|
PHP - Antimalware Filter Blocks Pages That Contain Malware.
I faced some problem or a message that out when i working on my admin/index.php file that i do it from dreamweaver and display it at firefox but that result showing me Antiphishing Filter and Antimalware Filter things at my admin/index.php page.. Here the screenshot of it.. it only appear at the admin/index.php.. and it didnt appear at the index.php since i have 2 users type that are student and the admin/index.php is for admin access..
Similar TutorialsHi,
I`m currently generating spam via my own mailserver, its not much, but some of my clients receive messages that the messages they send could not be delivered. ( They are probably not snding them, but some script on one of the many websites is).
Problem is that i`m currently unable to figure out which one of the websites is generating this spam. There are about 150 websites on this server.
Some have old wordpress versions on them because the clients don`t ever update them.
I`ve looked into adding a line in php.ini which should log all mails.
mail.add_x_header = On mail.log="E:\logs\phpmail\php-mail-errors.log" However this file keeps on being 0 bytes . Also if i generate a mail via a contact form which i made but the log is not showing it. The mail gets picked up by the mail servers, so the script does work. I`ve also checked that the php version is 5.0 or higher because otherwise the lines i added to the php.in would not be accepted by a earlier version then 5.0. The last I`ve done is changed the rights to the log file to writetable for the iis user, perhaps thats whats needed for the lines inh php to work. Has anyone any experiende with this issue ? Guys,
I'need help.
How can I get data records from DB in blocks (of about 100 pcs at one block). I have large table with 100.000+ rows in Db, but it's taking a lot of time to get that data.
My idea is to get 100 rows and than click on a button and than get another 100 rows.
I have implemented paging but it's still to slow.
Any ideas?
Thanks
Hi, I have a new website I have been working on for the past 6 months supposed to be going live on Jan 1st. It is my first attemp at a home made CMS and I am now in BETA stages, my testers have mentioned that my image upload script is not perfect. At the moment my images simply upload with no alterations. What they have suggested and I agree is that the images should be resized on upload and have unique names. I have tried to do both but failed. I have managed to change the name of the image that is being uploaded by putting random numbers on the end but the name that is stored in the table is the original name and I can't get it to add the random numbers on the end. The other task I totally failed at and have been working on all week and broke my code so bad I have now reverted back to square one. Could someone please help me to add image resize on upload and to put the new image name into my table, I wld be most greatful. Thanks in advance for your time. Code: [Select] <?php $idir = "../fleet/"; // Path To Images Directory if (isset ($_FILES['fupload'])){ //upload the image to tmp directory $url = $_FILES['fupload']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload']['type'] == "image/jpg" || $_FILES['fupload']['type'] == "image/jpeg" || $_FILES['fupload']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload']['tmp_name'], "$idir" . $_FILES['fupload']['name'], $file_ext).rand(10000 , 99999).$file_ext); // Move Image From Temporary Location To Perm } } if (isset ($_FILES['fupload2'])){ //upload the image to tmp directory $url = $_FILES['fupload2']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload2']['type'] == "image/jpg" || $_FILES['fupload2']['type'] == "image/jpeg" || $_FILES['fupload2']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload2']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload2']['tmp_name'], "$idir" . $_FILES['fupload2']['name'], $file_ext).rand(10000 , 99999).$file_ext); // Move Image From Temporary Location To Perm } } if (isset ($_FILES['fupload3'])){ //upload the image to tmp directory $url = $_FILES['fupload3']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload3']['type'] == "image/jpg" || $_FILES['fupload3']['type'] == "image/jpeg" || $_FILES['fupload3']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload3']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload3']['tmp_name'], "$idir" . $_FILES['fupload3']['name'], $file_ext).rand(10000 , 99999).