code: [Select]
<?php
function connect(){
$DB_USER =  "root";
$DB_PASSWORD = "";
$DB_HOST = "localhost";
$dbc = mysql_connect ($DB_HOST, $DB_USER, $DB_PASSWORD) or $error = mysql_error();
mysql_select_db("membership") or $error = mysql_error();
mysql_query("SET NAMES `utf8`") or $error = mysql_error();

if($error){echo "<!-- $error -->";}}

function disconnect_data(){
@mysql_close($dbc);
@mysql_close();
}
?>I am suppose to fill it in with my database info but idk what to fill in! help me please! where do i enter the info!

Please help me with this:
with this code i have only fetched out the subjects and i need to fetch out value for the following too from the database
1. GRADE
2. Contious Assessment:
3. Exam Scores:
4. Exam Scores
5. Weighted Average:
6. Last Term Cummulative:
7. Cumulative  (c+d)/2:
8. Comment:
but now i can only get the foreach work for subject alone..


$l=mysql_query("SELECT * FROM result WHERE school_id='$id' AND student_reg_id='$st'") or die (mysql_error());

if (mysql_num_rows($l) > 0)
         {
         while ($row = mysql_fetch_array($l))
               {//
               $pwrlist[$row['ajax_result_id']]=$row['subject'];
               //$
               }
         $numpwr = count($pwrlist);
         $thresh = 3;
         $maxcols = 18;
         $cols = min($maxcols, (ceil(count($pwrlist)/$thresh)));
         $percol = ceil(count($pwrlist)/$cols);
         $powerchk = '';
         $i = 0;
         foreach ($pwrlist as $id => $pwr)
                  {
                  if (($i>0) && ($i%$percol == 0))
                        {
                $powerchk .= "</td>\n<td valign='top'>";//echo "<br>";
                        }
                        
                        
                  $powerchk .= " <table width='280px' class='hovertable'>
                  
                <tr>
                  <td width='251px' height='34' align='left' valign='middle' bgcolor='#D6DFEB'><span class='style19'><font size=2px>$pwr</font></span></td>
                  <td width='19px' align='left' valign='middle' bgcolor='#D6DFEB'><span class='style1'>GRADE:</span></td>
                  <td width='20px' align='left' valign='middle' bgcolor='#FFFFFF'><span class='style13'>B3</span></td>
                </tr>
                <tr>
                  <td height='34' colspan='3' align='left' valign='top' bgcolor='#FFFFFF'><span class='style20'>&raquo; (a) Contious Assessment: 80<br />
                    &raquo; (b) Exam Scores: 90<br />
                    &raquo; (c) Weighted Average: 168<br />
                    &raquo; (d) Last Term Cummulative: 78<br />
                    &raquo; (e) Cumulative  (c+d)/2: 123 </span></td>
                </tr>
                <tr>
                  <td height='20' colspan='3' align='left' valign='top' bgcolor='#FFFFFF'><span class='style17'>Comment: His is a responsible boy</span></td>
                </tr>
            </table><br>\n";
                  $i++;
                  }
      
         }

<?php

$possibles[];
$alreadychosen[];
 
for ($i = 0; $i<20;$i++) $possibles =i+1;

for (int $i = 0; $i<8; $i++)
{
   $boolean= false;
   $randIndex=0;
   
   do
   {
      $randIndex = rand(1,20);
      for ($j = 0; $j< $i && !$hasInt; $j++)
      {
         if ($possibles[$randIndex] == $alreadyChosen[$j])
         {
            $hasInt = true;
         }
      }
   } while ($hasInt);
   {
   $alreadyChosen = $possibles[randIndex];
   echo($alreadyChosen);
    }
   
for ($i = 0; $i<8;$i++)
{
if($alreadyChosen<10)
{
echo ('<a href="/mp/info130'+$i+'.htm"><img src="/mp/p130'+$i+'-1.jpg"  height=180 width=120 align=left hspace=0 vspace=2 border=0 class=TopImages></a>');
}
else if($alreadyChosen>10)
{
echo ('<a href="/mp/info13'+$i+'.htm"><img src="/mp/p13'+$i+'-1.jpg"  height=180 width=120 align=left hspace=0 vspace=2 border=0 class=TopImages></a>');











it should select 8 images out of 20 but don't repeat please

(I am not an expert or even a begineer at PHP, so sorry if none of this makes sense)

Right ok,

I have an invitation form built and tested working correctly between a php page and a mysql database and got the mail function to work but now the mail function is throwing all emails into the junk mail folder of outlook.

The user of the invitation form has to enter a valid email address (the form has its own validation for each textbox and email has been set to required email address).

So I have been asked to set up a mailto instead of using the mail function (dont ask me why...) And I cant, for the life of me, figure out how to get this to work.

What I have thought of so far is:

Index.html (Invitation page)

V

sendinvitation.php (previously the page with the mail function) now includes a confirmation of the data being sent to the database and a button to go to the next php

V

sendmail.php (I want this to be able to get the data from the database and then open up the users email client and pre populate the email with the body text)

Is this even possible? If not, is there a reason why the email keeps getting thrown into the junk mail.

