topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday April 9, 2020, 6:28 am
  • Proudly celebrating 15 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - The Code Queryer [ switch to compact view ]

Pages: [1]
1
Folks,



Apart from Bootstrap (Twitter stuff), do you know of any free Mobile Responsive Design templates ?

I got a pagination page. I need to convert that to Mobile responsive Design. Searching for a template so I can learn from it and convert my pagination page so it looks good on mobile phone browsers too as now it looks terrible as you need to scroll and the texts look too small, etc.

Hence, need a Mobile Responsive Pagination page template.

Also need Account Login, Account Registration Page (web forms), Account Home Page Mobile Responsive Design templates.

Must be in Html 5 and CSS.



I am googling but no real luck.


Any advice ?



Thanks

2
Php Folks,

I want to allow my website members to login to their accounts and upload files to my server so other members can view them. Files such as text files, image files, audio files and video files. But not program files or executable files.
Now, what features must my File Upload Form have ?
I need a complete list of Php features it must have. I need you to give me a complete list of Php Functions the File Upload Form must make use of.
Kindly list as many Php features and functions you can think of that my File Upload Form must have in order for it to be a Secure File Upload Form so no one can upload malicious files (virus, programs, etc.).
I am going to get the File Upload Form developed by a paid programmer. I need to give the programmer a list of features the File Upload Form must have. Here is my list of REQUIREMENTS so far:

REQUIREMENT 1:
Add filters and sanitizations so malicious files cannot be uploaded. Nor can sql injections can be made.

REQUIREMENT 2:
Only file types from White-List should be uploaded. Any File Types not listed on this White-List should be discarded and not uploaded. Error should be given that this type of file is not allowed to be uploaded.

REQUIREMENT 3:
Uploaded File should not be more than 100MB. Echo error if File Sizes exceed limit & halt script.
MUST check File Size with function: file_size():
https://www.php.net/...unction.filesize.php

REQUIREMENT 4:
Set a maximum name length and maximum file size – Make sure to set a maximum name length and file size in order to prevent a Denial of Service attack.
If you do not know what I am talking about then read number "6" on the following link:
https://www.opswat.c...ction-best-practices

REQUIREMENT 5:
MUST make use php of function getimagesize() for security purpose.
https://www.php.net/...ion.getimagesize.php

REQUIREMENT 6:
Write to the file when you store it to include a header that makes it non-executable.
If you do not understand what I am talking about then read the line on the following link that comes just after the CONCLUSION section.
https://www.wordfenc...oad-vulnerabilities/

REQUIREMENT 7:
MUST STORE all errors and DISPLAY all errors using traditional:
"Errors[] = "";.
On my script, fix my error coding mistakes related to the following format as I have no clue how to fix all that to store errors and display them.
"Errors[] = "";.

REQUIREMENT 8:
To detect File Details, should use php functions:
file_info() & mime_content_type():
https://www.php.net/...ction.finfo-file.php
https://www.php.net/...ime-content-type.php
Script Files (executable files) should not be uploadable. Only text files (.txt, .doc, .pdf, etc.), image files (.giff, .jpeg, etc.), audio files (.mp3, etc.) and video files (.mp4, .wav, etc.).

REQUIREMENT 9:
Script should check whether file upload was successful or not.
MUST check with upload with function: is_uploaded_file().
http://php.net/manua...is-uploaded-file.php
NOTE: After the check, user must get notified whether file has been uploaded successfully or not.

END OF REQUIREMENTS

Q2.
Should I get the programmer to add security features from other languages ? Currently, all my REQUIREMENTS revolve around Php as that is the only programming language I am learning. I do not have experience in any other languages. Server-side or Client-side.
Now, do you reckon I should get the programmer to add security features on Client-side ? If so, program in which language and make use of which functions from that language ? Can you give me a complete list ?

Q3. For security purpose, should I even bother getting the programmer to turn the current File Upload Form into an Ajax form ?

