Jump to content

codeminer

Members
  • Content count

    31
  • Joined

  • Last visited

Community Reputation

0 Neutral

About codeminer

  • Rank
    Newbie

Profile Information

  • Gender
    Male
  • Location
    earth
  • Interests
    php,css,html,sql,xampp set-up

Previous Fields

  • Languages
    php,css,html,sql,xampp set-up

Recent Profile Visitors

2,107 profile views
  1. .htaccess File

    i also agree with you the .htacess should go in the main conf file not only is it recomended its also easier to keep trac of
  2. .htaccess File

    Merry Christmas i hope your doing well . I m try to create a per user dir so each user will be able to create there own music projects. in order to make it work i need to give each member their own directory i have everything built at this point but its all worthless with out each project having there own directories . i been trying to get a grip on its pretty slippery to grasp i have crashed apache so many times . if you have any input on this i would be greatful im not exactly sure where to start i created the virtual host need to understand how to set the user dir = path dont know if i should turn off the doc root once figure that i guess i need to go conf directives turn on the user dir module.so i want to do it right just need to find the beging and deal with each step here is directory structure main folder http login system ? i think i should put the login system outside the main folder and redirect once login users, home, ~username,public_html i have all the files that need to be shared in the the public html directory .need to know how to create the path/ to / files so i can get apache to load new instances of them when called
  3. .htaccess File

    i need help with this also this is the structure apache reads the config file so i read this is the order the directives should be in everything should go between the vitual host tags <VirtualHost *:80> DocumentRoot "C:/xampp/htdocs/example ServerName example.com <Directory /srv/www/example.com/public_html/images> Order Allow,Deny Allow from all Deny 55.1 </Directory> the .htacess is read at the same time as the directory <DirectoryMatch> <Directory ~> <Files> <FilesMatch> <Location> <LocationMatch> im trying to learn this right now this is as far as i have understood so far correct me if im wrong but this all should go inside you httpd-vhost.conf between your <VirtualHost*80>......</VirtualHost>
  4. How Is W3Schools Now ?

    I had a site not to long ago, I use to press the lock button on browser . the browser i would be using would warn me that my site wasn't safe. i didn't want people feeling insecure or feel like they shouldn't visit the site because of the browser warning , so I sprang the $70.00 bucks and encrypted it .As far as my passwords my passwords are so long i get time out by the time i get done filling out the password field. , just kidding. i think this site is GRATE .its something that is really needed for young developers and veterans. i have studied constantly for yrs , i still don't know anything, virtually never talked to any one .came to the point my brain wanted to explode. .this site gives people the opportunity to find the needle in the hey stack and help others in their journey. The Moderators here know their stuff and if they don't they take the time to find out the answers which is very commendable. learning to code is like a bottomless pit there always more you need to know this is a great platform down the rabbit hole .Thank you guys for all your hard work. cheers
  5. How Is W3Schools Now ?

    I tack it back something is wrong with w3scools its like its not being maintained i also noticed that this site is not encrypted according to firefox it kind scares me a little
  6. How Is W3Schools Now ?

    i like the place no matter how it looks one possible reason might be relate to the latest php update a lot of sites had troubles
  7. form validation

    I agree my problem is that I started with mysqli I can due basic function like connect select insert I wanted to try to finish what I started once I get a grip on some of these basics I might have enough understanding to take the plunge with pdo I appreciate your input
  8. How to make this?

