hisoka

"Is it a requirement that none of the addends are identical?" the addends can be identical or not for example addends of 10 can be 5+5 = 10 or 6+4=10

console.log(tmp = +i); used to print all the numbers that the loop engenders

now more difficult . I would like to write a program that gives me the different combinations by the number of addends which when add together gives a number . for example I put 25 as a number then the program generates to me the different combinations of addends like this 1+24 = 25 2+23=25 2 combinations of addends 5+20= 25 1+1+23=25 4+2+21=25 3 combinations of addends 7+3+15=25 7+9+6+3=25 4+10+5+6=25 4 combinations of addends 8+12+1+4=25 2+3+7+8+5=25 5 combinations of addends 9+5+4+6+1=25 5+6+4+3+2+1+4=25 6 combinations of addends any hint on how to do it ?

this is what I get so far : for example if I want the addends of 40 then : for( var i = 0 ; i<=20 ; i++) { console.log(tmp = +i); } and I get 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 all the numbers that when added to each other give 40 if I am wrong could you correct me ?

How to write a Javascript program that find the addends of a number ?

<?php ini_set('display_errors', 1); error_reporting(E_ALL); $target = "key.txt"; $sessionuser['user'] = "d0c5258e830e2e23c190d04428cb0fac"; if (isset($_GET["action"])){ if ($_GET["action"]=="register"){ if(isset($_GET["nick"]) and isset($_GET["id"])){ $hfile = fopen($target, "a"); $con_file = file_get_contents($target); if (strpos($con_file, "::".$_GET["nick"])){ $script='<script type="text/javascript">'; $script.="alert(\"Sorry that nick already exist!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } $nick = urldecode(substr($_GET["nick"], 0, 20)); $id = urldecode(substr($_GET["id"], 0, 20)); fputs($hfile, "::".$sessionuser['user']."::".$nick."::".$id."\n"); fclose($hfile); $script='<script type="text/javascript">'; $script.="alert(\"You are registered now!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; }else{ $script='<script type="text/javascript">'; $script.="alert(\"You have to fill out the whole form!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } } if ($_GET["action"]=="login"){ if(isset($_GET["nick"]) and isset($_GET["id"])){ $hfile = fopen($target, "r"); $i = 0; $len; $line; while (!feof ($hfile)){ $line[$i] = fgets($hfile, 1024); $cntrl = strstr($line[$i], "::".$sessionuser['user']."::" .$_GET["nick"]."::".$_GET["id"]); if ($cntrl){ $len = strlen("::".$sessionuser['user']."::".$_GET["nick"]."::".$_GET["id"]) ; if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::admin"){ echo "good job"; }else{ header('Location:ccc.php'); } } $i += 1; } } else{ echo "Sorry but your input was incorrect. You can't log in without nick or pin!"; } } } ?> <form action="index.php" method="get"> <table width="60%" align="center" cellpadding="0" cellspacing="1"> <tr> <td align="center" class="text"> <br /><input type="text" value="nick" name="nick" maxlength="20" size="20" class="challenge_edit"> <br /><input type="text" value="ID" name="id" maxlength="20" size="20" class="challenge_edit"> <br /><input type="radio" name="action" value="register">register <br /><input type="radio" name="action" value="login">login <br /><br /> <input type=submit class="challenge_submit" value="Execute"> <br /><br /> </td> </tr> </table> </form>

So I did as you told me Justsomeguy and used the var_dump which was very very instructive and useful for me and find those results for the data stored in my key.txt file . These are , first, the fata stored in my key.txt file ::d0c5258e830e2e23c190d04428cb0fac::rrrrrrrrrrr::ttt ::d0c5258e830e2e23c190d04428cb0fac::nick78::78 ::d0c5258e830e2e23c190d04428cb0fac::jordi::admin ::d0c5258e830e2e23c190d04428cb0fac::nickkl::tz ::d0c5258e830e2e23c190d04428cb0fac::gordi::admin and this is what I got for var_dump(strlen($line[$i])); int(53) int(47) int(49) int(47) int(49) as you exactly told me the fgets returns the trailing line break along with the line meanwhile $len = strlen("::".$sessionuser['user']."::".$_GET["nick"]."::".$_GET["id"]) ; var_dump($len); returns int(52) int(46) int(48) int(46) int(48) So in substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len) the length is always zero and for this : $go= substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len); var_dump($go); I get string(0) "" empty string because the length is zero What follows that this condition : if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::admin") is always false I say it should be reversed like this so that we do not get an empty string : if (substr(($line[$i]), strlen($line[$i])-1-$len , strlen($line[$i])-8) =="::admin") What do you think Justsomeguy ? if I am wrong please correct me .

