Re: [PHP] Why isn't this working?
On Friday 28 June 2002 21:05, JJ Harrison wrote: Please think of a more descriptive subject. Here is my code: $query = UPDATE poll_options SET votes + 1; mysql_query($query); All where conditions have were removed to try and fix the problem How isn't it working? -- Jason Wong - Gremlins Associates - www.gremlins.com.hk Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * /* Fairy Tale, n.: A horror story to prepare children for the newspapers. */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Why isn't this working?
Have you tried: $query = UPDATE poll_options SET votes = votes + 1; * * Cal Evans * Journeyman Programmer * Techno-Mage * http://www.calevans.com * -Original Message- From: JJ Harrison [mailto:[EMAIL PROTECTED]] Sent: Friday, June 28, 2002 8:05 AM To: [EMAIL PROTECTED] Subject: [PHP] Why isn't this working? Here is my code: $query = UPDATE poll_options SET votes + 1; mysql_query($query); All where conditions have were removed to try and fix the problem -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Why isn't this working? :(
Can someone try to figure out what's wrong with my code?
What are you expecting, and what are you seeing?
-Original Message-
From: Leif K-Brooks [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 23, 2002 11:12 AM
To: [EMAIL PROTECTED]
Subject: [PHP] Why isn't this working? :(
I have a site where users can sign up. I have had huge problems with people
using auto-signups, so I tried to stop them with an authentication image.
Someone has since gotten around that. I highly doubt he is using OCR. Can
someone try to figure out what's wrong with my code? Here it is:
Contents of auth_image.php:
?php
$dbh = mysql_connect (MYSERVER, MYUSER, MYPASS);
mysql_select_db (MYDB,$dbh);
$authimage = ImageCreate(40,15);
$white = ImageColorAllocate($authimage, 255, 255, 255);
$black = ImageColorAllocate($authimage, 0, 0, 0);
header(Content-type: image/jpeg);
$getcode = mysql_fetch_array(mysql_query(select * from signupcodes where id
= '$id'));
imagestring($authimage,5,0,0,$getcode[code],$black);
imagejpeg($authimage);
imagedestroy($authimage);
?
Some code from signup.php:
//I do seed the random number in the header
$code = mt_rand(1000,);
mysql_query(insert into signupcodes(code) values('$code'));
$codeid = mysql_insert_id();
input type=hidden name=codeid value=$codeidimg
src='authimage.php?id=$codeid'br
bCode from above:/b input type=text name=codebr
At top of proccess_signup.php:
$getcode = mysql_fetch_array(mysql_query(select * from signupcodes where id
= '$codeid'));
if($code != $getcode[code]){
die(bError:/b wrong code);
}
In the middle of process_signup.php, after I've done checks of a few other
things:
echo You're a member! :Dbra href='/'Back to homepage/a;
mysql_query(delete from signupcodes where id='$codeid') or print
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Why isn't this working? :(
At 9:11 PM -0400 22/4/02, Leif K-Brooks wrote:
At 9:11 PM -0400 22/4/02, Leif K-Brooks wrote:
I have a site where users can sign up. I have had huge problems with people
using auto-signups, so I tried to stop them with an authentication image.
Someone has since gotten around that. I highly doubt he is using OCR. Can
someone try to figure out what's wrong with my code?
I can't see anything wrong with it. Maybe the hacker is smarter than
you give him credit for.
$authimage = ImageCreate(40,15);
Try randomising the size of the image. That'll stuff up any hash tables
he's built.
imagestring($authimage,5,0,0,$getcode[code],$black);
and try varying the offset of the string in the image.
$code = mt_rand(1000,);
Only 8999 possible codes? Is he brute-forcing it?
Check the server logs for thousands of verification attempts.
if($code != $getcode[code]){
die(bError:/b wrong code);
And consider deleting the code after 3 incorrect attempts.
...R.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Why isn't this working? :( - I found my solution!
Thanks for everyone's help. I just figured out was wrong. I wasn't checking if a code was being returned. So all he had to do was chenge the codeid field to a non-existant code. Lol. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] why isn't this working? (many questions inside)
Just curious, why not use FTP for such a large file? /dkm - Original Message - From: Wei Weng [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, January 28, 2002 8:39 PM Subject: [PHP] why isn't this working? (many questions inside) First, I am running (currently) php 4.0.6 under Redhat 7.2 with kernel 2.4.10 I know you can do the following: ? header(Content-type: application/force-download); header(Content-disposition: attachment; filename=blah.txt); readfile(blah.txt); ? to force the user to download a file. However, this wouldn't work if blah.txt is larger than 2G on my machine with php 4.0.6 for Redhat 7.2, because all the file I/O operations are done in 32 bits functions. So here are two solutions i though about: 1) instead of readfile(blah.txt), do a passthru(cat blah.txt). Since the basic idea of forcing a download is to pipe the file content to the standard output (which is the browser in this case), i don't understand why passthru(cat blah.txt) wouldn't do the trick. In fact, I can only download about 88Mbs of the whole 4G file I planned to download. 2) recompile the php package with -D_FILE_OFFSET_BITS=64 enabled. However, with the ./configure; make; make install, i can't seem to figure out where to stick the option in. (prefer doing it in one of the configure arguments if possible) Forgive me if I posted this to the wrong mailing list, I had been losing hairs over these puzzled questions. TIA. -- Wei Weng Network Software Engineer KenCast Inc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] why isn't this working? (many questions inside)
Maybe your script timed out before it could finish. Try set_time_limit(0) Another possibility is that your browser gave up. You may need 4GB of disk cache because browsers usually save all files in cache before copying them to the place you designate. Robin Wei Weng wrote: First, I am running (currently) php 4.0.6 under Redhat 7.2 with kernel 2.4.10 I know you can do the following: ? header(Content-type: application/force-download); header(Content-disposition: attachment; filename=blah.txt); readfile(blah.txt); ? to force the user to download a file. However, this wouldn't work if blah.txt is larger than 2G on my machine with php 4.0.6 for Redhat 7.2, because all the file I/O operations are done in 32 bits functions. So here are two solutions i though about: 1) instead of readfile(blah.txt), do a passthru(cat blah.txt). Since the basic idea of forcing a download is to pipe the file content to the standard output (which is the browser in this case), i don't understand why passthru(cat blah.txt) wouldn't do the trick. In fact, I can only download about 88Mbs of the whole 4G file I planned to download. 2) recompile the php package with -D_FILE_OFFSET_BITS=64 enabled. However, with the ./configure; make; make install, i can't seem to figure out where to stick the option in. (prefer doing it in one of the configure arguments if possible) Forgive me if I posted this to the wrong mailing list, I had been losing hairs over these puzzled questions. TIA. -- Wei Weng Network Software Engineer KenCast Inc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