    I think if im getting it your looking for something like this <a title="HOWDY, YOU CAN PUT WHATEVER YOU WANT HERE MAKE SURE TO CHANGE THE LINK TO THE PAGE YOU WANT IT TO WORK ON." href="HTTP://127.0.0.1/SOMEWHEREONTHEPLANET/"><code>HOWDY</code></a> OR YOU MIGHT WANT SOMETHING LIKE THIS YOU NEED TO CREATE MORE FILE TO MAKE IT WORK //put this in your index.php in any kind of tag that works <form action ="createFile.php" method ="POST"> <input type = "hidden" name ="MAX_FILE_SIZE" value ="10000000"/> <input type = "text" name = "name" placeholder ="Project name"> | <input type = "submit" value = "submit"><p> </form></center><br/> <?php $full_path = "."; $dir = @opendir($full_path) or die ("Unable to open directory"); while($file = readdir($dir)) { if($file == "." || $file == ".." || $file == "index.php" || $file == "create_file.php" || $file == "edit_file.php" || $file == "edit.php" || $file == "delete.php" || $file == "uploads") continue; #contents in here echo"<ul class ='menu'><li><a href ='$file'>$file</a><br/> <a href='edit.php?name=$file'>Edit</a> | <a href='delete.php?name=$file'>Delete</a> <br/></li></ul><!--closes new file menu-->"; #content ends here } closedir($dir); ?> ----------------------------------------------------------------- create file called createFile.php -------------------------------------------------------------- <?php $pre_file_name = $_POST['name']; $ext = ".html"; $file_name = $pre_file_name.$ext; fopen($file_name,'w'); ?> <html> <form action ="edit_file.php" enctype = "multipart/form-data" method ="POST"> <input type = "hidden" name ="MAX_FILE_SIZE" value ="10000000"/> <textarea name="edit" cols="70" rows ="20" placeholder="edit"> <?php # can include anthing in here('ar2.php');?> </textarea><p> <input type = "hidden" name = "file_name"value = "<?php echo $file_name; ?>"> <input type = "submit" value = "Save"> </form> <p> <h2>Files</h2> </html> -------------------------------------------------------------------- create file called edit_file.php ------------------------------------------------------------------------- <?php $edit = $_POST['edit']; $file_name = $_POST['file_name']; $file = fopen($file_name,'w'); fwrite($file,$edit); //fclose($file);?> <?php echo $_POST['edit'];?> <?php fclose($file); echo "<br/>"; echo "File saved! <a href = 'index.php'>Click Here To Continue</a> "; ;?> ------------------------------------------------------------------------- make file name edit.php --------------------------------------------------------------------- <?php $file_name = $_GET['name']; $file_read = fopen($file_name,"r"); $contents = fread($file_read,filesize($file_name)); fclose($file_read); ?> <form action ="edit_file.php"method ="post"> <input type = "hidden" name ="MAX_FILE_SIZE" value ="10000000"/> <textarea name="edit" cols="100" rows ="15" placeholder="edit"> <?php echo $contents;?> </textarea><p> <input type = "hidden" name = "file_name"value = "<?php echo $file_name; ?>"> <input type="submit" name="submit" size="20" value="save" placeholder="save"> <input type="reset" size="20" name ="reset"><br/> </a> <p> <h2>this is edit.php</h2> ---------------------------------------------------------------- make a file named delete.php ---------------------------------------------------------------------- <?php $file = $_GET['name']; unlink($file); header("location: index.php"); echo"<h3>File Deleted!</h3><a href='index.php'>Click Here To Continue</a>"; ?> there you go. you need to figure out how to make this secure im trying to learn that right now don't even think about using this as is on live site
  9. form validation