Q4. For security purpose, should I even bother getting the programmer to add Json or Jscript ? Are they really necessary ?
If so, which features and functions must be used to make the File Upload Form more secure ?
(I was just youtubing to learn more about Ajax and what is Json or Jquery and so I am very raw in these 3 fields. Hence, need your advice whether of these 3 should be added or not and what features and/or functions must be added from them 3).

Q5. Which language was used to build youtube you reckon and which of the functions were used from the language/s, you reckon ?

Q6. If you were in my position then which languages would you make use of and which functions and features of these languages would you make use of ? I need your complete list.

Thanks

3
Technical Gurus,

I need your brilliant experienced opinion.
You see, it's practically impossible to make my website abide by the new EU GDPR without annoying my websites visitors. Hence, have decided to block all EU visitors altogether. I asked my webhost regarding this issue and they pointed me to these links:

Mod Security:
https://forums.cpane...in-countries.574681/

GeoIP:
https://grepitout.co...cpanel-easyapache-4/ and https://www.tecmint....or-apache-in-centos/

They suggested I take the "GeoIP apache module way".
Now, I'm not too technical. New in all this. I tried installing both the Mod Security and the GeoIP Apache Module but failed (even after following the steps in the articles) as I don't have much experience with Unix/Linux. Therefore, searched for someone to take care of it. Told him to install both Mod Security and GeoIP Apache Module but to do it without touching the .htaccess because the following article says it will go to thousands of lines of code if I do it using .htaccess.
https://www.sitepoin...m-accessing-website/

The technician had a look at the links I gave and said he will install the GeoIP module but not by following the steps mentioned in the following article and he has to do it using .htaccess.
https://www.tecmint....or-apache-in-centos/
Says there would only be 28 lines of code to block 28 EU countries.
Also says, if he follows the steps mentioned on the above link (tecmint article) then things will get messed-up. His exact words are:

"You can't directly edit apache configuration as techmin article suggest, because you are running cPanel. settings must be "friendly" with cpanel, or they'll get lost and make mess.".

He says he will do it following the steps mentioned here:
https://www.paunovic...a-cpanel-whm-serveru
He says that is the proper way to do it on cPanel Server.
I asked my webhost about this and they have gone silent. Hence, approaching you folks for your expert opinions.
I have Vps with Root Access: SSH, Panel. I got CentOS OS, Whm and cPanel ($15 version).
I got my webhost to build 8 cPanel accounts for my 8 domains. 1 cPanel account per domain. I think they built them via Whm. (Still learning about Whm).
I told the technician, I want him to set things up on my Whm so any domains &  cPanel accounts I add in the future (1 new cPanel account for 1 new domain) to my Vps should also block EU visitors. He said aslong as I have Root Access he will set things up following the steps in that article:
https://www.paunovic...a-cpanel-whm-serveru

You have now heard about my hardwares & softwares and what I need done. Block all EU visitors from my current 8 websites and from all future websites/domains hosted on this Vps. My questions are:

Q1. Must the GeoIP and the Mod Security be installed on my Whm for them to work on all my current and future websites/domains/cPanels hosted on this vps under this Whm ?

Q2. Which option is best for me ? Mod Security or GeoIP ? If I install both then that would not be a problem. Am I right ?

Q3. Is the technician correct when he says "You can't directly edit apache configuration as techmin article suggest, because you are running cPanel. settings must be "friendly" with cpanel, or they'll get lost and make mess."
He says the steps in following article is bad:
https://www.tecmint....for-apache-in-centos
Is he correct ?
He further says: "I'll compile GeoIP module and GeoIP database on your server Apache and then you can easily block countries, and do not have to block IPs.". Is it better to do it this way over the techmint article way ?
Should I opt for his method instead (do things the .htaccess way) and
should I ignore the warning on the Site Point Forum article to not to things the .htaccess way ?

I am puzzled, confused and need your expert opinions and advice as I know you won't be giving biased advices.

Thank you for your interest in helping me out.

Whatever method you recommend, make sure it will be easy for me to easily add more countries in the banning list without needing to fiddle with messy code.

