Search
Left Quote    Knowledge speaks, but wisdom listens.
- Jimi Hendrix    
Right Quote
 
[login] | [Register]
Forum Index » PHP and mySQL » Viewing Topic and Replies
Post Reply


        Viewing Topic: My own forum - updated 5/9
  This user is offline  David1159
  Subject: "My own forum - updated 5/9" Posted: @ 6:19 pm on May 02 2008   

Member #: 526
Rank: User - (81)
Since: 12/27/07
Posts: 81
From: usa

Don't give me the answer to these questions, give me a nudge in the right direction. I'd like to do it on my own

My forum
Login as Guest, if you'd like to look.

I have forum categories, lists of topics in different categories, and posting working.

I need help here-
[qoute] and [url] tags to insert in the textarea. I think I need to do it in script not php right?

Also are you using buttons? OnClick?

The other question I have about tags is, the code just replaces [url] with <a href> so it becomes visible in the existing posts. The same with [I]italic, it just replaces it <i> correct?

Few months ago, I came here not knowing anything about php. Now I can't get enough of it.

Edited at 12:18:54 am on 05/10/08


Coding is simply CST... Combining $hit Together. We make different $hit to run in unison correctly.
    Viewed: 12,847 Times | Reply to This | To top
  This user is offline  David1159
  Subject: "re: My own forum -- the main part i..." Posted: @ 6:55 pm on May 03 2008    

Member #: 526
Rank: User - (81)
Since: 12/27/07
Posts: 81
From: usa

Well not sure who, but someone logged in as guest and gave some pointers.

Just like to say thanks.

I placed restrictions on all forms now (login/register /posts), only allowing letters, numbers, and a few others( . , " ). Also you have to post at least 1 word or your message won't get posted, so blank posts aren't possible now.

Ummm, not sure how to prevent sql injection. I read a couple of guides on the net. I think what I got from it was I need to filter my inputs?

Also, I am really making this for fun, trying to learn more about php. I really want to see if I can do it.

edit-
Okay for sql injection issues, I blocked all sql commands. If a user posts in any input: DELETE FROM, ALTER TABLE, SELECT *, and all the other commands, it will die() before the database is reached.



Edited at 07:46:55 pm on 05/03/08


Coding is simply CST... Combining $hit Together. We make different $hit to run in unison correctly.

    Viewed: 12,817 Times | Reply to This | To top
  This user is offline  Genius
  Subject: "re: My own forum -- the main part i..." Posted: @ 1:28 am on May 05 2008    

Member #: 582
Rank: User - (77)
Since: 02/18/08
Posts: 76
From: kmmk

Hmm, I tried to inject SQL command to your site, almost all failed. Then I just went to googled some stuff and could see all your works. Have a index.php page on every folder .




    Viewed: 12,792 Times | Reply to This | To top
  This user is offline  David1159
  Subject: "re: My own forum -- the main part i..." Posted: @ 1:39 am on May 05 2008    

Member #: 526
Rank: User - (81)
Since: 12/27/07
Posts: 81
From: usa

Yeah, I know my main index has nothing, I just left it like that for the time being so I didn't have to type the whole address in everytime. Its a test site for me.

Yeah, when it is posted, I have it search the string for a array of extensions, characters, and certain words, than if it comes up positive, you get a die(). I realized I am going to block this --, because that is common in injections.

What do you mean almost all failed?




Coding is simply CST... Combining $hit Together. We make different $hit to run in unison correctly.

    Viewed: 12,788 Times | Reply to This | To top
  This user is offline  bs0d
  Subject: "re: My own forum -- the main part i..." Posted: @ 4:15 am on May 05 2008    

Member #: 1
Rank: Admin. - (1,505)
Since: 02/06/05
Posts: 600
From: USA

be sure to use addslashes() for variables when you're inserting data into a database, and stripslashes() when outputting data from a database. This prevents SQL injection potential. magic_quotes_gp c() is now depricated and removed as of php 6.0 - relying on that is discourged as indicated from the php.net website.




-bs0d | AllSyntax.com

    Viewed: 12,785 Times | Reply to This | To top
  This user is offline  David1159
  Subject: "re: My own forum -- the main part i..." Posted: @ 6:07 pm on May 05 2008    

Member #: 526
Rank: User - (81)
Since: 12/27/07
Posts: 81
From: usa

Thanks bs0d. I didn't use those either, I will add them.

