Web Dev Questions That Don't Need Their Own Thread v4 - Developers

[QUOTE=gokiyono;43403034]Yeah, but be skeptical about some of the stuff you learn at the basic course. We had to learn stuff like mysql_* and actionscript.[/QUOTE] The basics should be most definitely the thing we SHOULD listen to, so I don't get why they can be that off. I learned floating, so inline-block seems weird to get in to. :v:

Are there any good payment gateways which allow cryptocurrencies in their TOS? Trying to create an exchange where the users can simply use their credit cards to quickly buy said crypto.

[QUOTE=Moofy;43404151]The basics should be most definitely the thing we SHOULD listen to, so I don't get why they can be that off. I learned floating, so inline-block seems weird to get in to. :v:[/QUOTE] its ok in the beginning i learned to use float too. using [code]display: inline-block;[/code] and sometimes with [code]vertical-align: top;[/code] will be your best friend.

[QUOTE=Moofy;43404151]The basics should be most definitely the thing we SHOULD listen to, so I don't get why they can be that off. I learned floating, so inline-block seems weird to get in to. :v:[/QUOTE] The basics like deprecated stuff? The first thing we were told on the main course was to not use mysql_ anymore. That isn't really the basics, that is making it more complicated.

[QUOTE=gokiyono;43405398]The basics like deprecated stuff? The first thing we were told on the main course was to not use mysql_ anymore. That isn't really the basics, that is making it more complicated.[/QUOTE] It's pretty easy to migrate from mysql_ to mysqli::. I know there's PDO but mysqli:: still works and I believe it's not getting deprecated anytime soon.

[QUOTE=Khub;43406528]It's pretty easy to migrate from mysql_ to mysqli::. I know there's PDO but mysqli:: still works and I believe it's not getting deprecated anytime soon.[/QUOTE] Complete waste of time then. Of course you can show them a piece of mysql_ query and say that is not how to do it, but spending a few months with using mysql_ to then be told not to use it is just pointless. Especially when there are people who aren't the best of learners.

Hello, I have a problem and I hope someone will be able to find a solution. I just changed hoster and the website doesn't work completely. Basically the problem is that some code doesn't work. Where it checks if(!empty($db_password) and ($md5pass == $db_password)) the echo works but the other things don't and it's not only there. I have a similar problem with other files as well. [code] $username = $_POST['user']; if(isset($username)) { $password = $_POST['password']; $md5pass = md5($password); $check_user = "SELECT ID,username,password FROM Members "; $check_user .= "WHERE username = '".$username."'"; $checkuser_query = mysqli_query($dbconnection,$check_user); while($row = mysqli_fetch_array($checkuser_query,MYSQL_ASSOC)) { $db_userid = $row['ID']; $db_username = $row['username']; $db_password = $row['password']; $db_avatar = $row['avatar']; } if(!empty($db_password) and ($md5pass == $db_password)) { echo 'you are not awesome.'; setcookie("LoginAuthorised","LoginAuthorised",time()+7200,"/"); setcookie("id",$db_userid,time()+7200,"/"); setcookie("username",$db_username,time()+7200,"/"); header("Location: user.php?value=confirm"); }else { echo '<div id="error">Password does not match</div>'; } } echo '<p></p><p></p> <div id="lg_login_form"> <form name="login_form" method="post"> <div id="lg_login_title">Log In</div> <div id="lg_login_form2"> <label>Username:</label> <input type="text" name="user" id="username" value="" maxlength="20" /> <label>Password:</label> <input type="password" name="password" value="" maxlength="20" /> <input name="submit_login" type="submit" value="Log In" id="lg_submit_log" /> <p></p> <p></p> <div id="lg_control_text">You have to login to access User Panel</div> </div> </form> <form name="register_redirect" action="user.php?value=register" method="post" id="lg_register_redirect" > <label>If you want to login you have to register first. Registering takes only a few moments and it gives you multiple features.<br/></label> <input name="submit_registration" type="submit" value="Register" id="lg_submit_reg_log" /> <p></p> </form> </div>'; [/code]

Your code is vulnerable to SQL injection. Use prepared statements or at the very least mysqli_real_escape_string() on $username.

[QUOTE=CBastard;43416065]Your code is vulnerable to SQL injection. Use prepared statements or at the very least mysqli_real_escape_string() on $username.[/QUOTE] This is the login system, do I have to add that in there as well or only when they register ?

