Balderick

Members
  • Content count

    75
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Balderick

  • Rank
    Newbie

Recent Profile Visitors

4,065 profile views
  1. and here you have the output of the script: X:mylocation\test-forumpost.php:15: array (size=36) 0 => string 'HTTP/1.1 302 Found' (length=18) 1 => string 'Location: https://www.facebook.com/thisisnothingbutcrap' (length=55) 2 => string 'Vary: Accept-Encoding' (length=21) 3 => string 'Content-Type: text/html; charset=UTF-8' (length=38) 4 => string 'X-FB-Debug: H2nqcWjKt6OFa3H/7fqtn4AmaBe8bs8XU7D8p5iiBbjfIFxKPFk0AXrzmYcsb1j6CQpEAr1WWY+BMO7chtE4vg==' (length=100) 5 => string 'Date: Thu, 10 Aug 2017 08:20:45 GMT' (length=35) 6 => string 'Connection: close' (length=17) 7 => string 'Content-Length: 0' (length=17) 8 => string 'HTTP/1.1 302 Found' (length=18) 9 => string 'Location: https://www.facebook.com/unsupportedbrowser' (length=53) 10 => string 'Strict-Transport-Security: max-age=15552000; preload' (length=52) 11 => string 'access-control-allow-method: OPTIONS' (length=36) 12 => string 'Vary: Origin' (length=12) 13 => string 'Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length' (length=58) 14 => string 'Access-Control-Allow-Origin: https://www.facebook.com' (length=53) 15 => string 'Access-Control-Allow-Credentials: true' (length=38) 16 => string 'Vary: Accept-Encoding' (length=21) 17 => string 'Content-Type: text/html; charset=UTF-8' (length=38) 18 => string 'X-FB-Debug: fc06dn16MiWV1IVm6K5HuEgZBb+X33cGRs/6WG+s8ayq3bhc48K3/4zopvdDa0ikEY97osK2u8Y/OCHRO3eLYQ==' (length=100) 19 => string 'Date: Thu, 10 Aug 2017 08:20:45 GMT' (length=35) 20 => string 'Connection: close' (length=17) 21 => string 'Content-Length: 0' (length=17) 22 => string 'HTTP/1.1 200 OK' (length=15) 23 => string 'X-XSS-Protection: 0' (length=19) 24 => string 'public-key-pins-report-only: max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/"' (length=259) 25 => string 'Pragma: no-cache' (length=16) 26 => string 'Cache-Control: private, no-cache, no-store, must-revalidate' (length=59) 27 => string 'X-Frame-Options: DENY' (length=21) 28 => string 'Strict-Transport-Security: max-age=15552000; preload' (length=52) 29 => string 'X-Content-Type-Options: nosniff' (length=31) 30 => string 'Expires: Sat, 01 Jan 2000 00:00:00 GMT' (length=38) 31 => string 'Vary: Accept-Encoding' (length=21) 32 => string 'Content-Type: text/html; charset=UTF-8' (length=38) 33 => string 'X-FB-Debug: 2DMvDPHSjk4qfRmBAJo9RN+YmquJZHNnvnK7JtWUJ5tiz9sFiScne55HgP9PRhnrC/oQQjaPhBiCadng5jtfSg==' (length=100) 34 => string 'Date: Thu, 10 Aug 2017 08:20:45 GMT' (length=35) 35 => string 'Connection: close' (length=17) X:mylocation\test-forumpost.php:16:string 'http://www.facebook.com/thisisnothingbutcrap' (length=44) X:mylocation\test-forumpost.php:18:string 'HTTP/1.1 302 Found' (length=18) ........................................................................................... I deliberately input a non existing user and get the output above, similar to a user that does exist. Which of the offsets is used to determine whether it is false or not?
  2. this is a part of the code: <?php $url_inp = 'http://www.facebook.com/thisisnothingbutcrap'; $array = get_headers($url_inp); $string = $array[0]; // if( strpos($string,"200") || strpos($string,"301") || strpos($string,"302") || strpos($string,"403") ) { if( strpos($string,"302") ) { var_dump($array); var_dump($url_inp); var_dump($string); } ?>
  3. Can someone give any suggestion how to check if a facebook address is valid when send by form input? I created a function checking the url address with get_headers at status code 302. This doesn't work when a facebook username doesn't exist, because it still gives true. How to solve this problem?
  4. The error is like this: Warning: get_headers(): SSL operation failed with code 1. OpenSSL Error messages: error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 unrecognized name in ..... it concerns the line with: $array = get_headers($url); the url input is: if I change htttps to http then I dont have any error messages. I would like to find a way to check in advance what kind of url is put in to avoid the error messages. Anyone got any idea?
  5. I made a piece of code to check wheter a url page exists. This is a part of the get_headers routine I'm using: <?php // check with checkdnsrr // validate with FILTER_VALIDATE_URL /////////////////////////////////////////////////// // get_headers part $array = get_headers($url); var_dump($array); $string = $array[0]; if( strpos($string,"200") || strpos($string,"301") || strpos($string,"302") || strpos($string,"403") ) { var_dump($url); } else { echo '<br><br> this site is insecure<br>'; echo '<br> use http instead of https <br><br>'; } } ?> The problem is that some websites configure their server either http or https but this does not mean that there is page content. What can be used to determine if there is an index.php or an index.html or any alternative indexpage used? The things I'm considering are: file_exists, file_get_contents or glob() on the other hand var_dump($array) gives in several cases the parameter: Content Type. The value is txt/html . Can this be used to see if there is a page? What would you recommend and can you give an example how this is used?