Now I corrected it and the error disappeared . So the code is now like this : <?php ini_set('display_errors', 1); error_reporting(E_ALL); $target = "key.txt"; $sessionuser['user'] = "d0c5258e830e2e23c190d04428cb0fac"; if (isset($_GET["action"])){ if ($_GET["action"]=="register"){ if(isset($_GET["nick"]) and isset($_GET["id"])){ $hfile = fopen($target, "a"); $con_file = file_get_contents($target); if (strpos($con_file, "::".$_GET["nick"])){ $script='<script type="text/javascript">'; $script.="alert(\"Sorry that nick already exist!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } $nick = urldecode(substr($_GET["nick"], 0, 20)); $id = urldecode(substr($_GET["id"], 0, 20)); fputs($hfile, "::".$sessionuser['user']."::".$nick."::".$id."\n"); fclose($hfile); $script='<script type="text/javascript">'; $script.="alert(\"You are registered now!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; }else{ $script='<script type="text/javascript">'; $script.="alert(\"You have to fill out the whole form!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } } if ($_GET["action"]=="login"){ if(isset($_GET["nick"]) and isset($_GET["id"])){ $hfile = fopen($target, "r"); $i = 0; $len; $line; while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], "::".$sessionuser['user']."::" .$_GET["nick"]."::".$_GET["id"]); if ($cntrl){ $len = strlen("::".$sessionuser['user']."::".$_GET["nick"]."::".$_GET["id"]) ; echo "substr('{$line[$i]}', " . (strlen($line[$i])-8) . ", " . (strlen($line[$i])-1-$len) . ") is " . (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)) . '<br>'; } $i += 1; } } else{ echo "Sorry but your input was incorrect. You can't log in without nick or pin!"; } } } ?> <form action="index.php" method="get"> <table width="60%" align="center" cellpadding="0" cellspacing="1"> <tr> <td align="center" class="text"> <br /><input type="text" value="nick" name="nick" maxlength="20" size="20" class="challenge_edit"> <br /><input type="text" value="ID" name="id" maxlength="20" size="20" class="challenge_edit"> <br /><input type="radio" name="action" value="register">register <br /><input type="radio" name="action" value="login">login <br /><br /> <input type=submit class="challenge_submit" value="Execute"> <br /><br /> </td> </tr> </table> </form> This is now the most important : Once I register the information about me are stored in the key.txt file in this form : ::sessionuser::nickname::id So I registered with nickname as hordi and admin as id and I got this : ::d0c5258e830e2e23c190d04428cb0fac::hordi::admin stored in my key.txt file . So now when we analyzing this part of the code : while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], "::".$sessionuser['user']."::" .$_GET["nick"]."::".$_GET["id"]); if ($cntrl){ $len = strlen("::".$sessionuser['user']."::".$_GET["nick"]."::".$_GET["id"]) ; substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len) } $i += 1; } } this is what we get : $line[$i] = fgets ($hfile, 1024); reads the file and when it reaches the end of it , it takes the length of the last ::sessionid::nickname::id which is ::d0c5258e830e2e23c190d04428cb0fac::hordi::admin Now this line substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len) which is the most important , normally does this substr(::d0c5258e830e2e23c190d04428cb0fac::hordi::admin , strlen(::d0c5258e830e2e23c190d04428cb0fac::hordi::admin)-8 , strlen(::d0c5258e830e2e23c190d04428cb0fac::hordi::admin)-1-$len) it becomes substr(::d0c5258e830e2e23c190d04428cb0fac::hordi::admin , 48-8 , 48-1-48) because the strlen of this ::d0c5258e830e2e23c190d04428cb0fac::hordi::admin is 48 and the $len of ::d0c5258e830e2e23c190d04428cb0fac::hordi::admin is 48 so we have substr(::d0c5258e830e2e23c190d04428cb0fac::hordi::admin , 40 , -1) which gives i::admi However your line Justsomeguy echo "substr('{$line[$i]}', " . (strlen($line[$i])-8) . ", " . (strlen($line[$i])-1-$len) . ") is " . (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)) . '<br>'; gave me this result : substr(::d0c5258e830e2e23c190d04428cb0fac::hordi::admin , 41, 0) which gives nothing or an empty string why it gives an empty string because the length is zero and all the result I tried with your line gives me an empty string http://php.net/manual/en/function.substr.php If length is given and is 0, FALSE or NULL, an empty string will be returned So I am confused now . If I am wrong could you please tell me what is wrong in my analysis about the little code above ? what am I missing ?