4
Php Folks,

I am trying to create a php script that queries my mysql database and shows results using pagination.
Here are my requirements:

REQUIREMENTS
* Language: Php
* Php Version: 7
* Programming Style: Procedural
* Php Extension: Mysqli
* Sql Injection Prevention Method: Prepared Statements

* Web Form Design: Html 5 Compatible/Compliant
* Search Feature - Exact Match & Fuzzy Match Options (Search Usernames - See attached file for mysql tbl columns)
* Pagination - Max Results (rows) per page: 25
* Page Design: Responsive Web Design using Html 5 & CSS (latest)

I have been googling for months now and found no tutorials based on my requirements.
Tutorial are either in Pdo (Oop Style) and do not use Mysqli extension.
Or tutorials are in Procedural Style but DO NOT use Prepared Statements.
Or, tutorials are in Procedural Style and DO use Prepared Statements but do not have the SEARCH function. No EXACT MATCH or FUZZY SEARCH features exist.
None of them are Responsive Web Design suitable for both computer users and mobile phone users.

For our newbies' learning purposes. Can anyone be kind enough to show a mini pagination script ?
You may leave-out the following as I am likely to manage this with Bootsrap design tutorials:
* Page Design: Responsive Web Design using Html 5 & CSS (latest).

Thank You

NOTE: Attached file will show you what my mysql table looks like.



5
Developer's Corner / File Upload With Php
« on: April 08, 2019, 03:21 PM »
Php Programmers,

I am trying to build a file upload script with php but struggling. Need your urgent assistance.
Here are the requirements:


START OF REQUIREMENTS

* If directories "uploads/videos/id_verifications/$user" do not exist then they must be created. Else, not.
NOTE: Only the script must be able to create these directories and write to them (add files, delete files, copy files there, copy files from there, etc.) and no external domain must have these privileges. No other scripts must be executable from these directories.

* If File already exists then should echo error. Else, not.
Should check with php function: file-exists().
https://www.php.net/...tion.file-exists.php

* Uploaded File should only be video files (.wav, .mp4, etc.). Should echo error if File Types are otherwise.

* Script should check whether the file upload was successful or not.
Should check with php function: is_uploaded_file().
http://php.net/manua...is-uploaded-file.php

To detect File Details, should use php functions:
* file_info() & mime_content_type():
https://www.php.net/...ction.finfo-file.php
https://www.php.net/...ime-content-type.php

* Uploaded File should not be more than 100MB. Should echo error if File Sizes are otherwise.
Should check with php function: file_size():
https://www.php.net/...unction.filesize.php

* Temporary File should be created at first and then moved to the following permanent directory: uploads/videos/id_verifications/$user.
Moving of directory should be done using php function: move_uploaded_file
https://www.php.net/...ve-uploaded-file.php

* Uploading File Name should be renamed to: $user_id_verification
File Renaming should be done using php function: rename():
https://www.php.net/.../function.rename.php
So, if file name is "my_id.mp4" and User's username is "tommy_boy" then File Name should be renamed to: "tommy_boy_id_verification.mp4".
If file name is "my_id.wav" and User's username is "tony_boy" then File Name should be renamed to: "tony_boy_id_verification.wav".
(NOTE: On the above 2 example lines, the File extensions are different).

* User must get notified that, file has been uploaded successfully. If uploading fails then user must get echoed error.

* All Errors should be echoed using traditional: $Errors[] = "Error message goes here";

* Php code must be in procedural style as I do not know OOP.

* You must include understandable comments on your codes so I can understand them and have no questions.

END OF REQUIREMENTS


Q1. Are there anything else, in terms of security, that I should have as "Requirements" ?


6
Php & cURL Folks,

I am a php student. I struggle with php and cURL the most.
Is anybody here interested in program trades ? This is where I will give you .exe bots and you will give me .php bots.
When I say "bots", I mean automation tools and not illegal bots such as spam bots and the like.