    ok change the whole file around ,found better idea .This hashes the password ,check the db if the username is available, checks that the im format is true and checks the firstname against RE rules .returns error messages in the browser, i learned this from a video on youtube <?php //This is the insert.php file if (isset($_POST['submit'])){ include_once 'db.php'; $firstname = mysqli_real_escape_string($conn, $_POST['firstname']); $email = mysqli_real_escape_string($conn, $_POST['email']); $username = mysqli_real_escape_string($conn, $_POST['username']); $password = mysqli_real_escape_string($conn, $_POST['password']); //Error handlers //Check for empty fields if (empty($firstname) || empty($email) || empty($username) || empty($password)) { header("Location: ./index.php?Register=empty"); exit(); } else { //Check if input characters are valid if (!preg_match("/^[a-zA-Z]*$/", $firstname)) { header("Location: ./index.php?Register=NameInvalid"); exit(); } else { //Check if email is valid if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { header("Location: ./index.php?Register=Invalid Email"); exit(); // Checks if username isnt being used by someone else } else { $sql = "SELECT * FROM users WHERE username='$username'"; $result = mysqli_query($conn, $sql); $resultCheck = mysqli_num_rows($result); if ($resultCheck > 0) { header("Location: ./index.php?Resiter=usertaken"); exit(); } else { //Hashing the password $hashedPassword = password_hash($password, PASSWORD_DEFAULT); //Insert the user into the database $sql = "INSERT INTO users (firstname,email, username,password) VALUES ('$firstname','$email', '$username', '$hashedPassword');"; mysqli_query($conn, $sql); header("Location: ./index.php?Register=success"); exit(); } } } } } else { header("Location: ./index.php"); exit(); }
  10. form validation

    I thought this worked ,it doesn/'t hash the pass, It puts the hash in the data base but it fires prematurely it causes the input field to be fill before the user input is served . just need to keep pounding .hopefully ill get a break through, trial an error unfortunately mostly error
  11. form validation

    thank you for your expert advise. I managed to convert the password into the options array prior to inserting in to db using this code. It works!!!YA.THANK YOU //password if (empty($_POST["password"])) { $passwordErr = "password word is required"; } else { $password = test_input($_POST["password"]); //changed the regular expression you can add up to 60 charecters if (!preg_match("/^(?=[-_a-zA-Z0-9]*?[A-Z])(?=[-_a-zA-Z0-9]*?[a-z])(?=[-_a-zA-Z0-9]*?[0-9])\S{0,60}/",$password)) { $password_Err = "<br><P>Password must be a mixure of no# and letters containing upper & lower case charecters</P>"; } } // changed the name of password to password_hash call the $options array this is coverting the password prior to getting to db it works $options = [ 'cost' => 9, 'salt' => mcrypt_create_iv(22, MCRYPT_DEV_URANDOM), ]; $password = password_hash($password, PASSWORD_BCRYPT, array( '$options' ));
  12. form validation

    I read your article that you put up a while back on form page mode very helpful and in depth in fact if I would have discovered sooner I wouldn't have post this I know im just printing the hash out on the page .I Relies that it needs to be defined in the insert statement .what im trying to learn is how to put it in the insert statement so that hashing of the password is accomplished in db . as far as the specialchars i never used them before i 'm trying to learn security . here is my insert file <?php $servername = ""; $username = ""; $password = ""; $dbname = ""; // Create connection $conn = new mysqli($servername, $username, $password, $dbname); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); //____________________________________________ //trying to understand how to put this in the statement }else{ $options = [ 'cost' => 9, 'salt' => mcrypt_create_iv(22, MCRYPT_DEV_URANDOM), ]; $password = password_hash( "password" ,PASSWORD_BCRYPT, $options); //_______________________________________ $sql = "INSERT INTO users (username, password,email,website,comment,gender) VALUES ('$_POST[username]', '$_POST[password]', '$_POST[email]', '$_POST[website]', '$_POST[comment]', '$_POST[gender]')"; if ($conn->query($sql) === TRUE) { echo "New record created successfully, <a href = 'http://127.0.0.1/A'>Click here to continue</a>"; } else { echo "Error: " . $sql . "<br>" . $conn->error; } } $conn->close();
  13. form validation

    sorry about this duplication im just not familiar with this editor I can't seem to locate the delete button
  14. form validation

