IRC Logs

Network: freenode Channel: #php

	Enter your search terms Submit search form
	Web www.irclog.org

[14:49]<orrlyrrdrsyrr>yea i done, shows page
[14:49]<orrlyrrdrsyrr>but shows 2 menus
[14:49]<snzzyjf_nfsnwxnz>can somebody go to http://my-copycenter.net/
[14:49]<orrlyrrdrsyrr>= "home" and else menu
[14:49]<snzzyjf_nfsnwxnz>and login with srl and srl
[14:49]<sfddjvxd>because you say $page = 'blah'
[14:49]<sfddjvxd>it shoudl be $page == 'blah'
[14:49]<orrlyrrdrsyrr>k
[14:49]<sfddjvxd>two equal signed needed
[14:50]<snzzyjf_nfsnwxnz>where can i past
[14:50]<snzzyjf_nfsnwxnz>my code
[14:50]<sfddjvxd>www.phpaste.com
[14:50]<orrlyrrdrsyrr>ok, just shows menu which is in else now and not the others.
[14:51]<sylnpznn>that's because $page does not equal 'home' or 'help'
[14:51]<sfddjvxd>because it doesn't equal the others
[14:51]<fyznfjw_>\Documents and Settings\firefox>mysql
[14:51]<fyznfjw_>ROR 1045 (28000): Access denied for user 'ODBC'@'localhost' (using password: NO)
[14:51]<fyznfjw_>what does that mean?
[14:51]<fyznfjw_>I just installed Mysql 5.0
[14:51]<sfddjvxd>incorrect password
[14:51]<orrlyrrdrsyrr>yes
[14:51]<fyznfjw_>where must I type the password?
[14:51]<sfddjvxd>or no password supplied
[14:51]<fyznfjw_>mysql - password?
[14:52]<sfddjvxd>mysql -u ODBC -p
[14:52]<sxzzdggg>hi im trying to save images from web using file_get_contents and filing functions but they are not saved correctly. whats wrong please?
[14:52]<sfddjvxd>then it prompts for password
[14:52]<orrlyrrdrsyrr>(slimothy): is this the best way to do what i require or do you know a better method?
[14:52]<sfddjvxd>switch()
[14:52]<sfddjvxd>i love me some adodb
[14:53]<gavaasxww0>surely there's a #adodb or some such
[14:53]<orrlyrrdrsyrr>(slimothy): ive done whole page so you understand page structur better >> http://pastebin.ca/93366
[14:53]<snzzyjf_nfsnwxnz>can somebody expalin me the "Trabalhos " button disaapearing phenomenum?
[14:53]<sylnpznn>sharmeen, in what way are they not saving properly?
[14:53]<snzzyjf_nfsnwxnz>explain
[14:53]<sfddjvxd>onelinedesign, basically when you don't want to do a whole lot of if elses you can use switch
[14:53]<sfddjvxd>its fast too
[14:53]<nvw0w>how do i explode data in this form. $msg = "this is an example" i want to be able to do $msg[1] = this $msg[2] = is etc.. i know how to explode, just not in that form
[14:54]<snzzyjf_nfsnwxnz>forget
[14:54]<sxzzdggg>sipefree i cannot see their preview
[14:54]<snzzyjf_nfsnwxnz>I AM STUPID
[14:54]<orrlyrrdrsyrr>ok so would be like if switch() ?
[14:54]<sfddjvxd>switch($page) case 'home': echo "the page is home\n"; break; }
[14:54]<orrlyrrdrsyrr>k
[14:54]<orrlyrrdrsyrr>you see how im doing this
[14:54]<sfddjvxd>actually
[14:55]<gavaasxww0>eth0x: $msg = explode(' ', $msg);
[14:55]<sfddjvxd>you're just gonna ask again
[14:55]<sfddjvxd>lol
[14:55]<orrlyrrdrsyrr>is there a better way so i dont have to make like 10 menus here :)
[14:55]<sfddjvxd>let me type ot for ya
[14:55]<sfddjvxd>one sec
[14:55]<orrlyrrdrsyrr>k
[14:55]<sylnpznn>sharmeen: paste your code to pastebin.ca
[14:56]<sylnpznn>eth0x: remember than when you explode, it will be $msg[0] = "this", $msg[1] = "is", because arrays start at index 0
[14:57]<sfddjvxd>wait
[14:57]<sfddjvxd>onelinedesign
