Search found 81 matches

by mabufo
Tue Jul 10, 2007 6:14 pm
Forum: PHP - Code
Topic: php forms
Replies: 8
Views: 851

by mabufo
Sat Jul 07, 2007 11:27 pm
Forum: PHP - Theory and Design
Topic: serving content to users
Replies: 4
Views: 1275

serving content to users

I wasn't quite sure where to put this, but it has to do with design(non visual, more or less content organization) and php, but on somewhat separate levels. I suppose I'll leave it up to moderator to move it if this isn't the right area. The website I am working with is set up to use a series of inc...
by mabufo
Sat Jul 07, 2007 11:15 pm
Forum: PHP - Security
Topic: Proper Includes via $_GET
Replies: 59
Views: 168942

I'm not asking you do design a commercial website for me, I'm not asking you to code me a cms. I was merely asking on how to secure my php include calls. I'm not trying to take advantage of you by asking for code snippets, that's not what I'm here for. If I came off like that, I am sorry. I suppose ...
by mabufo
Sat Jul 07, 2007 9:54 pm
Forum: PHP - Security
Topic: Proper Includes via $_GET
Replies: 59
Views: 168942

feyd wrote:"that" being?
You know what? Forget it. You're enjoying this a little too much, if you ask me.
by mabufo
Sat Jul 07, 2007 9:41 pm
Forum: PHP - Security
Topic: Proper Includes via $_GET
Replies: 59
Views: 168942

mabufo wrote:
feyd wrote:A database supplied list of "valid" files.
This brings up the all important question, how do I do that?
by mabufo
Sat Jul 07, 2007 9:17 pm
Forum: PHP - Security
Topic: Proper Includes via $_GET
Replies: 59
Views: 168942

I'm not a database developer, and you are not being helpful. I may as well live up to that expectation then. Do you give everyone the runaround like this? Or just the folks who need assistance? EDIT: Seriously now, I come on here asking for assistance - and all you can do is poke fun at me because ...
by mabufo
Sat Jul 07, 2007 9:06 pm
Forum: PHP - Security
Topic: Proper Includes via $_GET
Replies: 59
Views: 168942

feyd wrote:What do you think it means?
I'm not a database developer, and you are not being helpful.
by mabufo
Sat Jul 07, 2007 8:54 pm
Forum: PHP - Security
Topic: Proper Includes via $_GET
Replies: 59
Views: 168942

A database supplied list of "valid" files. See guys, sometimes it pays off to be a little less vague, then maybe the person asking for help could actually get somewhere. Thank you feyd. This brings up the all important question, how do I do that? Give me a phrase to search google for, som...
by mabufo
Sat Jul 07, 2007 8:40 pm
Forum: PHP - Security
Topic: Proper Includes via $_GET
Replies: 59
Views: 168942

When you guys say databasing... what exactly are you talking about?

Someone PM me.
by mabufo
Sat Jul 07, 2007 6:24 pm
Forum: PHP - Security
Topic: Proper Includes via $_GET
Replies: 59
Views: 168942

superdezign wrote:You could have started a new one and then just linked to this one.
I didn't know this one existed, but thanks though.
by mabufo
Sat Jul 07, 2007 5:17 pm
Forum: PHP - Security
Topic: Proper Includes via $_GET
Replies: 59
Views: 168942

This way is better: <?php $pages = array('main.php', 'blah.php', 'foo.php'); isset($pages[$_GET['p']]) ? include($pages[intval($_GET['p'])]) : include('default.php'); ?> The problem I'm having, is that I am working with a LARGE number of pages... How do I get around typing them all into an array? S...
by mabufo
Sat Jul 07, 2007 1:38 pm
Forum: PHP - Code
Topic: Securing include() code.
Replies: 2
Views: 433

Securing include() code.

Would this be a viable solution to securing an include() call in a php script to protect from injection? <html> <body> <?php echo 'hello<br/>'; /* The purpose here is to validate the filepath of the $page variable, that is being passed to the include function, in order to confirm it's validity, and ...
by mabufo
Tue Jul 03, 2007 2:19 pm
Forum: PHP - Code
Topic: How can I handle errors with include/require?
Replies: 8
Views: 607

toasty2 wrote:Ah, a nice time to use the ternary operator :)

Code: Select all

file_exists('file.php') ? require 'file.php' : die('Error Message');
I always want to use that, but somehow never end up doing it. Good for you!
by mabufo
Thu Jun 28, 2007 2:20 am
Forum: PHP - Code
Topic: Checking for blsnk fields
Replies: 3
Views: 1080

if (empty($_POST['name'])){ do something } You need to specify that the variable resides in the _POST array, from your form. the isset() function would work fine here as well; check my example. You receive the message because '$name' doesn't exist outside of the post array. If you want to simplify ...
by mabufo
Wed Jun 27, 2007 10:42 pm
Forum: PHP - Code
Topic: Checking for blsnk fields
Replies: 3
Views: 1080

The form will pass email application.php two variables: $_POST['name'] and $_POST['dob'] You simply need to use a conditional to check that they have been set with the data inputted by the user. Like so: if (isset($_POST['name'], $_POST['dob'])) { echo "This var is set so I will print."; }...