Why am I looking forward to this trade ? It's like this. I learnt how to build .exe bots and now I want to build web versions of them. Problem is, I am struggling with php and cURL. I am not a real programmer who uses programming languages to build automation tools. I use GUI programming tools. I just click buttons and the automation tools are built as the tool spits the code to C# and compiles them.
Since I am not a real programmer then you can understand why I am struggling with php. Checkout my threads to see where I am stuck on php.
And, checkout my "IDEA" threads for some of my internet business ideas.
I need some php developer to build me this:
https://www.donation....msg428961#msg428961
I will supply you with a .exe copy. You can give it away or sell it aswell as use it. I don't care. You should give me same privilege. I just want to grab a php version and learn from the source code how to automate the web using php and cURL. That's all. I've been honest with you guys here, right from the beginning. So, how-about a trade ?

7
Post New Requests Here / IDEA: Searchengine Scraper
« on: April 06, 2019, 02:00 PM »
Hi,

My idea is a searchengine scraper.
It is like this ....
You come to a webpage and you see a search box (like google and the like). You type a url and click the "Scrape SERPs" button.
Now, the web app would visit the SERP page and scrape all the result links. It would follow to the next SERP pages and do likewise until it has met the dept you put.
A spider that visits SERP pages and scrapes all the result links. It then saves them on the website's database under your member username. Others can search band see what you scraped by doing your Username search. Likewise you can do too.
The scraper would scrape not only the links but their anchor texts, page titles, page meta keywords and meta descriptions.
In other words, a searchengine scraper. A web app. Built with php.
Anybody can build this then do the community a favour by releasing the source code here and on the gpl so we can learn from your source code. I am php student. I reckon cURL is good for the job.

Anyone like this idea,. Give it a thumbs up! :up:

Just imagine, you can scrape any searchengine with this.
I have built a .exe one. Anyone who builds a .php one then I am willing to trade or willinbg to give you a copy if you give me the .php copy along with comments so I can learn from your code.

8
Folks,

Have you seen websites like appsgeyser.com and the like where they help you build Android Mobile Apps ? You can build your own Android Browser.
I've seen a handful. But guess what ? None of them allow you to build an Android Browser that logs what your browser users are browsing. It should log the webpages visited and in the background, without annoying or disturbing the user, send the log to your mysql database.
The user should see menu->Settings.
In this Settings screen, user should fill-in fields that asks for user's website's mysql database. Database, to where the users browsing history logs should be sent.
So, let us say, the Settings Page looks like this:

Domain:
Mysql User:
Mysql User Password:
Mysql Database Name:
Mysql Table Name:

Let us say the Android Browser is called "Look".
Now, let us imagine user filled-in fields like this:

Domain: user-domain.com
Mysql User: user
Mysql User Password: password
Mysql Database Name: look_browser
Mysql Table Name: users_browsing_histories

Let us say, user now headed off to google. Once the google page loads, the Android Browser should submit data like this to the user's website's mysql database:

(Imagine the following are column names):
id|date_and_time|username|url|page_title|meta_keywords|meta_descriptions

A scenario how my mysql db records will look like:
id|date_and_time|username|url|page_title|meta_descriptions|meta_keywords|
----------------------------------------------------------------------------------------
0|04/07/2019|idea_man|donationcoder.com/forum/index.html|programming forum|A programming Forum|php,
                                                                                                                                                           javascript,
                                                                                                                                                           programming,
                                                                                                                                                           forum

Now, whenever I am somewhere and my fone is not with me. I can just logon with my laptop to my website and checkout my browsing history for any reason. Also, others can checkout my browsing history via my website.

Anyway, who's gonna build this Android Browser ? Don't forget to credit me for the idea giver.

Now, who's gonna build this and give us all a copy ? If you know of any website like appsgeyser.com that allows us to build such an Android Browser App then say so here! Because, I have found none so far!

9
Post New Requests Here / IDEA: Social Browsing History Website
« on: April 06, 2019, 01:08 PM »
Folks,

Did you use del.icio.us a dacade ago ?
You registered your member account and once you logged in you saw a button. When you clicked that button, del.icio.us grabbed all your bookmarks and uploaded the links to the website. Now, others can see your bookmarks as your favourite links were displayed under your username. Anyone doing your Username search, found all your bookmarks presented in google like presentation.