$file_ext); // Move Image From Temporary Location To Perm } } if (isset ($_FILES['fupload4'])){ //upload the image to tmp directory $url = $_FILES['fupload4']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload4']['type'] == "image/jpg" || $_FILES['fupload4']['type'] == "image/jpeg" || $_FILES['fupload4']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload4']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload4']['tmp_name'], "$idir" . $_FILES['fupload4']['name'], $file_ext).rand(10000 , 99999).$file_ext); // Move Image From Temporary Location To Perm } } error_reporting (E_ALL ^ E_NOTICE); $usr = "user"; $pwd = "pass"; $db = "db"; $host = "host"; # connect to database $cid = mysql_connect($host,$usr,$pwd); if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); } if ($_POST['submit']) { $fleetmake = mysql_real_escape_string($_POST['fleetmake']); $fleetmodel = mysql_real_escape_string($_POST['fleetmodel']); $fleetyear = mysql_real_escape_string($_POST['fleetyear']); $fleetberth = mysql_real_escape_string($_POST['fleetberth']); $fleetlength = mysql_real_escape_string($_POST['fleetlength']); $fleetchassis = mysql_real_escape_string($_POST['fleetchassis']); $fleetengine = mysql_real_escape_string($_POST['fleetengine']); $fleetlayout = mysql_real_escape_string($_POST['fleetlayout']); $fleettype = mysql_real_escape_string($_POST['fleettype']); $fleetcomments = mysql_real_escape_string($_POST['fleetcomments']); $pricelow = mysql_real_escape_string($_POST['pricelow']); $pricemid = mysql_real_escape_string($_POST['pricemid']); $pricehigh = mysql_real_escape_string($_POST['pricehigh']); $fleetlocation = mysql_real_escape_string($_POST['fleetlocation']); $fleetimage1 = mysql_real_escape_string("$idir" . $_FILES['fupload']['name']); $fleetimage2 = mysql_real_escape_string("$idir" . $_FILES['fupload2']['name']); $fleetimage3 = mysql_real_escape_string("$idir" . $_FILES['fupload3']['name']); $fleetimage4 = mysql_real_escape_string("$idir" . $_FILES['fupload4']['name']); $fleetadded = date("F j, Y, g:i a"); $fleetof = $account; $searchtags = "$fleetmake $fleetmodel $fleetberth berth motorhome for hire year $fleetyear $fleetmodel $fleetmake $fleetchassis motorhome $fleetmake $fleetmodel $fleetchassis $fleetmake $fleetchassis $fleettype $fleetlayout $fleetmake motorhome $fleetmodel motorhome $fleetberth berth motorhome $fleetmake $fleetberth berth motorhome $fleetmake motorhomes $fleetmake motor home $fleetmake motor homes $fleetmodel motorhomes $fleetlocation motorhome hire motorhome hire in $fleetlocaiton $fleetmake $fleetlocation $fleetmake $fleetmodel $fleetlocation"; $SQL = " INSERT INTO fleet "; $SQL .= " (fleetmake, fleetmodel, fleetyear, fleetberth, fleetlength, fleetchassis, fleetengine, fleetlayout, fleettype, fleetcomments, pricelow, pricemid, pricehigh, fleetlocation, fleetimage1, fleetimage2, fleetimage3, fleetimage4, fleetadded, fleetof, searchtags) VALUES "; $SQL .= " ('$fleetmake', '$fleetmodel', '$fleetyear', '$fleetberth', '$fleetlength', '$fleetchassis', '$fleetengine', '$fleetlayout', '$fleettype', '$fleetcomments', '$pricelow', '$pricemid', '$pricehigh', '$fleetlocation', '$fleetimage1', '$fleetimage2', '$fleetimage3', '$fleetimage4', '$fleetadded', '$fleetof', '$searchtags') "; $result = mysql_db_query($db,$SQL,$cid); $last=mysql_insert_id(); if (!$result) { echo("ERROR: " . mysql_error() . "\n$SQL\n"); } header("location:fleet_add_confirm.php?last=$last"); exit(); } ?