Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About eko_wardoyo

  • Rank
  1. i use this code <html> <head> <title></title> <script type="text/javascript" src="js/jquery-1.4.3.min.js"></script> <script language="javascript" type="text/javascript"> $im_count = 0; $img_array = new Array("image/1.jpg","image/2.jpg"); function changeImage(){ $("#imgholder").fadeOut().attr("src",$img_array[$im_count%2]).fadeIn(); $im_count++; window.setTimeout("changeImage()",5000); } $(function(){ changeImage(); }); </script> </head> <body> <h1>This is heading</h1> <img src="
  2. hi guys, i have a problem to random some images with auto refresh can you help me
  3. i'm confuse about multithreading in phpif you have some information or source code, please post here
  4. $GLOBALS["map"] is class of mapobject that contains function and member of mapobject but we must create the object first, for example:map=ms_newMapObj();i've solved the problem, i must add quote to variable $querystring like you've said :)i changed the script like this:$myquery=$oLayerString->queryByAttributes($qitem,$qitem."='$qstring'",MS_SINGLE);
  5. i made the mapfile by myselfi have tried to query the script in shp database, its fine and there is no error but if i use postgis database i got that error
  6. i have some problem about search attribute using function querybyattributes in phpmapscript. i use postgis for search spatial data.here is the script:<?$qlayer=strtolower($_GET["qlayer"]); $qitem=strtolower($_GET["qitem"]); $qstring=strtoupper($_GET["qstring"]); $querystring=strval($qstring); if(!empty($qlayer)&&!empty($qitem)&&!empty($qstring)){ $oLayerString=$GLOBALS["map"]->getLayerByName($qlayer); $myquery=$oLayerString->queryByAttributes($qitem,$qitem."=".$querystring,MS_SINGLE); $GLOBALS["gShowQueryString"]=TRUE; }
  7. hmmm...i've tried to print the $sql and the result is magic_quotes add slashes when i tried to do the injection eventhough magic_quotes is turn off thanks for your advise
  8. i've troubled with request.form because request.form in my script don't send any value so server will filter that username is incorrecthere is form login: <html><head><title>Halaman Login</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head><body><form name="form1" action="cek_user.asp" method="post"> <table width="365" border="0" cellpadding="0" cellspacing="0" align="center"> <!--DWLayoutTable--> <tr> <td height="31" colspan="3" align="center" valign="top"><b>Login Form</b&g
  9. i've tried sql injection, add space after double dash but it didn't work at all and i've also tried many sql injection such as:hi'or 1=1--admin'--'or '1''='1why the script above only work in ASP??? do you know how to do the injection without turn off magic_quotes_gpc???
  10. i have tried what you said, but server will filter that username incorrect and i've tried to turn off magic_quotes_gpc in php.ini, server still filter username incorrect do you know why?
  11. mmm... i still don't understand what you mean. for example for script sql injection just like what you said:'or 1=1--/nis it correct?
  12. i try it in my own web "localhost", here is the script for check username and password:<? require_once('koneksi.php');?><?$username=$_POST['user'];$password=$_POST['password']; $sql="select*from user where username='$username' and password='$password'"; $hasil=mysql_query($sql); $hit=mysql_num_rows($hasil); if($hit==1){ echo "<meta http-equiv='refresh' content='0;url=hal_utama.php'"; } else{//incorrect username and password echo "Username atau Password anda belum benar!<br>"; echo "Silahkan anda <a href='login.php'>Login</a> kembali"; }?>i try to injection i
  13. eko_wardoyo

    SQL Injection

    i use sql injection in PHP using 'OR 1=1-- and other sql injection but failed, do you know what make it failed?can you help me???
  14. little curious about the Google search bar... could you give me the script?
  15. for full text search you can use this syntax:SELECT * FROM articles WHERE body='$keyword';
  • Create New...