[14:57]<dugeyz>slimothy: Iwant to print $string1 in $string1 = ngettext("1 read", "%d reads", $c); but the problem is ngettext sometimes return a %d and sometimes not so how can I solve this please?
[14:57]<sfddjvxd>you need to format the string between ngettext and the printf call
[14:57]<sfddjvxd>onelinedesign, look at this: $page = $_GET['section'].".php";
[14:57]<sfddjvxd>that has $page with .php added
[14:58]<sfddjvxd>but in your ifs you are loooking for the page name without the .php attached
[14:58]<sxzzdggg>ok
[14:58]<gf_dgwyrrgj>howto find the href inside an text
[14:58]<wjlllrws>!tell slimothy about enter
[15:00]<nvw0w>$cmd = explode(' ', $data);
[15:00]<nvw0w>then im doing $cmd[0] - $cmd[1] etc.
[15:00]<nvw0w>not working
[15:00]<zxnzvnz>$page = '/path/to/passwords > index'
[15:00]<sfddjvxd>onelinedesigner, http://pastebin.ca/93377
[15:00]<zxnzvnz>and slimothy's website is hacked
[15:00]<sfddjvxd>no no
[15:00]<sfddjvxd>he did not ask for security advise
[15:01]<nvw0w>wait.. maybe what im looking for is further in $data.. probally $cmd[4] hmm
[15:01]<zxnzvnz>yeah, he asked for his website to be hacked
[15:01]<drgjfufus>hello, please tell what is wrong in string: $sqlquery = "INSERT INTO $table VALUES('$id', $_GET['MsIsdn'], $_GET['Country'])";
[15:01]<sfddjvxd>you could also add a urlencoded null byte so the .php is never reached and someone sets $page to ../../../../etc/passwd%00
[15:02]<sfddjvxd>but we can't heap security onto people who are just picking up the basics, because thats adding to the learning curve
[15:02]<ajfmnz>manopulus, you need to put quotes around non-numeric values
[15:02]<zxnzvnz>yeah, let's just forget everything so there's no learning curve
[15:02]<gavaasxww0>slimothy: that's right :] let them perpetuate the 'php is insecure!' conception!
[15:02]<drgjfufus>colder: like?
[15:03]<ajfmnz>INSERT INTO .... SET foo = 'mynon-numericvalue'
[15:03]<sfddjvxd>ok but if we were to take things like that then that printf question before is insecure too
[15:03]<sfddjvxd>every sql question
[15:03]<gavaasxww0>insert doesn't use 'set'
[15:03]<orrlyrrdrsyrr>(slimothy): back, was on phone just reading your messages
[15:03]<dugeyz>slimothy: you mean I need to add an if statement to check if there is a %d to use printf("$string1") or else to use printf("$string1"), $c)?
[15:04]<sfddjvxd>not really, because if there is no %d then $c won't show anyway
[15:04]<sfddjvxd>so one printf would be enough
[15:04]<snzzyjf_nfsnwxnz>manoplus: $_REQUEST is better than $_GET
[15:04]<ajfmnz>munzir, don't quote single variables
[15:04]<sfddjvxd>asuming there are no other special characters in there wither, liek %s
[15:04]<drgjfufus>thanks
[15:04]<orrlyrrdrsyrr>(slimothy): trying now.
[15:05]<ajfmnz>sergiol_elsewher, no it's not, it's just different.
[15:05]<sfddjvxd>switch() is leet, and cheater is right onelinedesign, you have a security issue there where peopel can read files on your server with that code
[15:05]<sfddjvxd>and possibly download code remotely to execute on your server
[15:05]<snzzyjf_nfsnwxnz>$_REQUEST can assume both $_GETand $_POST
[15:05]<sfddjvxd>its up to you if you care or not

Back to #php
Or go to some related logs:
#gentoo
#blender
#gentoo
#gentoo
#gentoo