I want to build similar. But instead of the script uploading all your bookmarks it should upload all your browsing histories. That way, others doing your Username search can now see what you browsed. Hold down the CTRL button and press the H button to see your browsing history. All that needs to be uploaded.
This is gonna be big! All this forum members can signup as members and upload their browsing histories and each of us can see what the other has been browsing online. Ofcourse, there should be an option to delete links from the uploaded mysql database.
I have a feeling this will have to be clientside programming for the script to grab and upload all the users browsing histories from his web browser.
We can add this feature to this forum.
If you like my idea then get the owners of this forum to read this thread. And comment here about my great idea.
Whoever likes my idea, do not forget to contribute your sample code here for others to learn from.

10
Developer's Corner / Sql Syntax Error
« on: April 06, 2019, 12:57 PM »
Folks,

What is wrong with my php mysql query ? Trying to get the script to search my database and show results in pagination format. Using mysqli and procedural styling here.
$total_pages = $conn->query("SELECT * FROM browsing_histories WHERE username = ?")->num_rows;
What is wrong with my php mysql query ?

I get this error:
Fatal error: Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '?' at line 1 in C:\xampp\htdocs\test\search.php:31 Stack trace: #0 C:\xampp\htdocs\test\search.php(31): mysqli->query('SELECT * FROM b...') #1 {main} thrown in C:\xampp\htdocs\test\search.php on line 31

If I remove the "WHERE username = ?" part and make it like the following then I get no error.

$total_pages = $conn->query("SELECT * FROM browsing_histories WHERE username = ?")->num_rows;

But making it like this means getting it to pull all rows from the table. I do not want that. I want to pull matching rows in the "username" column.
How to fix this ? How should it have been ?

11
Developer's Corner / if(file_exists..) is Failing!
« on: April 06, 2019, 12:47 PM »
Php Whizes!

A certain video file exists in a certain directory on my hdd. I get the script to upload the same file again expecting to see error message (based on my coding) that the file has already been uploaded. But, I see no error appearing. Why is that ? Trouble in this line:
if(file_exists("$directory_path . $user/ . $file_name")) //THIS LINE IS NOT GIVING THE ERROR THAT FILE HAS ALREADY BEEN UPLOADED. INSTEAD GIVES THE ECHO THAT IS 26 LINES BELOW HERE: "Your Video File \"$file_name\" has been uploaded successfully!"

Context of the script:

//Feed Id Verification Video File Upload Directory path.
$directory_path = "uploads/videos/id_verifications/";
//Make Directory under $user in 'uploads/videos/id_verifications' Folder.
if(!is_dir($directory_path . $user))
{
$mode = "0777";
mkdir($directory_path . $user, "$mode", TRUE); //IS THIS LINE CORRECT ?
}

//Grab Uploading File details.
$Errors = Array(); //SHOULD I KEEP THIS LINE OR NOT ?
$file_name = $_FILES["id_verification_video_file"]["name"];
$file_tmp = $_FILES["id_verification_video_file"]["tmp_name"];
$file_type = $_FILES["id_verification_video_file"]["type"];
$file_size = $_FILES["id_verification_video_file"]["size"];
$file_error = $_FILES['id_verification_video_file']['error'];

//Grab Uploading File Extension details.
$file_extension = pathinfo($file_name, PATHINFO_EXTENSION);
if(file_exists("$directory_path . $user/ . $file_name")) //THIS LINE IS NOT GIVING THE ERROR THAT FILE HAS ALREADY BEEN UPLOADED. INSTEAD GIVES THE ECHO THAT IS 26 LINES BELOW HERE: "Your Video File \"$file_name\" has been uploaded successfully!"
//if(file_exists($directory_path . $user . '/' . $file_name)) //THIS LINE IS NOT GIVING THE ERROR THAT FILE HAS ALREADY BEEN UPLOADED. INSTEAD SHOWING BLANK WHITE PAGE.
{
$Errors[] = "Error: You have already uploaded a video file to verify your ID!";
exit();
    }

I need help where you see me asking you a question on my comments (on my above code).