now after adding the dot before $_GET['nick'] , again another error is shown : Undefined variable: sessionuser in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\index.php on line 51 again this is the line 51 : $cntrl = strstr($line[$i], "::".$sessionuser['user']."::". $_GET["nick"]."::".$_GET["id"]); I see that the sessionuser is defined here : $sessionuser['user'] = "d0c5258e830e2e23c190d04428cb0fac"; What is the problem ? !!!!!!!!

now I added a session user in the code : <?php ini_set('display_errors', 1); error_reporting(E_ALL); $target = "key.txt"; if (isset($_GET["action"])){ if ($_GET["action"]=="register"){ if(isset($_GET["nick"]) and isset($_GET["id"])){ $hfile = fopen($target, "a"); $con_file = file_get_contents($target); if (strpos($con_file, "::".$_GET["nick"])){ $script='<script type="text/javascript">'; $script.="alert(\"Sorry that nick already exist!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } $sessionuser['user'] = "d0c5258e830e2e23c190d04428cb0fac"; $nick = urldecode(substr($_GET["nick"], 0, 20)); $id = urldecode(substr($_GET["id"], 0, 20)); fputs($hfile, "::".$sessionuser['user']."::".$nick."::".$id."\n"); fclose($hfile); $script='<script type="text/javascript">'; $script.="alert(\"You are registered now!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; }else{ $script='<script type="text/javascript">'; $script.="alert(\"You have to fill out the whole form!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } } if ($_GET["action"]=="login"){ if(isset($_GET["nick"]) and isset($_GET["id"])){ $hfile = fopen($target, "r"); $i = 0; $len; $line; while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], "::".$sessionuser['user']."::" $_GET["nick"]."::".$_GET["id"]); if ($cntrl){ $len = strlen("::".$sessionuser['user']."::".$_GET["nick"]."::".$_GET["id"]) ; if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::admin"){ echo "good job"; }else{ header('Location:ccc.php'); } } $i += 1; } } else{ echo "Sorry but your input was incorrect. You can't log in without nick or pin!"; } } } ?> <form action="index.php" method="get"> <table width="60%" align="center" cellpadding="0" cellspacing="1"> <tr> <td align="center" class="text"> <br /><input type="text" value="nick" name="nick" maxlength="20" size="20" class="challenge_edit"> <br /><input type="text" value="ID" name="id" maxlength="20" size="20" class="challenge_edit"> <br /><input type="radio" name="action" value="register">register <br /><input type="radio" name="action" value="login">login <br /><br /> <input type=submit class="challenge_submit" value="Execute"> <br /><br /> </td> </tr> </table> </form> after adding the session user and running the code , an error is provoked : PHP Parse error: parse error, unexpected T_VARIABLE in C:\\Program Files\\Apache Software Foundation\\Apache2.2\\htdocs\\index.php on line 51 this is the line 51 in the code above : $cntrl = strstr($line[$i], "::".$sessionuser['user']."::" $_GET["nick"]."::".$_GET["id"]); I do not know what is the problem in that line ???!!!!!!!

