|
You're assigning empty variables to the session,php:<? $name=$_POST['name']; $address=$_POST['address'];?> php:<? $_SESSION['name'] = $name; $_SESSION['address'] = $address; ?>
|
# ? Aug 17, 2008 22:43 |
|
|
# ? May 16, 2024 17:58 |
|
Standish posted:You're assigning empty variables to the session, I moved the session variables above but still no luck, is there any other reason this could be doing this??
|
# ? Aug 17, 2008 22:50 |
|
Gibbon_WBA posted:I moved the session variables above but still no luck, is there any other reason this could be doing this?? You need to have the PHP bit that you posted in two.php, since that's where the form is going. Otherwise, you're still getting empty variables.
|
# ? Aug 17, 2008 23:05 |
|
thedaian posted:You need to have the PHP bit that you posted in two.php, since that's where the form is going. Otherwise, you're still getting empty variables. Argh I thought I had it then! but no there's still no output on the final page (where is shows the user what he/she has inputted on the previous pages), there's nothing php:<?php session_start(); $name=$_SESSION['name']; $address=$_SESSION['address']; $dateofbirth=$_SESSION['dateofbirth']; $username=$_SESSION['username']; $password=$_SESSION['password']; $accept=$_SESSION['accept']; $email=$_SESSION['email']; $acceptemail=$_SESSION['acceptemail']; echo "$name"; echo "$address"; echo "$dateofbirth"; echo "$username"; echo "$password"; echo "$accept"; echo "$email"; echo "$acceptemail"; ?>
|
# ? Aug 17, 2008 23:33 |
|
Gibbon_WBA posted:Argh I thought I had it then! but no there's still no output on the final page (where is shows the user what he/she has inputted on the previous pages), there's nothing Make sure that your php.ini file is setup to use cookie based sessions, and not URL based session passing. edit: code:
jasonbar fucked around with this message at 00:22 on Aug 18, 2008 |
# ? Aug 18, 2008 00:12 |
|
jasonbar posted:Make sure that your php.ini file is setup to use cookie based sessions, and not URL based session passing. As far as I know; I dont have a php.ini file.
|
# ? Aug 18, 2008 00:21 |
|
You arn't assigning the user supplied values to the session.
|
# ? Aug 18, 2008 00:33 |
|
duz posted:You arn't assigning the user supplied values to the session. php:<? $_SESSION['name'] = $name; ?> Or am i missing something else?
|
# ? Aug 18, 2008 00:46 |
|
Gibbon_WBA posted:I thought that's what this was...? Can you post your whole code on pastebin ? It's kind of hard to debug with what we have right now.
|
# ? Aug 18, 2008 00:58 |
|
Gibbon_WBA posted:
And $name is empty. Alex007 posted:Can you post your whole code on pastebin ? It's kind of hard to debug with what we have right now. Not really. He's assigning unassigned variables to the session then wondering why they're empty when he tries to view them later. $_POST does not contain the values of the form on that page, it contains the values of the form POSTed to it. Doing php:<? $name=$_POST['name']; $_SESSION['name'] = $name; echo " Name: <input type=text name='name'>"; ?> duz fucked around with this message at 01:03 on Aug 18, 2008 |
# ? Aug 18, 2008 01:00 |
|
I've been talking with Gibbon on AIM for a while, and I'm pretty sure we've solved the problem. Though, Gibbon, I urge you to learn how to program with another language. PHP is a pretty terrible beginners language, and there's a million issues of security and other things that could happen. Plus, even though PHP has pretty good documentation, a lot of tutorials are either badly written, or ignore a lot of the security problems that can exist.
|
# ? Aug 18, 2008 03:19 |
|
thedaian posted:I've been talking with Gibbon on AIM for a while, and I'm pretty sure we've solved the problem. Though, Gibbon, I urge you to learn how to program with another language. PHP is a pretty terrible beginners language, and there's a million issues of security and other things that could happen. Plus, even though PHP has pretty good documentation, a lot of tutorials are either badly written, or ignore a lot of the security problems that can exist.
