PHP - How-to Block These Characters?
Similar TutorialsI have been reading most spambots use UTC-12 timezone and PHbb has a hack to block UTC-12, but I dont have the file I am looking to get the UTC ( or GMT ) time from the referring page any ideas? I draw contents from a database. Some of the texts contain a footnote, which is formatted using a div class. Following the HTML of this:
<div class=""footnotes""> <br> <hr align=""left"" noshade=""noshade"" size=""1"" width=""150"" /> <blockquote> <a href=""#f1"" name=""fn1""> <span class=""superscript""> * </span> </a>Some footnotetext</blockquote></div>Since my bibliography uses data from the database as well, the footnote now appears before the references, but I would like it at the very bottom of the page. I was thinking of using preg_replace in order to separate the textfield into two variables, one for the text itself, the other one for the footnote (it is always just one) and integrate after the bibliography is compiled. Unfortunately, it seems that the preg_replace does not work. It always displays the whole content of the textfield. Here's the PHP: $text = preg_replace('/(.*)(\div class=\"footnotes\"\>.*?\<\/div\>)/s', '$1', $result['text']);$footnote = preg_replace('/(.*)(\div class=\"footnotes\"\>.+?\<\/div\>)/s', '$2', $result['text']); echo '<div align="justify"><span style="font-family:Georgia;font-size:16px;">' . $text; ***BIBLIOGRAPHY*** ... echo $footnote;Maybe someone has an idea how to deal with that. I tried it on phpliveregex. There search string works fine. Many thanks for any help. How is it that a site can forward to my site without a trace? www.2mysite.com is forwarding traffic to www.mysite.com but $page_name = $_SERVER['HTTP_REFERER']; echo $page_name; does not show www.2mysite.com as the referring site...how does one hide this? Help? It's one of those days after a long weekend and a rainy morning. Simply trying to get the correct message depending on the variable's value if($a = 'one'){ echo "POOR";} if($a = 'two'){ echo "GOOD";} if($a = 'three'){ echo "VERY GOOD";} if($a = 'four'){ echo "EXCELLENT";} Not sure if I need to use ==, extra quotes, or ELSEIF for the best result.
how to block someone from visiting my page using ip adress ? this is the case if someone come to my site then we record the ip address and put it into database. when the visitor come again with the same IP they cannot see my page (block them) and redirect it to somewhere page. Hello, I'm currently using this to block certain emails: $blacklisted = Array("email@email.com", "email2@email.com", "email3@email.com"); in with: if( !in_array( strtolower($email), $blacklisted ) ) { Ok, What I want to do, is be able to specify a domain extension such as '*@email.com' So anything with 'something'@email.com is blocked. I still wish to keep manual email address's in place aswell. Many thanks James Hello, Basically, What I'm looking for would be for a method of blocking certain email addresses from being submitted in a form, I need it to block certain emails that are on the list. I think the best way to describe it would be a form submission blacklist that is checked before it gets submitted. Many thanks Can this be done easily enough with php? I've attached my current code below, but don't see how i could add this in. Code: [Select] $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; $size = $_FILES['file']['size']; $random = md5(uniqid(rand(), true)); $random = substr($random, 0, 20); if (!$name || !$temp || !$size) { echo "Go back and select a file."; exit(); } foreach ($_FILES as $file) { if ($file['tmp_name'] != null) { $thisext1=explode(".", strtolower($file['name'])); $thisext=$thisext1[count($thisext1)-1]; if (!in_array($thisext, $extensions)) { echo "That file type is not allowed."; exit(); } } } Hey Guys, Hope you are all having a great day I was hoping somebody could help me with preventing my blog from being attacked by SQL Injection. I made a simple blog in using PHP and MySQL but I keep getting spam comments (even though I use re-captcha) and some files were overwritten on my web server. For all my input I use mysql_real_escape_string but I still get the problem. I found a video on youtube that showed how to enter stuff on the address bar like "order by 2--" and "union all