[QUOTE=CBastard;43416065]Your code is vulnerable to SQL injection. Use prepared statements or at the very least mysqli_real_escape_string() on $username.[/QUOTE] Shouldn't he also move away from using md5 to store passwords? [editline]4th January 2014[/editline] [QUOTE=BoowmanTech;43416134]This is the login system, do I have to add that in there as well or only when they register ?[/QUOTE] When you do any SQL query with data not already in the database

[QUOTE=gokiyono;43416140]Shouldn't he also move away from using md5 to store passwords?[/QUOTE] I am going to change it from md5 to hash [editline]4th January 2014[/editline] [QUOTE=gokiyono;43416140]When you do any SQL query with data not already in the database[/QUOTE] Ok

[QUOTE=BoowmanTech;43416227]I am going to change it from md5 to hash [editline]4th January 2014[/editline] Ok[/QUOTE] I have used the [URL="https://github.com/ircmaxell/password_compat"]password_compat[/URL] library for a while, it seems really good, and it works.

[QUOTE=BoowmanTech;43416134]This is the login system, do I have to add that in there as well or only when they register ?[/QUOTE] An attacked could easily pass ' OR ID = 1 -- and log in. SELECT ID, username, password FROM Members WHERE username = '' OR ID = 1 Additionally they could pass '; DROP TABLE Members -- Also you should use a computationally costly hashing algorithm like bcrypt instead of fast ones like SHA-2.

[QUOTE=CBastard;43416264]An attacked could easily pass ' OR ID = 1 -- and log in. SELECT ID, username, password FROM Members WHERE username = '' OR ID = 1 Additionally they could pass '; DROP TABLE Members -- Also you should use a computationally costly hashing algorithm like bcrypt instead of fast ones like SHA-2.[/QUOTE] Wouldn't it also be a good idea to use htmlentities with ENT_QUOTES when he stores it?

Hello, I'm trying to figure out how to get the content on one of my pages to be arranged next to each other. At the moment, the content is under each other. (Image: [url]http://puu.sh/69yTy.jpg[/url] ). What I'm trying to do is get it so the December 2013 part is to the right of October 2013 (Image: [url]http://puu.sh/69yZo.jpg[/url] ). I don't particularly want to make a table to align... I can paste the current code if needed. P.S Is this the right place or should I make a separate thread?

[QUOTE=CBastard;43416264]An attacked could easily pass ' OR ID = 1 -- and log in. SELECT ID, username, password FROM Members WHERE username = '' OR ID = 1 Additionally they could pass '; DROP TABLE Members -- Also you should use a computationally costly hashing algorithm like bcrypt instead of fast ones like SHA-2.[/QUOTE] Well, technically "' OR 1=1" is *better*, as it will always work and not only when there is a column called ID which also has a value of 1 at some point.

[QUOTE=CM Punk;43416826]Hello, I'm trying to figure out how to get the content on one of my pages to be arranged next to each other. At the moment, the content is under each other. (Image: [url]http://puu.sh/69yTy.jpg[/url] ). What I'm trying to do is get it so the December 2013 part is to the right of October 2013 (Image: [url]http://puu.sh/69yZo.jpg[/url] ). I don't particularly want to make a table to align... I can paste the current code if needed. P.S Is this the right place or should I make a separate thread?[/QUOTE] This is the right place. I think what you want can be accomplished via css floats (see [url=http://css-tricks.com/all-about-floats/]this[/url] and [url=http://coding.smashingmagazine.com/2009/10/19/the-mystery-of-css-float-property/]this[/url])

[QUOTE=asantos3;43417635]This is the right place. I think what you want can be accomplished via css floats (see [url=http://css-tricks.com/all-about-floats/]this[/url] and [url=http://coding.smashingmagazine.com/2009/10/19/the-mystery-of-css-float-property/]this[/url])[/QUOTE] Thank you for your help, but is it possible without CSS, but only with HTML ? My website uses software called Drupal, might be a bit complicated adding CSS (I am learning HTML and CSS though, just not brilliant at it yet)

It seems I can't find a solution for my problem. Anyone knows a good web hoster ?

[QUOTE=BoowmanTech;43419525]It seems I can't find a solution for my problem. Anyone knows a good web hoster ?[/QUOTE] If there is a issue with your host that is only half your problem. Your website is insecure until you start escaping your MySQL, and as suggested above you really should use something more secure than md5

[QUOTE=loony383;43423161]If there is a issue with your host that is only half your problem. Your website is insecure until you start escaping your myself, and as suggested above you really should use something more secure than md5[/QUOTE] Basically what I have there is only the foundation, and I know I still have lots to do.