|
# ? Aug 18, 2008 03:41 |
|
Gibbon_WBA posted:Argh I thought I had it then! but no there's still no output on the final page (where is shows the user what he/she has inputted on the previous pages), there's nothing Let me show you how to refactor this type of block... All the typing you're doing is hurting me. php:<? $s='name address dateofbirth username'; //And so on... $a=explode(' ',$s); foreach($a as $x)$$x=$_SESSION[$x]; foreach($a as $x)echo $$x; echo $name; //works ?>
|
# ? Aug 18, 2008 20:15 |
|
It may be even cleaner to put all input variables into an array for organization's sake:php:<? foreach ($_SESSION as $key => $value) { $input[$key] = $value; } echo $input["name"]."<br />\n"; echo $input["address"]."<br />\n"; // and so on... ?> Zorilla fucked around with this message at 22:07 on Aug 18, 2008 |
# ? Aug 18, 2008 21:53 |
|
Arguing over the neatest way to do redundant things ITT?Zorilla posted:It may be even cleaner to put all input variables into an array for organization's sake: Dear god; they're already IN an array! php:<? var_dump($_SESSION); ?> The only copy needed for this at this stage is: php:<? session_start(); foreach(array_keys($_POST) as $k) $_SESSION[$k] = $_POST[$k]; // next stage of your form here... ?> Edit: can't type for toffee tonight KuruMonkey fucked around with this message at 23:38 on Aug 18, 2008 |
# ? Aug 18, 2008 23:31 |
|
Is this:php:<? function check_explored($sector, &$map) { $explored = $this->search_explored(0, (count($map)-1), $sector, $map); if($explored < 0) return -1; return $map[$explored]; } function search_explored($start, $end, $key, &$map) { if($start > $end) return -1; $mid = round(($start + $end)/2); if($map[$mid] == $key) return $mid; elseif($key < $map[$mid]) return $this->search_explored($start, ($mid-1), $key, $map); return $this->search_explored(($mid+1), $end, $key, $map); }?>
|
# ? Aug 19, 2008 04:30 |
|
drcru posted:Faster and or more efficient than in_array? Probably not. One thing to keep in mind is that in_array is a compiled c routine, so its going to be pretty quick. However even if yours was faster, who cares. I don't think you need to worry about milliseconds of difference (which is what the difference would be) unless your site is getting a million hits an hour.
|
# ? Aug 19, 2008 13:44 |
|
Gotcha. Now for another question I haven't seen in awhile... How should I store passwords in MySQL? The only way I know of is to MD5 it with a salt. How would a security conscious goon do it?
|
# ? Aug 21, 2008 10:46 |
|
drcru posted:How should I store passwords in MySQL? The only way I know of is to MD5 it with a salt. How would a security conscious goon do it? That's pretty much it, I think. You could make the login process done through SSL or use Javascript to MD5 the password on the client side so it isn't sent out cleartext, but you're on the right track so far.
|
# ? Aug 21, 2008 12:39 |
|
drcru posted:Gotcha. Use SHA-1. Otherwise, salting it is pretty much the right thing to do.
|
# ? Aug 21, 2008 13:06 |
|
Zorilla posted:That's pretty much it, I think. You could make the login process done through SSL or use Javascript to MD5 the password on the client side so it isn't sent out cleartext, but you're on the right track so far. Well I did get a free SSL certificate from Namecheap a week or two back so I'll give that a shot as well, thanks. MononcQc posted:Use SHA-1. Otherwise, salting it is pretty much the right thing to do. Is there a huge difference between MD5 and SHA-1 other than the bit lengths? I would like to try something new, SHA-1 in this case, but I would like to keep our user accounts fairly safe from tampering. Thanks for help so far goons.
|
# ? Aug 21, 2008 23:30 |
|
drcru posted:Is there a huge difference between MD5 and SHA-1 other than the bit lengths? I would like to try something new, SHA-1 in this case, but I would like to keep our user accounts fairly safe from tampering. MD5 is very broken, SHA1 is only kind of broken.
|
# ? Aug 21, 2008 23:50 |
|
duz posted:MD5 is very broken, SHA1 is only kind of broken. Are collisions really that big of a problem with password hashing?
|
# ? Aug 22, 2008 00:03 |
|
So would you add a salt before and after?
|
# ? Aug 22, 2008 00:06 |
|
drcru posted:So would you add a salt before and after? If you want to be paranoid-- generate ~16 random bytes for salt hash salt . password do another ~100 rounds of hashing on the result store the salt + hash in the database This will make bruteforcing really slow, and rainbow tables impractical.
|
# ? Aug 22, 2008 00:10 |
|
Scaevolus posted:do another ~100 rounds of hashing on the result For a salt, in PHP, I just use sha1(uniqid(mt_rand(), true).
|
# ? Aug 22, 2008 00:52 |
|
Mine GO BOOM posted:Hashing a hash only increases the chance of collisions and doesn't make it more secure. Collisions aren't a problem if you're salting; the point is that hashing that many times would gently caress up rainbow tables since they'd take millennia to generate and bruteforcing would also be slow as poo poo.