> i am building a reservation system i have special date blocks which have different price tags for example reservation for 01/12/2011-07/12/2011 where 03/12/2011-06/12/2011 prices +15% how would i define the range for special dates? I am trying to create a script that will show a block of images for every nine items in an array. So it doesn't need to show the block of images for every 9 items, but every time the counter hits 9 show a block of images. Make sense? I am stumped as all get out. Thanks for all the help in advance! how would i setup special date blocks in date search? for example easter this year is 17-04-2011 to 25-04-2011 for these dates each night will have an extra charge for it now if a user checks 13-04-2011 to 18-04-2011 he will have 4 days of special charge how do i setup this range? Hi all, I'm trying to set up a situation where a function loops through a multidimensional array and echos an html block for each item in the $skus['skunum'] array and also increments $i each time . ( Each is a product on the site) The catch is that I'm trying to have a function within that one that goes through the $skus['sizes'] and echoes an option if the substring (shirt size) exists. The idea being that I can manage products by adding 4 elements, Skunum, name, price and size. And well, I'm failing miserably. At this point it won't even work because of the variable scope, I'm getting Notice: Undefined variable: skus from the functions, but am not sure of the right way to get that information. Am I going about doing this entirely wrong or am I on the right track? Code: [Select] <?php $BANDNAME="Apocalypse"; $BANDCAPS="APOCALYPSE"; $BANDLOWER="apocalypse"; $SKUCAPS="FGD"; $skus = array ( "skunum"=>array ( "101", "102", "103", "104", "105", "106", "107", "108", "109", "110", "111", "112" ), "name"=>array ( "RIDDICK /TSHIRT", "MAFIA / TSHIRT", "ORACLES / TSHIRT", "AGONY / TSHIRT", "BLOODY VIOLINIST / TSHIRT", "THE VIOLATION / TSHIRT", "AGONY-TOUR DATES / TSHIRT", "BAND PHOTO / TSHIRT", "SILVER AGONY LOGO / TSHIRT", "PHOENIX-TOUR DATES / TSHIRT", "PHOENIX / TSHIRT", "BLOODY VIOLINIST / ZIP HOOD" ), "price"=>array ( "15.95", "15.95", "15.95", "15.95", "15.95", "15.95", "15.95", "15.95", "15.95", "15.95", "15.95", "42.95" ), "sizes"=>array ( "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X", "S, M, L, 1X, 2X, 3X, 4X" ) ); function makeProducts() { //Products Sizes $sizes = $skus['sizes'][$i]; $S="S";$M="M";$L="L";$XL="1";$XXL="2";$XXXL="3";$XXXXL="4"; $small = strpos($sizes,$S); $medium = strpos($sizes,$M); $large = strpos($sizes,$L); $xlarge = strpos($sizes,$XL); $xxlarge = strpos($sizes,$XXL); $xxxlarge = strpos($sizes,$XXXL); $xxxxlarge = strpos($sizes,$XXXXL); function sizeOptions () { if($small === true) { echo '<OPTION value="'.$SKUCAPS.$skus['skunum'][$i].'S">S</OPTION>'; } if($medium === true) { echo '<OPTION value="'.$SKUCAPS.$skus['skunum'][$i].'M">M</OPTION>'; } if($large === true) { echo '<OPTION value="'.$SKUCAPS.$skus['skunum'][$i].'L">L</OPTION>'; } if($xlarge === true) { echo '<OPTION value="'.$SKUCAPS.$skus['skunum'][$i].'X">XL</OPTION>'; } if($xxlarge === true) { echo '<OPTION value="'.$SKUCAPS.$skus['skunum'][$i].'XX">XXL</OPTION>'; } if($xxxlarge === true) { echo '<OPTION value="'.$SKUCAPS.$skus['skunum'][$i].'XXX">XXXL</OPTION>'; } if($xxxxxlarge === true) { echo '<OPTION value="'.$SKUCAPS.$skus['skunum'][$i].'XXXX">XXXXL</OPTION>'; } } foreach ( $skus['skunum'] as $value){ echo '<!-- PRODUCT BEGIN --> <li class="product" > <a href="product_files/large/'.$SKUCAPS.$skus['skunum'][$i].'jpg" rel="lightbox"><img src="product_files/'.$SKUCAPS.$skus['skunum'][$i].'.png"></a><br> <strong>'.$skus['name'][$i].'</strong><br>('.$SKUCAPS.$skus['skunum'][$i].')<br>$'.$skus['price'][$i].'<br> <form name="'.$SKUCAPS.$skus['skunum'][$i].'" method="GET" target="_blank" action="http://www.jsrdirect.com/cgi-bin/Make-a-Store.cgi"> <input type="hidden" name="band" value="'.$BANDCAPS.'"> <input type="hidden" name="back" value="http://www.jsrdirect.com/bands/'.$BANDLOWER.'/index.html"> <strong>Qty:</strong> <input type="text" name="quantity" size="1" value="1" > <strong>Size:</strong> <SELECT name="item">' .sizeOptions(); '</SELECT> <br><br> <input type="image" src="images/addtocart.png" value="Add To Cart"> </form> </li> <!-- Product End -->'; } } // End Function ?> Hi all, I'm trying to get a search box and a checkbox to both work at the same time. I have two versions of this code, when I use the first one my checkbox works like it should, filtering out all records with product_type = 3, but the search bar no longer works as it should, filtering things out of three fields defined elsewhere. The bottom code has the search bar working but doesnt incorporate the checkbox as a filter. Thanks for any help! Checkbox works: Code: [Select] $where_filter = ""; if($where != "*"){ foreach($search_map as $search_name){ $where_filter .=" $op $search_name $not REGEXP '$where'"; } $where_filter = substr($where_filter, 5)." AND "; } if ($exclude == "exclude"){ $where_filter .= "product_type!='3'"; $q->addWhere("($where_filter)"); $q->addOrder('product_id'); } Search works: Code: [Select] $where_filter = " "; foreach($search_map as $search_name) $where_filter .=" $op $search_name $not REGEXP '$where'"; $where_filter = substr($where_filter, 5); if($where != "*") $q->addWhere("($where_filter)"); $q->addOrder('product_id'); I am trying to wrap my head around the best approach to accomplish this.