Please, any help would be most appreciated!

EDIT:

Let me explain a bit more, just re-read over and its very brief (this probably will be too)

I want to invitation form to submit the users data to my database in mysql, then when the form as been submitted, to be able to then grab the data and pre populate an email using variables that are in the php linked to the database (Im guess the php would go from POST to GET?)

hi for all
am installing php security user mangement but i got some errors during install am using xampp 1.7.7 for windows but when i runed the script for the first time i got this message
Warning: require_once(C:/xampp/htdocs/xampp/psumthemes/shared.js.php) [function.require-once]: failed to open stream: No such file or directory in C:\xampp\htdocs\xampp\psum\index.php on line 20Fatal error: require_once() [function.require]: Failed opening required 'C:/xampp/htdocs/xampp/psumthemes/shared.js.php' (include_path='.;C:\xampp\php\PEAR') in C:\xampp\htdocs\xampp\psum\index.php on line 20()

any ideas please my document root is C:/xampp/htdocs

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=321874.0

I am building a simple search engine script for my website which allows users to search for electronic devices that we have in our database.

Here is the HTML code.
Code: [Select]
<form name="search" action="search.php" method="get">
<input type="text" name="query" size="50" />
<input type="submit" name="submit" value="Search" />
</form>

Here is the PHP code.

<?php

error_reporting(0);

include 'config.php';

mysql_connect("localhost", "root", "password") or die(mysql_error());
mysql_select_db("maindatabase") or die(mysql_error());

// get the data from the form
$search_query = $_GET['query'];

// mysql query
$query = mysql_query("SELECT * FROM `products` WHERE productName LIKE '%$search_query%'");
$count_rows = mysql_num_rows($query);

echo "Results found: " . $count_rows;

?>


Here is the problem:

Whenever I enter  a single keyword in the search, the search brings some results. BUT, whenever I enter multiple keywords, the search brings 0 rows. For example:

I have a product called Sony Bravia Television 42 inches - 1080p HD in my database. When type "sony" in the search and press the search button, I only get 1 row as the result. But when I enter "sony television" in the seach, I get 0 row results. Why is that? What can I do to fix this problem? I want to return results that contain all the keywords that the search query had. Just like any search engine: Google, Yahoo, etc.

I have a shopping cart on my website with some minor errors. When you refresh the page it adds an extra quantity to the item when it shouldn't.

Any help the code is below.

$cart = $_SESSION['cart'];
$action = $_GET['action'];
switch ($action) {
case 'add':
if ($cart) {
$cart .= ','.$_GET['id'];
} else {
$cart = $_GET['id'];
}
break;
case 'delete':
if ($cart) {
$items = explode(',',$cart);
$newcart = '';
foreach ($items as $item) {
if ($_GET['id'] != $item) {
if ($newcart != '') {
$newcart .= ','.$item;
} else {
$newcart = $item;
}
}
}
$cart = $newcart;
}
break;
case 'update':
if ($cart) {
$newcart = '';
foreach ($_POST as $key=>$value) {
if (stristr($key,'qty')) {
$id = str_replace('qty','',$key);
$items = ($newcart != '') ? explode(',',$newcart) : explode(',',$cart);
$newcart = '';
foreach ($items as $item) {
if ($id != $item) {
if ($newcart != '') {
$newcart .= ','.$item;
} else {
$newcart = $item;
}
}
}
for ($i=1;$i<=$value;$i++) {
if ($newcart != '') {
$newcart .= ','.$id;
} else {
$newcart = $id;
}
}
}
}
}
$cart = $newcart;
break;
}
$_SESSION['cart'] = $cart;

hello guys
I need little help bro,
I want to make application in which i want this
look,
I am from a company where we have over 12 companies license and all are those is renew after every year.
so i want to make a application which will inform us 1 month before expireing their license.
Mean if any company license is expire on 12 June, our application give us notification on 12 May.
Could you please help me how can I do this?
Thanks and regards

This website has been great so far. Whenever I post a question, I get answer within few minutes. I have another question today related to PHP pagination.

My search page basically allows users to view users others users in a specific country. Basically, there is are two html drop downs on the search page. First one allows you to select gender (male or female) and other one allows you to select country. After the search button is pressed, it displays all the usernames of males in that country.

my search page's url looks something like: Code: [Select]
http://localhost/search.php?gender=Male&country=Canada&searchbutton=Search[/b]

I want to add pagination to this script. the search form has method=GET and 3 input options. one is gender and the other one is country and the last one is pageNum which is hidden. how can i add pagination to this???

Hey, I need a bit of help replacing some variables in a string. I know its done with preg_replace.

Here is the string:

Code: [Select]
Header 1 <|header 2|> header 3 <b>header 4</b>
I would like to get ONLY <|header 2|> from the above string. But "header 2" is variable so please its useless if the preg_replace isn't flexible to find whatever word is in there regardless.

Thanks you.