I tried two versions : one like this : while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], $_GET["nick"]."::".$_GET["id"]); if ($cntrl){ $len = strlen($_GET["nick"]."::".$_GET["id"]) ; } echo substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len); $i += 1; } I put the echo after the parenthesis and got this result : in1::46 so I think it gives the last 7 characters from right to left in the last registered nickname::id pair yours : while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], $_GET["nick"]."::".$_GET["id"]); if ($cntrl){ $len = strlen($_GET["nick"]."::".$_GET["id"]) ; echo "substr('$line[$i]', " . strlen($line[$i])-8 . ", " . strlen($line[$i])-1-$len . ") is " . substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len) . '<br>'; } $i += 1; } gave me this result : -19) is what does the minus with the number with ) means and what is the problem with it why it did not output the result otherwise a random weird string of characters what is the problem with it ? Also could you please answer the previous question : "1) I did not get any output although there was absolutely no error . Please tell me Justsomeguy why I did not get any output in that one meanwhile I got output in the other ones" I mean echo $line[$i] = fgets ($hfile, 1024); echo $cntrl = strstr($line[$i], $_GET["nick"]."::".$_GET["id"]); echo $len = strlen($_GET["nick"]."::".$_GET["id"]); echo substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len) ; What is the problem with the fourth echo why it did not output anything ??? meanwhile the other three did output the result with echo . !!!!!!!!!!!!!!????

Thank you Justsomeguy . I did what you told me to do and I repaired all the errors in the code : <?php ini_set('display_errors', 1); error_reporting(E_ALL); $target = "key.txt"; if (isset($_GET["action"])){ if ($_GET["action"]=="register"){ if(isset($_GET["nick"]) and isset($_GET["id"])){ $hfile = fopen($target, "a"); $con_file = file_get_contents($target); if (strpos($con_file, "::".$_GET["nick"])){ $script='<script type="text/javascript">'; $script.="alert(\"Sorry that nick already exist!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } $nick = urldecode(substr($_GET["nick"], 0, 20)); $id = urldecode(substr($_GET["id"], 0, 20)); fputs($hfile, $nick."::".$id."\n"); fclose($hfile); $script='<script type="text/javascript">'; $script.="alert(\"You are registered now!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; }else{ $script='<script type="text/javascript">'; $script.="alert(\"You have to fill out the whole form!\");"; $script.='window.location.href="index.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } } if ($_GET["action"]=="login"){ if(isset($_GET["nick"]) and isset($_GET["id"])){ $hfile = fopen($target, "r"); $i = 0; $len; $line; while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], $_GET["nick"]."::".$_GET["id"]); if ($cntrl){ $len = strlen($_GET["nick"]."::".$_GET["id"]) ; echo substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len); } $i += 1; } } else{ echo "Sorry but your input was incorrect. You can't log in without nick or pin!"; } } } ?> <form action="index.php" method="get"> <table width="60%" align="center" cellpadding="0" cellspacing="1"> <tr> <td align="center" class="text"> <br /><input type="text" value="nick" name="nick" maxlength="20" size="20" class="challenge_edit"> <br /><input type="text" value="ID" name="id" maxlength="20" size="20" class="challenge_edit"> <br /><input type="radio" name="action" value="register">register <br /><input type="radio" name="action" value="login">login <br /><br /> <input type=submit class="challenge_submit" value="Execute"> <br /><br /> </td> </tr> </table> </form> I understood exactly what these lines did by using echo but not as you told me justsomeguy but in a simpler way like this : echo $line[$i] = fgets ($hfile, 1024); echo $cntrl = strstr($line[$i], $_GET["nick"]."::".$_GET["id"]); echo $len = strlen($_GET["nick"]."::".$_GET["id"]); echo substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len) ; and get this : $line[$i] = fgets ($hfile, 1024); read the file this is the output I got user::78 user2::79 john::12 admin::45 admin1::46 each nickname and id are concatenated together with the double semi colon . $cntrl = strstr($line[$i], $_GET["nick"]."::".$_GET["id"]); I got admin1::46 goes to the last nickname::id in the file $len = strlen($_GET["nick"]."::".$_GET["id"]); I got 10 (the length of the last nickname and id in the file ) but for echo substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len) ; 1) I did not get any output although there was absolutely no error . Please tell me Justsomeguy why I did not get any output in that one meanwhile I got output in the other ones. 2) I would like to know in for example $len = strlen($_GET["nick"]."::".$_GET["id"]) ; what is the role of the point ( I mean the point immediately before the "::" and after