I am trying to come up with a random schedule for a full 24 hour day with random time periods ranges including breaks.
The only constants will be the minimum time and maximum time of the events and the minimum and maximum time of the breaks between each event.
for example
There are three teams
Team A
Team B
Team C
Each event will last either a minimum of 7 minutes to a maximum of 38 minutes
The breaks will last a minimum of 30 seconds to a maximum of 5 minutes.
so the events need to be generated randomly with a break period following each event and the timelines are different for each team
with the current event time left going to a timer on the page
I think I have the part to generate the random blocks figured out by using
<!DOCTYPE html>
<html>
<body>
<?php
function eventRange($min, $max, $blocks) {
$events = range($min, $max);
shuffle($events);
return array_slice($events, 0, $blocks);
}
function breakRange($min, $max, $blocks) {
$breaks = range($min, $max, 0.1);
shuffle($breaks);
return array_slice($breaks, 0, $blocks);
}
echo"<pre>";
print_r( eventRange(7,38,32) );
echo"</pre>";
echo"<pre>";
print_r( breakRange(.5,5,32) );
echo"</pre>";
?>
</body>
</html>
bur is there a way to make it fill a full 24 hour period and then a way to determine which block to display based on the current time when either team is viewing the page.
Sounds totally confusing to me as I try to explain it so I hope what Im asking makes sense. Thanks for any guidance..
Code: [Select] SELECT * FROM table1,table2,table3,table4,table5 WHERE table1_f = table2_id AND table1_g = table3_id AND table4_p = table1_id AND table5 _m = table4_id ORDER BY RAND() LIMIT 1 Right, Now What I want to do, is have a filter form, which posts to the above, and if: $filter1 = ""; it wont be include in the above code $filter1 = "word"; then i want to include AND table3_n = '$filter1'; in the above code thanks in advance. hi all i just read an article at http://www.phpro.org/tutorials/PHP-Security.html about not trusting server variables like $_SERVER['PHP_SELF'] so they explain, it can't be trusted and so on, but when it comes to a real life example i have difficulty understandig what someone could do with it since i assume it only has effect at client side. they use a form and say that Code: [Select] <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> ... </form> They give as example that someone could do the following: add Code: [Select] <script>alert("XSS HERE");</script> But i don't see how that would have effect to anyone except for the one that inserts that. Could someone maybe explain this a little to me. Hello, I have a client with a "contact us" form who has recently been receiving a lot of spam emails from the form. I already have a session set in place so the form is only active one time. I am now creating a filter for the message to look for things like a url or bb style codes etc. What I've got seems to be working but would like your thoughts on maybe a better way of doing it or if you see something I may be missing. IF an offending text is detected the ip address is sent to me and I can block ip from the site. If the message passes it is sent to the client. This is the related code. Code: [Select] <?php $themessage=str_replace("\r",'<br>',$_POST['message']); $badwords=array("[", "url", "http", "link", ".com", ".net", ".org", ".biz", "<"); $o=0; foreach($badwords as $key2 => $value2){ $pos = strpos($themessage, $value2); if ($pos==0) { } else{ $o=$o+1; } } if ($o==0) { //compose and send email to client } else{ $useraddress=$_SERVER['REMOTE_ADDR']; //compose and send email to me containing offending address } ?