westman

Members
  • Content count

    490
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by westman

  1. I may have about 20-30 different connections with different queries on a page. Should I use $conn->close(); after each query or and the bottom of the page?
  2. Hi all, I used to use $name = mysql_real_escape_string($name); to clean information to store in my database on php 5.4 Now I am using php 5.6 and it seams to be a problem. I was given this code to replace mysql_real_escape_string... function IsInjected($str) { $injections = array('(\n+)', '(\r+)', '(\t+)', '(%0A+)', '(%0D+)', '(%08+)', '(%09+)' ); $inject = join('|', $injections); $inject = "/$inject/i"; if(preg_match($inject,$str)) { return true; } else { return false; } } The only problem is that I do not understand the code or how to use it. Is there an easier way to clean information and stop SQL injection?
  3. But I am not using PDO I am using MySQLi. So is... $stmt = $conn->prepare("SELECT * FROM database WHERE email = ?"); $stmt->bind_param("s", $email); $stmt->execute(); $result = $stmt->get_result(); $numRows = $result->num_rows; if($numRows > 0) { while($row = $result->fetch_assoc()) { $id = $row["id"]; $name = $row["name"]; $age = $row["age"]; }} $stmt->close(); ok for MySQLi?
  4. Is this code safe, up to date, and useful? $stmt = $conn->prepare("SELECT * FROM database WHERE email = ?"); $stmt->bind_param("s", $email); $stmt->execute(); $result = $stmt->get_result(); $numRows = $result->num_rows; if($numRows > 0) { while($row = $result->fetch_assoc()) { $id[] = $row['id']; $name[] = $row['name']; $age[] = $row['age']; }} $stmt->close(); The following code instead of the above. $id = $row["id"]; $name = $row["name"]; $age = $row["age"];
  5. like it. Thank you.
  6. I see that $name = mysql_real_escape_string($name); is not needed to protect agents SQL injections when mysqli is use in a prepared statement on data INSERT. How do we protect our database with SELECT, UPDATE, and DELETE?
  7. thanks
  8. Hi all, I am looking for the right command to give to run a php file using a cron job. I have tried the following... /usr/local/cpanel/bin/jailshell: -c: /home/my_username/public_html/folder/file.php" /usr/local/cpanel/bin/jailshell -q /home/my_username/public_html/folder/file.php" /usr/local/bin/php -q /home/my_username/public_html/folder/file.php" /usr/bin/php -q /home/my_username/public_html/folder/file.php" and /home/my_username/public_html/folder/file.php" I get this error in an email... /usr/local/cpanel/bin/jailshell: -c: line 0: unexpected EOF while looking for matching `"' /usr/local/cpanel/bin/jailshell: -c: line 1: syntax error: unexpected end of file What command should I give to run a php file from a cron job? My linux server info: cPanel Version 64.0 (build 12) Apache Version 2.4.25 PHP Version 5.6.30
  9. Last question for cron jobs. I have this cron job working fine... /usr/local/cpanel/bin/jailshell -q /home/my_username/public_html/folder/file.php and if I go to www.mysite.com/folder/file.php the code will run. how do I only give access to this file through cron job and not give access through www.mysite.com/folder/file.php
  10. ok. Thank you.
  11. Prepared statements look fun but I have 1,000's of lines of code in different files all using $conn1 = mysql_connect("$servername","$username","$password") or die ("could not connect to mysql"); mysql_select_db("$dbname") or die ("no database"); not $conn1 = new mysqli($servername, $username, $password, $dbname); Do I need to change all my code if I start using mysqli and how will it effect everything else?
  12. thank you. now working. " was the problem
  13. I notice that some sites on the clear web but most on the dark web show their PGP public key. ‚ÄčI have a pgp privet key that was auto generated along with my .onion url when I opened the tor browser. I also took a look at https://github.com/singpolyma/openpgp-php and my question is... How do I display a PGP public key on a website that relates to my site url using php?
  14. I understand that. However, I am not talking about pgp for messages or email. I am talking about the pgp privet key you receive with your random .onion domain name when you open the Tor browser with the intent of hosting on the dark web. The pgp privet key and the .onion url are linked (meaning the privet key and url are bound together/created together). From my pgp privet key and my .onion url I am trying to find my pgp public key. How do I do that?