I downloaded apache and php and they run correctly . Then I took the code above and made little change on it . I changed the $target and where the data are submitted so it becomes like this : <?php $target = "key.txt"; if (isset($HTTP_GET_VARS["action"])){ if ($HTTP_GET_VARS["action"]=="register"){ if(isset($HTTP_GET_VARS["nick"]) and isset($HTTP_GET_VARS["id"])){ $hfile = fopen($target, "a"); $con_file = file_get_contents($target); if (strpos($con_file, "::".$HTTP_GET_VARS["nick"])){ $script='<script type="text/javascript">'; $script.="alert(\"Sorry that nick already exist!\");"; $script.='window.location.href="hack3.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } $nick = urldecode(substr($HTTP_GET_VARS["nick"], 0, 20)); $id = urldecode(substr($HTTP_GET_VARS["id"], 0, 20)); fputs($hfile, "::".$sessionuser['user']."::".$nick."::".$id."\n"); fclose($hfile); $script='<script type="text/javascript">'; $script.="alert(\"You are registered now!\");"; $script.='window.location.href="hack3.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; }else{ $script='<script type="text/javascript">'; $script.="alert(\"You have to fill out the whole form!\");"; $script.='window.location.href="hack3.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } } if ($HTTP_GET_VARS["action"]=="login"){ if(isset($HTTP_GET_VARS["nick"]) and isset($HTTP_GET_VARS["id"])){ $hfile = fopen($target, "r"); $i = 0; while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], "::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); if ($cntrl){ $len = strlen("::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::admin"){ header('Location:bbb.php'); }else{ header('Location:ccc.php'); } } $i += 1; } $script='<script type="text/javascript">'; $script.="alert(\"Sorry but your nick or your ID are wrong!\");"; $script.='window.location.href="hack3.php";'; $script.='</script>'; $html='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><title>Error!</title></head><body bgcolor="#D0D0D0">'.$script.'</body></html>'; echo $html; } else{ echo "Sorry but your input was incorrect. You can't log in without nick or pin!"; } } }else{ ?> <form action="hack3.php" method="get"> <table width="60%" align="center" cellpadding="0" cellspacing="1"> <tr> <td align="center" class="text"> <br /><input type="text" value="nick" name="nick" maxlength="20" size="20" class="challenge_edit"> <br /><input type="text" value="ID" name="id" maxlength="20" size="20" class="challenge_edit"> <br /><input type="radio" name="action" value="register">register <br /><input type="radio" name="action" value="login">login <br /><br /> <input type=submit class="challenge_submit" value="Execute"> <br /><br /> </td> </tr> </table> </form> <?php //some stuff ?> <?php } ?> When I run it in my PC localhost/hack3.php, I got an input form under which there is the register and login options with execute button . When I put the nick and ID and choose the register option nothing happens and I got an url like this : http://localhost/hack3.php?nick=nick&id=ID&action=register the code is wrong and must be corrected . This is why I cannot run the code you gave me Justsomeguy ::: I mean this : echo 'line[$i]: ' . $line[$i] . '<br>'; echo 'strlen($line[$i]): ' . strlen($line[$i]) . '<br>'; echo '$len: ' . $len . '<br>'; echo "substr('$line[$i]', " . strlen($line[$i])-8 . ", " . strlen($line[$i])-1-$len . ") is " . substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len) . '<br>'; Before I correct the whole code because that little piece of code above , you told me to modify and run , is a part of the big code and cannot be isolated and run alone . The problem is I cannot correct the code above because I do not know what are the errors . I know only that it does not function properly : For example it does not alert you are now registered or you have to fill the form ..... and the data I submitted are not written to the file key.txt and so on ... So what should I do now ?

"but it sounds like you don't want to do that" I want . It is only that I do not have Apache and PHP installed in my PC . But , as long as , you accept to be my teacher in PHP ; then I will install them right now , modify the code as you told me then run it and see what it does . You are right . I need , first , learn PHP .

I never studied PHP programming language or any other programming language at school or university and I have no one , in real life , to help me . I can understand some lines with some researches . However , I cant understand some other lines . The internet is powerful weapon but you cannot solve all your problems only with the internet . That is why I put the code here so that I got some explanations about some lines that I could not understand by myself . So Justsomeguy you have , absolutely no need to tell me things like : "I think you can probably answer most of your questions yourself if you write some code to print out what it's doing." "That's a question for whoever wrote the code. They can use that value to mean whatever they want it to mean. Maybe it's the type of user account." Neither the code is written by me nor could I ask the one who writes it what he/she means by that line and that line for the simple reason that it is a challenge . He/she challenging me and others to understand the code above and I have to figure out myself what he/she means . The code is poorly designed and bad . This is intentional , so that to make it hard for the challenger to solve it easily and quickly . So could you please help me or not ? The explanation of Foxy Mod is wonderful and I could almost understand the code except for these last lines : if ($HTTP_GET_VARS["action"]=="login"){ if(isset($HTTP_GET_VARS["nick"]) and isset($HTTP_GET_VARS["id"])){ $hfile = fopen($target, "r"); $i = 0; while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], "::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); if ($cntrl){ $len = strlen("::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::admin"){ header('Location:bbb.php'); }else{ header('Location:ccc.php'); } } $i += 1; } I could not understand this : if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::admin") Could you please tell me what does it mean ?