[QUOTE=BoowmanTech;43419525] Anyone knows a good web hoster ?[/QUOTE] [url]http://www.poweredbypenguins.co.uk[/url] Very good, I've been using them for over a year.

[QUOTE=CM Punk;43418016]Thank you for your help, but is it possible without CSS, but only with HTML ? My website uses software called Drupal, might be a bit complicated adding CSS (I am learning HTML and CSS though, just not brilliant at it yet)[/QUOTE] CSS is much needed, you should how ever hard it is to add get it working. It's essential to websites. [editline]5th January 2014[/editline] [QUOTE=BoowmanTech;43419525]Anyone knows a good web hoster ?[/QUOTE] I use [URL="http://lithiumhosting.com/"]Lithiumhosting[/URL] by recommendations from others in here.

[QUOTE=BoowmanTech;43419525]It seems I can't find a solution for my problem. Anyone knows a good web hoster ?[/QUOTE] I can honestly say that Lithium Hosting is the best web host that I have ever used.

Can anyone help me please? I am making simple login system with cookies.. But I cant reach the ResimYukleme.php here the codes. [code]session_start(); if(!session_is_registered(myusername)){ header('Location: ResimYukleme.php'); exit;[/code] here is the checklogin.php [code]<?php ob_start(); $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="test"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION["myusername"] = $myusername; $_SESSION["mypassword"] = $mypassword; header("location:ResimYukleme.php"); } else { echo "<b>Kullanici Adi yada Sifre yanlis!</b>"; } ob_end_flush(); ?>[/code] oh my god... help please.

I'm having a problem with Google Analytics not recording the page bounce rate when I record an event on the same page. I have this after the [B]opening[/B] body tag: [code]<script type='text/javascript'> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-12345678-9']); _gaq.push(['_trackPageview']); </script>[/code] (Obviously not actual account ID) And this before the [B]closing[/B] body tag: [code]<script type="text/javascript"> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script>[/code] Which work fine alone and record everything as expected, but when I try to track an event on the page it doesn't record the bounce rate for that same page visit for some reason. Here's what I am using to try track an event: [code]<script type='text/javascript'> _gaq.push(['_trackEvent', 'Game size', 'Full width', 'Game Name']); </script>[/code] The above Javascript is just in the middle of the page. It tracks the event fine and things like page visits and such record fine, It's just that the bounce rate shown in either Audience, Acquisition or Behaviour is a lot lower when track event is in use and searching Behaviour for the directory which has this event tracking ([B]/game/[/B]) is showing a 0% bounce rate. Anyone know what I'm doing wrong? Do I need to manually track the bounce rate when tracking events or something? I can't find any information about why this might be happening on the Google Developers guides.

[QUOTE=efecanefe;43425207]Can anyone help me please? I am making simple login system with cookies.. But I cant reach the ResimYukleme.php here the codes. [code]session_start(); if(!session_is_registered(myusername)){ header('Location: ResimYukleme.php'); exit;[/code] here is the checklogin.php [code]<?php ob_start(); $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="test"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION["myusername"] = $myusername; $_SESSION["mypassword"] = $mypassword; header("location:ResimYukleme.php"); } else { echo "<b>Kullanici Adi yada Sifre yanlis!</b>"; } ob_end_flush(); ?>[/code] oh my god... help please.[/QUOTE] Do [U]not[/U] use mysql. It's deprecated. Use MySQLi instead. [url]http://php.net/mysqli[/url] There's not really any point in helping you with the above code since using deprecated functions and libraries is considered bad practice.

I bought a package from 'Lithium Hosting' and I changed the nameserver from my domain. If the domain isn't active yet because it could take 72hours should I get this kind of error when I try to go on the website ? [url=http://i.imgur.com/iLRdkWO.png][img]http://i.imgur.com/iLRdkWOl.png[/img][/url]

[QUOTE=BoowmanTech;43426373]I bought a package from 'Lithium Hosting' and I changed the nameserver from my domain. If the domain isn't active yet because it could take 72hours should I get this kind of error when I try to go on the website ?[/QUOTE] Getting the stupid question out of the way... Do you have any 'index.html' or 'index.php' at the public_html [I]or [/I]www folder?

New Lithium Hosting setups have a file called lithium.php by default which should display [url]http://www.lithiumhosting.com/newsetup/lithium.html[/url] once it's setup correctly until you add index files yourself.