I'll be honest, I am not sure if I am even doing any of this correct, I never took classes on php.

@bs0d

How did you do your tags like [Link]. Did you use javascript?




Coding is simply CST... Combining $hit Together. We make different $hit to run in unison correctly.

    Viewed: 12,772 Times | Reply to This | To top
  This user is offline  solphate
  Subject: "re: My own forum -- the main part i..." Posted: @ 2:55 am on May 06 2008    
Member #: 581
Rank: User - (24)
Since: 02/18/08
Posts: 24

It looking real good the structure ok. It better than what i could do.

Kudos to you




It me it me

    Viewed: 12,761 Times | Reply to This | To top
  This user is offline  Genius
  Subject: "re: My own forum -- the main part i..." Posted: @ 2:56 am on May 06 2008    

Member #: 582
Rank: User - (77)
Since: 02/18/08
Posts: 76
From: kmmk

 David1 159 said...

< i>What do you mean almost all failed?< /i>

Double check register.php
It didn't detect injenction and I couldn't hack cuz I suck at web hacking .




    Viewed: 12,758 Times | Reply to This | To top
  This user is offline  bs0d
  Subject: "re: My own forum -- the main part i..." Posted: @ 3:32 am on May 06 2008    

Member #: 1
Rank: Admin. - (1,505)
Since: 02/06/05
Posts: 600
From: USA

  David1159 said...

< i> Thanks bs0d. I didn't use those either, I will add them. :)

I'll be honest, I am not sure if I am even doing any of this correct, I never took classes on php.

@bs0d

How did you do your tags like [Link]. Did you use javascript?


I used the preg_replace() function, it looks like this:

$var = preg_replace(' /\[link\=(.*? )\](.*?)\[\/ link\]/', "<a href=\"$ 1\" target='_blank '>$2</a& gt;", $var );




-bs0d | AllSyntax.com

    Viewed: 12,754 Times | Reply to This | To top
  This user is offline  David1159
  Subject: "re: My own forum -- the main part i..." Posted: @ 3:55 am on May 06 2008    

Member #: 526
Rank: User - (81)
Since: 12/27/07
Posts: 81
From: usa

cool, thanks guys for the help, much appreciated.

I just finished so topics will have pages 1,2,3 if there are more than 10 posts. wasn't that hard either.

I spent the last 2 hours recoding it, fixed a ton of problems. it is much much more solid now. trunicated my tables, started fresh.

Once again, thanks, especially bs0d.




Coding is simply CST... Combining $hit Together. We make different $hit to run in unison correctly.

    Viewed: 12,751 Times | Reply to This | To top
  This user is offline  David1159
  Subject: "re: My own forum - updated 5/9" Posted: @ 12:19 am on May 10 2008    

Member #: 526
Rank: User - (81)
Since: 12/27/07
Posts: 81
From: usa

k, I have all different tags [B][LINK][IMG][ URL] etc.

Everything works in Firefox not in IE , another reason why IE sucks

<BR><f ont size=1><u >Code:</u ></font&g t;<BR>< ;div name="div _box" class="di vCode"> ;<input type="but ton" value="UR L" OnClick=" document.posts. message.value = document.posts. message.value + '[URL=http://. .. ]description[/U RL]';" >




Its really coming along now, I can't believe its going this smoothly.

EDIT--
My older brother showed me what was wrong with my javascript.



Edited at 05:30:45 am on 06/17/08


Coding is simply CST... Combining $hit Together. We make different $hit to run in unison correctly.

    Viewed: 12,633 Times | Reply to This | To top
  This user is offline  Vilice
  Subject: "re: My own forum - updated 5/9" Posted: @ 7:56 am on Jul 15 2008    
Member #: 718
Rank: User - (5)
Since: 07/14/08
Posts: 5

Very clean design. I jumped around a bit and everything worked the way I would expect if I was looking for breed information. I'm impressed.




Hostmonster special promo Discount link $4.95/mth - Unlimited storage space, unlimited bandwidth transfer http://hostmons ter.co.in

    Viewed: 11,364 Times | Reply to This | To top
Viewing Page: 1 of 1


1 |

You must be logged in to post on the forums. Login or Register








"AllSyntax.com" Copyright © 2002-2018; All rights lefted, all lefts righted.
Privacy Policy  |  Internet Rank