  6. I decided to go for routine 1and luckily the errors are gone, but the script does not give a result yet. I commented the addeventlistener line and the placed onSubmit in the form tag. <!DOCTYPE html> <html> <body bgcolor="grey"> <center> <br><br><br> <div style="height: 200px; width: 600px; border: solid 2px blue;"> <form id="my_form" action="" method="post" onsubmit="submitForm(event)"> Give your name: <input type="text" name="fname"> <br> <input type="submit" value="Send" > <!--<button type="button" onclick="submitForm(e)">send it</button>--> </form> </div> </body> <script> // Add a submit event handler to the form var form = document.getElementById("my_form"); // form.addEventListener("submit", submitForm, false); // error function submitForm(e) { // Cancel form submission e.preventDefault(); // // Build a query string from the form data var form = e.currentTarget; var query = "", element; for(var i = 0; i < form.elements.length; i++ ) { // error element = form.elements[i]; if(element.name) { query += encodeURIComponent(element.name) + "=" + encodeURIComponent(element.value); query += "&"; } } // Send a request var request = new XMLHttpRequest(); request.onreadystatechange = doSomething; request.open("POST", "prophp.php", true); request.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); request.send(query); // Form data is here // Handle response here however you want to function doSomething() { if(request.readyState == 4) { if(request.status == 200) { // Success // // } else { // Error // // } } } } </script> </html> I use a php script to process the form data, both echo as well as the dump is not done; its like this: <?php echo '<br>test code here : '; if (isset($_POST['fname'])) { var_dump($_POST['fname']); // execute mysql queries } ?> I don not understand completely what is meant with what the target id element is (is that form?) , I put the form part above the javascript-part. What I would actually want is an extra div or p element to show the result.
  7. This is the script right now: <!DOCTYPE html> <html> <head> <script> // Add a submit event handler to the form var form = document.getElementById("my_form"); form.addEventListener("submit", submitForm, false); // error function submitForm(e) { // Cancel form submission e.preventDefault(); // // Build a query string from the form data var form = e.currentTarget; var query = "", element; for(var i = 0; i < form.elements.length; i++ ) { // error element = form.elements[i]; if(element.name) { query += encodeURIComponent(element.name) + "=" + encodeURIComponent(element.value); query += "&"; } } // Send a request var request = new XMLHttpRequest(); request.onreadystatechange = doSomething; request.open("POST", "prophp.php", true); request.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); request.send(query); // Form data is here // Handle response here however you want to function doSomething() { if(request.readyState == 4) { if(request.status == 200) { // Success // // } else { // Error // // } } } } </script> </head> <body bgcolor="grey"> <center> <br><br><br> <div style="height: 200px; width: 600px; border: solid 2px blue;"> <form id="my_form" action="" method="post"> Give your name: <input type="text" name="fname"> <br> <input type="submit" value="Send" onclick="submitForm(event)"> <!--<button type="button" onclick="submitForm(e)">send it</button>--> </form> </div> </body> The errors are at 2 lines: form.addEventListener("submit", submitForm, false); and for(var i = 0; i < form.elements.length; i++ ) { as you see I changed e to event in onclick but no result yet.
  8. I changed that, but it throws a new error like this: TypeError: form.elements is undefined it has to do with this line: for(var i = 0; i < form.elements.length; i++ ) {
  9. Ok thanks for clarification Ingolme I used this form to implement it: <!DOCTYPE html> <html> <body bgcolor="grey"> <center> <br><br><br> <div style="height: 200px; width: 600px; border: solid 2px blue;"> <form id="my_form" action="" method="post"> Give your name: <input type="text" name="fname"> <br> <input type="submit" value="Send" onclick="submitForm(e);"> <!--<button type="button" onclick="submitForm(e)">send it</button>--> </form> </div> but the error thrown out is about this piece of code. e.preventDefault(); the error code says: Reference error is not defined. e has to be declared. I tried to change fname into e; but that didnt work. How is this solved?
