Results 1 to 10 of 10
Hybrid View
-
10th Apr 2012, 12:59 PM #1OPMember
PHP question (check.php?user=AnyName //How does this work?)
Hey guys, I'm still learning some PHP and I wanna know what is that thing called:
"check.php?user=AnyName"
for example I access http://127.0.0.1/check.php?user=AnyName
I want to view tables that has the user name "AnyName"
Can someone post what this kind of php stuff is?
Or link me to a site that has a tutorial?
Also, a simple sample would be greatly appreciated and a big contribution for my studies in PHP.
Thank you in advance guys!NewBiee Reviewed by NewBiee on . PHP question (check.php?user=AnyName //How does this work?) Hey guys, I'm still learning some PHP and I wanna know what is that thing called: "check.php?user=AnyName" for example I access http://127.0.0.1/check.php?user=AnyName I want to view tables that has the user name "AnyName" Can someone post what this kind of php stuff is? Or link me to a site that has a tutorial? Rating: 5
-
10th Apr 2012, 01:05 PM #2Banned
hmmm ...
http://www.w3schools.com/php/php_mysql_where.asp
in php there will be something like $_GET["user"]
-
10th Apr 2012, 01:06 PM #3Retired NinJaWebsite's:
loledhard.comthats GET method to pass the data. Read more here
http://www.w3schools.com/php/php_get.asp
http://www.tizag.com/phpT/postget.php
You don't hate Justin bieber.You hate the fact you ain't Justin Bieber!
-
10th Apr 2012, 01:18 PM #4OPMember
Thank you so much for your fast response guys! I really appreciate it!
-
10th Apr 2012, 01:19 PM #5Member
I've written an example script for you along with explainations for what each function does.
<?php
$username = mysql_escape_string($_GET['user']);
$results = mysql_fetch_array(mysql_query("SELECT * FROM users_tablename WHERE username_col = '".$username."' LIMIT 1"));
print_r($results);
?>
mysql_query -Runs the SQL query, to learn that read http://www.w3schools.com/php/php_mysql_intro.asp
mysql_fetch_array - Gets the array from the query
print_r - that prints the array, to get a certain part of the array such as their email address replace that print_r line with: echo $results['email_col']; ofcause replace email_col with the name of the email column
the $_GET['user'] gets the 'user' from the URL
don't forget to replace users_tablename with the table name where the users are stored and don't forget to replace username_col with the column which stores the username.
hope that makes sense to you
-
10th Apr 2012, 02:11 PM #6OPMember
-
10th Apr 2012, 02:22 PM #7Member
-
10th Apr 2012, 02:35 PM #8OPMember
Thanks puttin! So I've made this code now, can you check if there are any vulnerabilities?
http://localhost/index.php?username=test
PHP Code:<?php
$user = mysql_escape_string($_GET['username']);
function calc_time($seconds) {
$days = (int)($seconds / 86400);
$seconds -= ($days * 86400);
if ($seconds) {
$hours = (int)($seconds / 3600);
$seconds -= ($hours * 3600);
}
if ($seconds) {
$minutes = (int)($seconds / 60);
$seconds -= ($minutes * 60);
}
$time = array('days'=>(int)$days,
'hours'=>(int)$hours,
'minutes'=>(int)$minutes,
'seconds'=>(int)$seconds);
return $time;
}
$con = mysql_connect("localhost","root","pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("vpn", $con);
$result = mysql_query("SELECT * FROM users WHERE user_name='$user'");
while($row = mysql_fetch_array($result))
{
$dur = calc_time($row[duration]);
$dur1 = $dur[days] . " day(s), " . $dur[hours] . " hour(s) and " . $dur[minutes] . " minutes";
}
?>
<html>
<body>
<input type="text" name="exp" value="<?php echo $dur1 ?>"/>
</body>
</html>
-
10th Apr 2012, 02:52 PM #9Member
No vulnerabilities in your script
However, since you're grabbing only one username rather than multiple users, surely you don't need to 'while' it?
Consider replacing
while($row = mysql_fetch_array($result))
{
$dur = calc_time($row[duration]);
$dur1 = $dur[days] . " day(s), " . $dur[hours] . " hour(s) and " . $dur[minutes] . " minutes";
}
$row = mysql_fetch_array($result);
if(!$row){ die("Username not found"); }
$dur = calc_time($row[duration]);
$dur1 = $dur[days] . " day(s), " . $dur[hours] . " hour(s) and " . $dur[minutes] . " minutes";
-
10th Apr 2012, 02:55 PM #10OPMember
Thank you soo much puttin! I really appreciate your help! Hope I can make it up to you! You're a life saver!
Sponsored Links
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
How can I check my referrals in KWWH's user control panel?
By dljawed in forum General DiscussionReplies: 1Last Post: 18th Nov 2011, 08:53 PM -
Need Forumophilia user to check my post...
By weena in forum Community CooperativeReplies: 4Last Post: 26th Jun 2011, 07:16 PM -
Check out my SEO work - Its paying off :)
By kiddo in forum General DiscussionReplies: 37Last Post: 15th Jan 2011, 08:35 PM -
Need User group Ranks images (Free Work)
By Arthur in forum Graphics AreaReplies: 0Last Post: 26th Jul 2010, 09:01 PM -
[Selling] Any one want GFX work - Check my Portfolio -
By iR0ck in forum Completed TransactionsReplies: 50Last Post: 5th Feb 2010, 08:00 AM
themaLeecher - leech and manage...
Version 4.93 released. Open older version (or...