  15. form validation

    <!DOCTYPE HTML> <html> <head> <style> .error {color: #FF0000;} </style> </head> <body> <?php /** * Note that the salt here is randomly generated. * Never use a static salt or one that is not randomly generated. * * For the VAST majority of use-cases, let password_hash generate the salt randomly for you */ // define variables and set to empty values $usernameErr = $passwordErr = $firstnameErr = $emailErr = $genderErr = $websiteErr = ""; $username = $password = $firstname = $email = $gender = $comment = $website = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["username"])) { $usernameErr = "UserName is required"; } else { $username = test_input($_POST["username"]); if (!preg_match("/^[a-zA-Z ]*$/",$username)) { $usernameErr = "Only letters and white space allowed"; } } if (empty($_POST["password"])) { $passwordErr = "password word is required"; } else { $password = test_input($_POST["password"]); if (!preg_match("/^(?=[-_a-zA-Z0-9]*?[A-Z])(?=[-_a-zA-Z0-9]*?[a-z])(?=[-_a-zA-Z0-9]*?[0-9])\S{8,}/",$password)) { $passwordErr = "<br>Password must be a mixure of <br>no# and letters containing <br>upper & lower case letters <br>at least 8 charecters<br>long"; } } if (empty($_POST["firstname"])) { $firstnameErr = "FirstName is required"; } else { $firstname = test_input($_POST["firstname"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$firstname)) { $firstnameErr = "Only letters and white space allowed"; } } if (empty($_POST["email"])) { $emailErr = "Email is required"; } else { $email = test_input($_POST["email"]); // check if e-mail address is well-formed if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid email format"; } } if (empty($_POST["website"])) { $website = ""; } else { $website = test_input($_POST["website"]); // check if URL address syntax is valid (this regular expression also allows dashes in the URL) if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) { $websiteErr = "Invalid URL"; } } if (empty($_POST["comment"])) { $comment = ""; } else { $comment = test_input($_POST["comment"]); } if (empty($_POST["gender"])) { $genderErr = "Gender is required"; } else { $gender = test_input($_POST["gender"]); } } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?> <h2>PHP Form Validation Example</h2> <p><span class="error">* Required Fields</span></p> <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> Username:<br/> <input type="text" name="username" value="<?php echo $username;?>"> <span class="error">* <?php echo $usernameErr;?></span> <br><br> Password:<br/> <input type="password" name="password" value="<?php echo $password;?> ?> "> <span class="error">* <?php echo $passwordErr;?></span> <br><br> Firstname:<br/> <input type="text" name="firstname" value="<?php echo $firstname;?>"> <span class="error">* <?php echo $firstnameErr;?></span> <br><br> E-mail:<br/> <input type="text" name="email" value="<?php echo $email;?>"> <span class="error">* <?php echo $emailErr;?></span> <br><br> Website:<br/> <input type="text" name="website" value="<?php echo $website;?>"> <span class="error"><?php echo $websiteErr;?></span> <br><br> Comment:<br/> <textarea name="comment" rows="5" cols="40"><?php echo $comment;?></textarea> <br><br> Gender:<br/> <input type="radio" name="gender" <?php if (isset($gender) && $gender=="female") echo "checked";?> value="female">Female <input type="radio" name="gender" <?php if (isset($gender) && $gender=="male") echo "checked";?> value="male">Male <span class="error">* <?php echo $genderErr;?></span> <br><br> <input type = "reset" name = "reset"/> | <input type="submit" name="submit" value="Submit"> </form> <h2><?php echo "WELLCOM!";?> <?php echo $username;?></h2> <?php $options = [ 'cost' => 9, 'salt' => mcrypt_create_iv(22, MCRYPT_DEV_URANDOM), ]; echo password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options); echo "<br>"; echo $firstname; echo "<br>"; echo $email; echo "<br>"; echo $website; echo "<br>"; echo $comment; echo "<br>"; echo $gender; ?> </body> </html> Hello I need some advise on this need to make sure this is correct . I took this form from w3shools a long time ago. I modified it with regular expressions went to php.net, pick the hash function manipulated the code a little bit just need to make sure it gonna fly thank you in advance
×