12
Php Seniors,

Why is this line malfunctioning ?
if(!array_key_exists($file_extension, $allowed_file_extensions)) die("Error: Select a valid video file format. Select an Mp4 file.");

I allowed the file type "mp4" and then fed the script (trying to uploade an mp4 file) an mp4 file.
I should get mssg upload successful and only get echoed errors if the selected file is not a video file. Since, I selected a video file to upload via the html form then I should not get any errors echoed. Common sense!
But guess what ? I get error message echoed: "Select a valid video file format. Select an Mp4 file."

Why is that ?

Here my code:
$file_name = $_FILES["id_verification_video_file"]["name"];
$file_tmp = $_FILES["id_verification_video_file"]["tmp_name"];
$file_type = $_FILES["id_verification_video_file"]["type"];
$file_size = $_FILES["id_verification_video_file"]["size"];
$file_error = $_FILES['id_verification_video_file']['error'];

$file_extension = pathinfo($file_name, PATHINFO_EXTENSION);
if(file_exists("$directory_path . $user/ . $file_name"))
{
$Errors[] = "Error: You have already uploaded a video file to verify your ID!";
exit();
    }
else
{
//Feed allowed File Extensions List.
$allowed_file_extensions = array('mp4');

//Feed allowed File Size.
$max_file_size_allowed_in_bytes = 1024*1024*1; //Allowed limit: 100MB.
$max_file_size_allowed_in_kilobytes = 1024*1;
$max_file_size_allowed_in_megabytes = 1;

$max_file_size_allowed = "$max_file_size_allowed_in_bytes";

//Create a fileinfo resource.
$finfo = finfo_open(FILEINFO_MIME_TYPE);
//Apply the FileInfo resource and the finfo_file() function to a given file.
$mime = finfo_file($finfo,$file_name);
//Close the fileinfo resource.
finfo_close($finfo);

//Verify File Extension.
if(!array_key_exists($file_extension, $allowed_file_extensions)) die("Error: Select a valid video file format. Select an Mp4 file.");


The following code fails to move the FILE to it's intended place:
//Move uploaded File to newly created directory on the server.
move_uploaded_file($file_tmp, $directory_path . "$user/" . $file_name); //IS THIS LINE CORRECT ?
//Notify user their Id Verification Video File was uploaded successfully.
echo "Your Video File \"$file_name\" has been uploaded successfully!";
exit();

Before, attempted this with no luck too:

//Move uploaded File to newly created directory on the server.
move_uploaded_file("$file_tmp", "$directory_path . $user/ " . "$file_name"); //IS THIS LINE CORRECT ?
//Notify user their Id Verification Video File was uploaded successfully.
echo "Your Video File \"$file_name\" has been uploaded successfully!";
exit();

13
Php Gurus,

When I select a video mp4 file and get the File_Type to echo it then it echoes blank. Why is that ?
$file_type = $_FILES["id_verification_video_file"]["type"];
echo "File Type: $file_type<br>";

The form I mentioning below incase you wondering whether I mispelled the item name.:
<form METHOD="POST" ACTION="" enctype="multipart/form-data">
<fieldset>
<p align="left"><h3><?php $site_name ?> ID Video Verification Form</h3></p>
<div class="form-group">
<p align="left"<label>Video File: </label>
<input type="file" name="id_verification_video_file" id="id_verification_video_file" value="uploaded 'Id Verification Video File.'"></p>
</div>
</fieldset>
<p align="left"><button type="submit" class="btn btn-default" name="id_verification_video_file_submit">Submit!</button></p>
</form>

If I select a .php file then it manages to show the file type. Only shows blank on the mp4 file.

14
Coding Snacks / Know Of Php Script To Block EU Visitors ?
« on: April 05, 2019, 02:12 PM »
Folks,

I am trying to block EU visitors due to GDPR.
Know of any free php scripts I can install on my website to do the job to redirect EU users somewhere else or downright block them so my website is not accessible to them ?

Pages: [1]