|
# ? Aug 22, 2008 02:51 |
php:<? $query = $database->prepare("UPDATE table SET field = field + :value WHERE id = :id"); $query->bindParam(":id", $id); $query->bindParam(":value", $value); ?> fletcher fucked around with this message at 08:34 on Aug 22, 2008 |
|
# ? Aug 22, 2008 08:26 |
|
I will freely admit to being an idiot here but I have no idea how to do this and it's really been bothering me for a while (few hours). I just started using PHP with mysql about six hours ago and have managed to do the following. (e; I will also freely admit that I stole a whole lot of the code from google.)code:
|
# ? Aug 25, 2008 02:06 |
|
The March Hare posted:...random video... You can do this using one sql statement, mysql_query() and http://www.php.net/mysql_fetch_assoc code:
|
# ? Aug 25, 2008 02:48 |
|
jasonbar posted:You can do this using one sql statement, mysql_query() and http://www.php.net/mysql_fetch_assoc You're the best, I'll test this now and get back to the thread with results
|
# ? Aug 25, 2008 03:14 |
|
Alright, after all this time I have managed to concoct thiscode:
code:
|
# ? Aug 25, 2008 04:26 |
|
change all the php:<? echo $row; ?> php:<? echo $row['URl'] ?>
|
# ? Aug 25, 2008 04:28 |
|
bt_escm posted:change all the You da man, thanks
|
# ? Aug 25, 2008 04:32 |
|
I have a huge array that is filled with strings in the form of "ABC-DEF", "ABC-XYZ", "XYZ-ABC", etc. I want to not only remove duplicates (which is very easy), but also remove any "reverse" duplicates. For instance, only one of "XYZ-ABC" and "ABC-XYZ" should exist. Each three letter "word" represents a start point and an end point in a line. I only need each line once, not its "backcourse". This seems like a very simple problem, but I can't think of a simple solution that doesn't involve tons of lines of code and large memory useage.
|
# ? Aug 25, 2008 15:38 |
|
nbv4 posted:"ABC-DEF" Wherever and however you are checking for a dupe, construct the inverse and check for "dupe OR inverse" e.g. if you have $a = "ABC-DEF" and check something like php:<? $a = "ABC-DEF"; $current = "???-???"; // i.e. your current possibile dupe if($a == $current) { // de-dupe } ?> php:<? $a = "ABC-DEF"; $current = "???-???"; // i.e. your current possibile dupe if($a == $current || implode("-", array_reverse(explode("-", $a)))) == $current) { // de-dupe } ?> if there are more details to the way XYZ-ABC is constructed (like if XZY == XYZ) you can probably find some more easy optimisation by eliminating the - and sorting the characters before comparing, or something. There's probably also a cleverer way to do this if it becomes worth building a cache of mappings you've seen one way already (depends how common dupes will be, if you are running this test as part of an iteration that has to happen anyway etc etc) Edit: I'm an idiot; change however you get the data into the array to only ever store "xyz-abc" OR "abc-xyz" as "abc-xyz" and then never have to do the reversing check while iterating. 2nd Edit: do as in edit 1, even if you just loop through tidying once on load, then you can just use array_unique, which on reflection you are probably doing now... (depends how huge the huge array is I guess) KuruMonkey fucked around with this message at 16:05 on Aug 25, 2008 |
# ? Aug 25, 2008 15:57 |
|
KuruMonkey posted:Wherever and however you are checking for a dupe, construct the inverse and check for "dupe OR inverse" I'm not really "checking" for dupes, I'm just doing: php:<? $line_array = array_values(array_unique($line_array)); ?> php:<? implode("-", array_reverse(explode("-", $line_string))))?>
|
# ? Aug 25, 2008 16:07 |
|
nbv4 posted:I'm not really "checking" for dupes, I'm just doing: ..... A couple of things to keep in mind 1. Don't worry about how memory intensive it is unless you are actually seeing a performance hit under load. 2. Searching on array keys is faster than searching on array values One thing you can do is read from the old array, and insert into a new array and have it keyed by the value you want to have unique code:
Secondly, its searching on keys instead of values. So this should be a lot faster.
|
# ? Aug 25, 2008 16:41 |
|
nbv4 posted:Basically "removing the dupe" just means removing it from the array. The only way I can think of is to determine what the inverse of the current string is: php:<? function sortNode($line_string) { return implode("-", array_reverse(explode("-", $line_string)))); } $line_array = array_values(array_unique(array_map('sortNode', $line_array))); ?>
|
# ? Aug 25, 2008 17:21 |
|
|
# ? May 16, 2024 17:58 |
|
So, uh. Arbitrary precision bitwise operators? I'm using BCMath, but Christ. What a loving mess.
|
# ? Aug 25, 2008 23:27 |