1)It reads line by line until it finds a line that matches the current data that is being searched for in the HTTP_GET_VARS variable. When it finds the line, it checks whether "::admin" exists and redirects you based on it. It also checks whether "::member" exists and redirects to somewhere else. the variable being given to GET is admin not ::admin so normally it checks whether admin exist or not and based on it redirects ?? so why you wrote it checks whether "::admin" exists and not admin exists 2) "This line, which is way too convoluted for its own good, just checks that the last 8 characters of the line spell out "::member"" actually the line was "if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::admin")" So how could the last 8 characters of the line spell ::admin if "::admin" is only 7 characters ?? 3)if we take in consideration the line above and that the data , in the server side in the context of our code , are written and stored in such format USER:field1:field2 and that the last 8 characters should spell out ::admin , so what is the order in which they are stored is it like this : USER:NICK:ID or like this USER:ID:NICK ???? when we count the last characters is the separator included ? may be the last characters should spell admin and not ::admin ? 4) what does it mean that last characters should spell ::admin ? does it mean that the nickname submitted in the login form should be ::admin or should be admin?? 5) how can we exploit that vulnerability if we know that the server checks if admin exists then redirects us based on it then we know that admin is a username so how can we login as an admin ??? I would like to know that for educational purpose of course

thank you from the bottom of my heart . Your explanation is wonderful . I would like to ask some further questions 1) In this line : $file = fopen($john, "a"); the "a" is used for writing only . Does this mean that when the page is opened I can write something in it like writing my id or nick or password or username ?? 2)$that_file = file_get_contents($john); file_get_contents — Reads entire file into a string( php manual and w3schools manual too) . Sorry but I did not understand what does it mean by Reads entire file into a string?? 3)$nick = urldecode(substr($HTTP_GET_VARS["nick"], 0, 20)); . in the URL get form or when we send data in URL through get form , why are characters encoded in hexadecimal ? "It's using the first 20 characters of the GET variable called "nick"" . No user will give a nick of 20 characters or more so why the length is put to 20 characters ??? and if it use the first 20 characters of the Get variable what does it do with rest ? discard it ? 4) Generally , What is the need to use this : $line[$i] = fgets ($hfile, 1024)???? what do you mean by "LOAD" (will load a line from the file, but only the first 1024 characters of that line) why should 1024 characters of a line loaded ? and finally could you tell me more about this : strlen($line[$i])-1-$len ?