select...." after passing a variable etc, and all of the things in the video could be replicated on my site I am guessing that is my problem, but the video did not tell me how to resolve the issue and I am sick of having to delete hundreds of spam comments per day and check my web server for uploaded files. How can I stop people adding these commands to the address bar and getting data from my database? I really need your help Thanx, Jen So I'm debating whats the best method. I'm aware that catch/blocks should be used in exceptional cases but what if it saves me from having 4 nested if/else conditions? The following is code for an xbox registration site Code: [Select] try { // check code is valid $c1 = $this->input->post('code1',true); $c2 = $this->input->post('code2',true); $c3 = $this->input->post('code3',true); $gt = $this->input->post('gamertag',true); $pass = $this->input->post('password',true); if( $c1 == '' || $c2 == '' || $c3 == '') { throw new FormError("Authorization code invalid."); } // check db for code validation $q = $this->db->query("select * from `codes` where `activated` = 0 and `code` = ".$c1.$c2.$c3." limit 0,1"); if($q->num_rows() != 1) { throw new FormError("Authorization code invalid."); } $r = $q->row_array(); $email = $r["recipient_email"]; $codeGt = $r["gamertag"]; // check valid gamertag $q = $this->db->query("select * from `users` where `gamertag` = '".$gt."'"); if($q->num_rows() > 0) { throw new FormError("Gamertag already exists."); } // validate gamertag /w inputted gamertag if(strtolower($codeGt) != strtolower($gt)) { throw new FormError("Gamertag Invalid"); } $this->_createAccount($email,$pass,$gt); // show register-thanks screen $this->load->view("register-thanks",$data); $success = true; } catch (Exception $e) { $data['error'] = $e->getMessage(); } In PHP? Let's say I'm going off of: width x height So this is 2x1 2x1 2 blocks across, 1 block height. How do I check this against other blocks in php to see if the 2x1 will overlap another set of dimensions dynamically? Am I over thinking this? Edited by Monkuar, 24 January 2015 - 12:08 PM. Hey
Need help i am having a mental block
when I fill in the form and click send it sends the form but looks like this
Name: , Email: , Subject: , Message:the form data is <?php $name = $_POST['name']; $email = $_POST['email']; $subject = $_POST['subject']; $message = $_POST['message']; $formContent = "From: $name, \n Email: $email, \n Subject: $subject, \n Message: $message"; $recipient = "email@email.com"; $subject = "Website Request"; $mailheader = "Website \r\n"; mail($recipient, $subject, $formContent, $mailheader); echo "Your message was sent" . " - " . "<a href='index.html' style='text-decoration: none; color: #d03837;'>Return Home</a>"; ?>Anyone with any ideas Say I have a server written in PHP (don't ask ). Let's say I have 10 users connected to my script and one of those users, for the sake of the example, needs 10MB of data sent to them. If I send that data via socket_write(), does my program execution stop (therefor locking up every other user) until the data has gone through, or is the actual task of sending data over the tubes passed on to some lower level OS function so my program can get on with its flow? Hi, I want that user can only read my article but can't download it. neither with save page as or with view source, even not with selecting text. and copy and paste. is there any solution in php to do that. Please help Thanks I have the code below working perfectly, but I was wondering if there is a more eloquent way to write this, specifically handling the exceptions... This creates an object of a Router Class that parses my clean URLs into a Controller name, method name and the rest are arguments. So for example: www.domain.com/users/view/profile/bobsmith would route to the Users Controller, and find the viewUsers method and pass the arguments "profile" and "bobsmith" to it, and the method would take it from there... works great. That explains what this code does. My only question is if there is a cleaner way to handle the exceptions, so I don't have "throw new exception" written four times. Thoughts? Or is it good to go? $rawURL = getPageURL(); $router = new Router($rawURL,$rootDIR); $controller = $router->getController(); $method = $router->getMethod(); $arguments = $router->getArguments(); try { // check controller exists and set controller path // if ((isset($controller) && ($controller != ''))) { $controllerPath = APPLICATION_PATH . "controllers/" . $controller . ".class.php"; // check controller path exists // if (file_exists($controllerPath)) { // set method name and check method exists // if ((isset($method) && ($method != ''))) { $methodName = $method . ucfirst($controller); if (method_exists($controller, $methodName)) { // test it out // $test = new $controller(); $response = $test->$methodName($arguments[0]); echo $response; } else { // method_exists failed // throw new Exception("That method does not exist foo!"); } } else { // method was not found in URL // throw new Exception("No method name was given foo!"); } } else { // file_exists failed // throw new Exception("That controller does not exist foo!"); } } else { // controller was not found in URL // throw new Exception("No controller name was given foo!"); } } catch (Exception $e) { // spit it out foo // echo $e->getMessage(); } I'm trying to clean up some past coding for a project of mine and this block keeps standing out like a sore thumb, but it works and i can understand it. What it's doing is comparing each of the users submitted data to the admin-set data and then flagging if there any errors or not. Any suggestions on a different approach? Code: [Select] foreach ($_SESSION['usersData'] as $k => $v) { foreach ($this->info as $m => $n) { if ($m == $k) { if ( ($n['required'] && ( empty($v) || !isset($v) ) ) ) { $_SESSION['errors'][$k] = TRUE; } elseif ( (!$this->escape_data($v,$n['type'])) && ($n['required']) ){ $_SESSION['errors'][$k] = true; } elseif ($n['required'] && ($v == $n['default'])) { if ($n['readonly'] != true) $_SESSION['errors'][$k] = true; } elseif ($n['required'] && $n['readonly'] && ($v != $n['default']) ) { # Box is required, set to readonly and has a default value, if this triggers then the user has tampered with our form. $_SESSION['usersData'][$k] = $n['default']; } elseif (isset($_SESSION['errors'][$k])) { unset($_SESSION['errors'][$k]);# = false; } } elseif ( isset($this->info['file']) ) { if ($this->info['file']['required'] && $_FILES['file']['size'] == 0) { $_SESSION['errors']['file'] = TRUE; } else { unset($_SESSION['errors']['file']); } } } } When I play a video (that is blocked from being downloaded as a file from a php web script player that I'm using) I can see the url address of the file from my PC in dev tools > networking > media, Is there a way to block or scramble the video's url from being available to be copied? If not, is there a way to have that url be available only if the potential viewer is 'logged-in' to the web site? Or some type of authentication based on checking for a user's PHP temp session file before allowing access from the video's url? I had a website running a XML script which worked perfectly but I have updated it by using XMLReader and PHP 5. However, there is a security update on PHP 5 which prevents me from accessing files on my server. Someone has suggested I add a php.ini file with the following: allow_url_fopen = on allow_url_include = on However I have also read that the whole purpose of the security update is to prevent this. Can someone advise me how I can get around this issue so that my server can read files and still operate by the PHP5 security update. Any help would be greatly appreciated. Guys/Gals; This below block outputs a very simple progress bar, i'm curious if anyone would see a solution to perform a task when this bar reaches the end as you can see it's set to countinue until width<400 when that 400 is true I and in essence the process is done (even though nothing in reality) i want to display countinue but only when it's done echo "<table width='100%' border='1' cellpadding='1' cellspacing='1' bgcolor='#666666'><tr><td width='506' height='52' valign='top'><script type='text/javascript'>function progress(){if(document.images['bar'].width<400){document.images['bar'].width+=5;document.images['bar'].height=5; }else{clearInterval(ID);}}var ID;window.onload=function(){ID=setInterval('progress();',$cpuspeed);}</script><img src='images/white.gif' name='bar'/><br /><font color='#ffffff'>Cracking....</font></td></tr></table>"; any dideas |