  10. Thank you for the answer. Like I said I have not much experience with javascript and I have a lot of questions. With a lot I mean A LOT. I counted 10, so be prepared. I still gonna ask them, I hope your explanation clears a lot. - Which events have which sequence? (in response to: e.PreventDefault) - What is the use of e.CurrentTarget? - With which reason is the query variable made? - Is EncodeURIComponent a way of sanitizing/validation? o Is it (EncodeURIComponent) obliged (strongly recommended) in javascript or is SSL enough in most cases? - Which safety aspects should I heed at when making ajax forms? o Are these security aspect different from php? o With which reason is php sufficient or not? - Can you embed a javascript function inside a function? o How does html process this?
  11. Hello, I have a question about how to send form data to the database, without reloading the entire page. I discovered working with xmlhttprequest. I managed to show text from another file by implementing a javascript function with xhr into my script. I don’t know much about javascript and don’t understand how a javascript form should be added to an existing function. Finally this should run a php script executing the code to add the form data to the database. <!DOCTYPE html> <html> <body bgcolor="grey"> <center> <br><br><br> <div style="height: 200px; width: 600px; border: solid 2px blue;"> <div id="kn_ze"> <form id="my_form" action=""> Give your name: <input type="text" name="fname"> <br> <input type="submit" value="Send" onclick="loadXMLDoc();"> <!-- <button type="button" onclick="loadXMLDoc()">send it</button> --> </form> </div> </div> <script> function loadXMLDoc() { /* document.getElementById("my_form").submit();*/ var xhttp = new XMLHttpRequest(); xhttp.onreadystatechange = function() { if (this.readyState == 4 && this.status == 200) { document.getElementById("kn_ze").innerHTML = this.responseText; } }; xhttp.open("GET", "prophp.php", true); xhttp.send(); } </script> </body> </html> test script to process the form data prophp.php : <?php echo '<br>test code here : '; if (isset($_POST['fname'])) { var_dump($_POST['fname']); // execute mysql queries } ?> 11) How are the form data placed in the existing function? (or should I create a second one? ) Maybe someone can help me out solving it.
  12. This I hear from the beginning I started php programming 2 years ago. But this a recommendation. A strong recommendation I presume, but does this say that everyone just follows these rules, or, that, it is not possible? The answer is no. Would you, therefore, not use mysqli and sanitize and validate all input in a proper way? I'm curious what your opinion is about that!
  13. Hi can someone explain how to create a mysql database in php using OOP prepared statements. I know how to do it with mysqli but I want to know if it can be done with placeholders and oop. a good and clear tut about is okay, but please provide a clear tut about using placeholders and prepared regarding CREATING a new database.
  14. 1) I have login scripts working in combination with database table and verify_password 2) the login scripts are RE-USED for another site 3) In the test fase I use the SAME database table values and copy these in phpmyadmin to a new table is it possible there is some kind of copy security or whatever in the encrypted original table values? I presume this because there is no password_verify match. It could be I'm overlooking something, but the password_verify($form_pw, $database_pw) procedure, does not need encryption BEFORE $form_pw is read? The only conclusion then is: the value in the newly copied table is not the same is in the original table. (of course I can also reinstall the registration scripts to test it, but i would like to rule out other causes ) EDIT: solved. silly me using the wrong password
  15. Sorry people here I have asked this before, so its a bit embarassing to me. But .... I have the following question. Its about using a function inside an if condition. The thing is that when I make a function with 2 returns in this case $data and $alternative I receive them both back. I ask this for grasping how a function acts inside an if condition. So my question is: how does the php engine ‘reason’? Is the outcome of the return ONLY POSSIBLE if you return 1 value inside an if condition; so either true or false ? Example: <?php function valid_someting($data){ global $alternative; $count=''; $count = strlen($data); if ( ($count < 8 && ($count > 4) ) ) { $data = preg_replace('/[^a-zA-Z0-9!@#$%^&*()\-_=+{};:,<.>]/', '', $data ); // $data = ltrim($data); $data = rtrim($data); return $data; } $alternative = $data; return $alternative; } $data = 'abcdabcdabcd'; if (valid_someting($data)) { echo 'color input field green'; } else if ($alternative == TRUE) { echo 'color input field RED'; } ?>