There are some lines I would like to understand in this php code : <?php $john = "jim.php"; if (isset($HTTP_GET_VARS["action"])){ if ($HTTP_GET_VARS["action"]=="register"){ if(isset($HTTP_GET_VARS["nick"]) and isset($HTTP_GET_VARS["id"])){ $file = fopen($john, "a"); $that_file = file_get_contents($john); if (strpos($that_file, "::".$HTTP_GET_VARS["nick"])){ } $nick = urldecode(substr($HTTP_GET_VARS["nick"], 0, 20)); $id = urldecode(substr($HTTP_GET_VARS["id"], 0, 20)); fputs($file, "::".$sessionuser['user']."::".$nick."::".$id."\n"); fclose($file); } if ($HTTP_GET_VARS["action"]=="login"){ if(isset($HTTP_GET_VARS["nick"]) and isset($HTTP_GET_VARS["id"])){ $file = fopen($target, "r"); $i = 0; while (!feof ($file)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], "::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); if ($cntrl){ $len = strlen("::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::member"){ header('Location:bbb.php'); }else{ header('Location:ccc.php'); } } $i += 1; } ?> Now I will tell you what are the lines that I could not understand : 1)if (strpos($con_file, "::".$HTTP_GET_VARS["nick"])) In the context of the line above , I cannot understand what does the "::" do ? and what does the strpos do ? I read about it in php manual and know what it does but I cannot figure out what it does in the line above . 2)$nick = urldecode(substr($HTTP_GET_VARS["nick"], 0, 20)); $id = urldecode(substr($HTTP_GET_VARS["id"], 0, 20)); fputs($hfile, "::".$sessionuser['user']."::".$nick."::".$id."\n"); the urldecode decodes an url encoded string but what is its role in the lines above ? why it is used ? and why substr is used ? and what does urldecode does when combined with substr ? again what does "::" do in the line above ? and what does the colon "." after "::" does ? 3)$i = 0; while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], "::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); if ($cntrl){ $len = strlen("::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::admin"){ header('Location:bbb.php'); }else{ header('Location:ccc.php'); } } $i += 1; what is $i = 0; ? and why is used ? what does this do : while (!feof ($hfile)){ $line[$i] = fgets ($hfile, 1024); $cntrl = strstr($line[$i], "::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); ?? what is the role of strlen here : strlen("::".$sessionuser['user']."::".$HTTP_GET_VARS["nick"]."::".$HTTP_GET_VARS["id"]); and what does the whole line mean with the "::"??????? finally which is the more complicated , what is the meaning of this line : if (substr(($line[$i]), strlen($line[$i])-8, strlen($line[$i])-1-$len)=="::member") I could not understand it at all Justsomeguy , A lot of questions . Could you please reply them one by one and in a simple way so that I could understand . Or you can give me some simplified articles that help me understand the code above besides your own explanation . I looked for all of them in the PHP manual but I could not understand Best regards

ok

May I know why you do not want me to send you a private message ? what is the problem with it ? in the past I did it and it was ok with you . So why not now ? I have an important reason why I send it in private and you know that .

Justsomeguy , I tried to send a long message to you , privately , with a php code but the message was not sent completely sent to you but 1/4 of it . So I resent it but piece by piece . and when I wanted to sent the last piece which is the most important one , an error came saying " the member justsomeguy cannot receive any message" . The last piece is the important one . Where there are my requests and what I need to know . So what is the solution to sent the last message and why the error was provoked best regards

I would like to know how to decompress a png image and not to view its metadata what is the name of the software which I can use to decompress a png image that is compressed using zip compression? I could not find helpful resources in google

ok I used ImageMagick as you told me and tried to read the metadata : this is a sample : Background color: srgba(254,254,254,1) Border color: srgba(223,223,223,1) Matte color: grey74 Transparent color: none Interlace: None Intensity: Undefined Compose: Over Page geometry: 644x445+0+0 Dispose: Undefined Iterations: 0 Compression: Zip Orientation: Undefined Properties: date:create: 2015-12-30T00:19:33+01:00 date:modify: 2015-12-30T00:19:34+01:00 So the compression used is ZIP . The problem is that I do not know how to decompress a png compressed using zip compression . Justsomeguy could you help me please . Thanks

I want to be able to make the text datastream in the zTXt chunk of a png readable . does ImageMagick decompress the compressed text in the zTXt chunk of a png and make it readable for me ? if not , which uncomplicated software , justsomeguy, do you suggest me to use to make the text under zTXt chunk readable if we take in consideration that the compression method is inflate/deflate compression in zlib format according to this : http://www.w3.org/TR/PNG-Compression.html ??

ok after some researches ; I found that the ZLIB library decompresses the data above . So I downloaded the version 1.2.8 from this site : http://zlib.net/ zlib source code, version 1.2.8, tar.gz format (558K, MD5 checksum 44d667c142d7cda120332623eab69f40): then I read some articles on how to use it : like this : http://www.zlib.net/zlib_how.html http://www.experts-exchange.com/articles/3189/In-Memory-Compression-and-Decompression-Using-ZLIB.html https://bobobobo.wordpress.com/2008/02/23/how-to-use-zlib/ and some others but I am more confused and stuck then before as it seems that some programming skills are involved in C and C++ and it is not a normal software . I have the zlib 1.2.8 installed in my pc (with windows xp) but I do not know how to use it even after reading many articles and the documentation that comes installed with zlib . Could you please provide me step by step on how to use the zlib file installed in my pc to decompress the datastream above in my png photo . As a newbie I am really stuck and cannot find my way best regards and happy new year for both you justsomeguy and Foxy Mod