  15. Yer, Years of support from this forum I have got. Thank you.
  16. Hi all, I am trying to remove a folder if it exists and files within it if they exists. I keep getting this error. Fatal error: Cannot redeclare delete_directory() (previously declared in /home/content/31/1234321/html/ads/index.php:236) in /home/content/1234321/html/ads/index.php on line 236 $time04 = date("Y-m-d",time() - (60*60*24*7*26)); // 6.5 mouths (26 weeks)$time04 = mysql_real_escape_string($time04);$sql02_info_get = mysql_query("SELECT * FROM ads WHERE live='0' AND addate < TIMESTAMP('$time04')");$sql02_info_get_count = mysql_num_rows($sql02_info_get);if ($sql02_info_get_count > 0){while($row = mysql_fetch_array($sql02_info_get)){$remove_adid = $row["adid"];$directory = "pics/$remove_adid";//if(!is_dir($directory)){//echo "good";//exit(); //}else{//echo "bad";//exit(); //}function delete_directory($directory, $empty=false) // line 236{ if(substr($directory,-1) == DIRECTORY_SEPARATOR){ $directory = substr($directory,0,-1); } if(!is_dir($directory) || !is_readable($directory)){ return false; } else{ $handle = opendir($directory); while (false !== ($item = readdir($handle))){ if($item != '.' && $item != '..'){ $path = $directory.DIRECTORY_SEPARATOR.$item; if(is_dir($path)){ delete_directory($path); } else{ unlink($path); } } } closedir($handle); if($empty == false){ if(!rmdir($directory)){ return false; } } return true; }} delete_directory($directory);$remove_adid = mysql_real_escape_string($remove_adid);$sql02 = mysql_query("DELETE FROM ads WHERE adid='$remove_adid'"); } // end loop} any help?
  17. most impotent question has been asked "What are you trying to do?" are you posting info to a DB or are you link building? from your code it is uncertain.
  18. thank you it works. you got me! it is not my code but I have used it before and it has worked outside a loop. would love to know how each line of the code works. have you got the time?
  19. try... $mailtext .= '<b>' . $name . '</b>' . $trenner . $einzelwert . $trenner2;or$mailtext .= '<strong>' . $name . '</strong>' . $trenner . $einzelwert . $trenner2; as mentioned above.
  20. He what'd to know how to send an email. I helped with code. you are welcome
  21. $to = "me@gmail.com"; $from = "admi@mysite.com";$subject = "error";$message = '<html> <body bgcolor="#FFFFFF"> <br /><br /> Error: ' . $error_log . ' </body> </html>'; // end of message $headers = "From: $fromrn"; $headers .= "Content-type: text/htmlrn"; // Finally send the activation email to the member mail($to, $subject, $message, $headers); NOTE to the mods and admin. It is ok to help with code from time to time it will not kill you to help in this way.
  22. I do not know what part of my code defines the function so here is what I did... $time04 = date("Y-m-d",time() - (60*60*24*7*26)); // 6.5 mouths (26 weeks)$time04 = mysql_real_escape_string($time04);function delete_directory($directory, $empty=false){ if(substr($directory,-1) == DIRECTORY_SEPARATOR){ $directory = substr($directory,0,-1); } if(!is_dir($directory) || !is_readable($directory)){ return false; } else{ $handle = opendir($directory); while (false !== ($item = readdir($handle))){ if($item != '.' && $item != '..'){ $path = $directory.DIRECTORY_SEPARATOR.$item; if(is_dir($path)){ delete_directory($path); } else{ unlink($path); } } } closedir($handle); if($empty == false){ if(!rmdir($directory)){ return false; } } return true; }} $sql02_info_get = mysql_query("SELECT * FROM ads WHERE live='0' AND addate < TIMESTAMP('$time04')");$sql02_info_get_count = mysql_num_rows($sql02_info_get);if ($sql02_info_get_count > 0){while($row = mysql_fetch_array($sql02_info_get)){$remove_adid = $row["adid"];$directory = "pics/$remove_adid";//if(!is_dir($directory)){//echo "good";//exit(); //}else{//echo "bad";//exit(); //}delete_directory($directory);$remove_adid = mysql_real_escape_string($remove_adid);$sql02 = mysql_query("DELETE FROM ads WHERE adid='$remove_adid'"); } // end loop} will this work? if not please give code examples.
  23. how am I going to remove the code in the block that defines the function and still have a function than functions? I do not understand. please be more clear by telling me all the key words I need to remove or paste some code to see.
  24. Do you mean this line? function delete_directory($directory, $empty=false) // line 236{ If not please copy and past the line so it is clear.