> Hi All I have a script which imports values from a csv file created using excel. However there are several blank values within the file where the person creating it has used blank columns to create whitespace in the file. I have used array_filter to remove these from the array, however how do I remove the redundant keys and 'squash' everything together so it is nice and neat? eg import would be , ,id, , surname, ,firstname, ,DOB, , address, , which returns array after array_filter [1]-> id [3]->surname [5]->firstname [7]->DOB [9]->address I want to return as an array which would be Quote [0]-> id [1]->surname [2]->firstname [3]->DOB [4]->address Is there a function to do this or would I need to create a custom one? I have some text boxes for searching the students in database also i have a drop down box for selecting student with balance amount to be paid tell me how to filter or search the list of stuents Code: [Select] <select> <option value="">All </option> <option value="">Unpaid </option> <option value="">Paid </option> </select> Hi. I was hoping someone could tell me whether this is possible and if so how I could go about doing it preferably with a tutorial as im pretty new to programming. I have a database that will contain 100's of records. I want users to be able to select filter parameters on this data by both text and checkboxes with it automatically updating the results (hopefully without page reload). I managed this so far using this Jquery filter script: http://www.picnet.com.au/picnet-table-filter.html. As this will table will have so many rows however I think it would take ages to load so instead I would like to paginate the table but still allow filters applied to affect all records not just the ones displayed on the current page. Any ideas on how i could do this? Thanks in advance for your help. Hey guys i am using a global filter on my $_POST function filter($str){return htmlentities($str, ENT_QUOTES);} $_POST = array_map('filter', $_POST); It helps me encode the stuff into the database. It works great on all my fields exept my arrays ... Ex: fields like this <input type="text" name="name[]" size="20"> breaks Any sugestions on gething this global filter working? I have a MySql table full of records. id owner car location on my page i have these results in a table i want to set a filter up so the table will only show cars from eg location England. at the minute its just set to show cars that owner has but i want a location filter any help Hi there, I have one question about the function rand(), What if i want to have an number between 0 and 360 Without 90 to 180 so 91,92,93,94.....180 can't be the number how can i do that? btw, I know its possible through if,while,for and so on. But is there an other way to do this? HI all, Yesterday i read quite alot about htmlentities() htmlspecialchars() mysql_real_escape_string But today i stumbled upon filter() (http://www.w3schools.com/php/php_filter.asp). Does anyone know if this is also a good way to sanitize and may even be an alternative for the other functions? OR is it something completly different? I am still a novice with this so please enlighten me : ) TY I'm having some problems with a piece of software I use on a clients website. There is a "related items" function module available, with this module you can filter to show items from the same category OR in the same city. But now my client want's the module to show only items that are located in the same category AND the same city.
My PHP knowledge is just not good enough to solve this myself, that's why I ask for advice here. I already defined the lines of code that manage the filter, but I don't know how to make this from an "OR" filter to an "AND" filter. Can someone help me with this?
// Join over prop mid table if getting related by category
if($search_cat)
{
$cats = ipropertyHTML::getAvailableCats($property->id);
if($cats)
{
$searchwhere[] = 'pm.cat_id IN ('.implode(',', $cats).')';
}
}
// Filter by city.
if($property->city && $search_city) $searchwhere[] = 'p.city = '.$db->Quote($property->city);
if( count($searchwhere)) $query->where('('.implode(' OR ', $searchwhere).')');
I have attached the complete file in case that gives a better insight in the filter function.
Best regards, Niels
Attached Files
helper.php 4.79KB
1 downloads |
|||||||