Jump to content
Killersites Forums

saversites

Member
  • Posts

    65
  • Joined

  • Last visited

Everything posted by saversites

  1. I added this line today ... echo "$response[http_code]"; Result I get is this: 403. Googling, I see that the page devshed.com is forbidden. Since I can view the page on y browser and not manage to get cURL to fetch it then I'm guessing devshed.com has put a measurement in place to foil proxies. Switched the url to another site and that got fetched. last night, even google did not get fetched and so I suspected maybe I accidently deleted something from my code but could not spot the deletion. Hence, opened this thread to see if anyone else spots it. Now, I understand, both devshed.com and google were foiling the cURL fetch or proxy fetch. How well did I do ?
  2. Folks, Why is cURL failing to fetch the page ? All this time it worked. Echoes "Page fetching problem!" <?php //Required PHP Files. include 'config.php'; include 'header.php'; //1). Set Banned Words. $banned_words = array("asshole", "nut", "bullshit"); $url = "http://devshed.com"; // 2). $curl is going to be data type curl resource. $curl = curl_init(); // 3). Set cURL options. curl_setopt($curl, CURLOPT_URL, "$url"); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); // 4). Run cURL (execute http request). $result = curl_exec($curl); if (curl_errno($curl)) { echo 'Error:' . curl_error($curl); } $response = curl_getinfo( $curl ); //If page is fetched then replace banned words found on page. if($response['http_code'] == '200' ) { $regex = '/\b'; $regex .= implode('\b|\b', $banned_words); $regex .= '\b/i'; $substitute = 'BANNED WORD REPLACED'; $clean_result = preg_replace($regex, $substitute, $result); //Present the banned words filtered webpage. echo $clean_result; } else { //Show error if page fetching failed. echo "Page fetching problem!"; exit(); } ?>
  3. Php Folks, What is the regex to extract the content of a webpage that is visible to the user in his browser no matter what is visible to the web crawler (searchengine spider or bot)? That means, it should ignore the following and not extract these tags or any data inbetween these tags excluding the <body> & </body> tags as including that in the filter would render the data extraction useless: title title tags meta keywords meta keywords tags meta descriptions meta descriptions tags html tags dhtml tags xml tags javascript tags, etc. tags. If you know of php functions, other than regex that do what I want, then say so by writing: OFF TOPIC. Thanks for your help!
  4. Php Folks, What is the regex to extract the title, meta keywords, meta descriptions and the content text (without all the tags such as html tags, dhtml tags, xml tags, javascript tags, etc.) ? I actually, prefer one regex to extract title, another to extract meta keywords, another to extract meta descriptions and finally another to extract the content text. That way, I can make use of each separately when I don't want to extract all (title, description, etc.). If you know of php functions, other than regex that do what I want, then say so by writing: OFF TOPIC. Thanks for your help!
  5. RegExp Exps (Regular Expression Experts), What is the regex to extract your desired text inbetween 2 tags such as the opening html tag and the closing. Should work for other tags too such as javascript, xml, dhtml, css, etc. Imagine that, I'm on a webpage that looks like this in the source code: <html> <head><title>Article</title></head> <body> Regex is too complicated to learn!<br> Why on earth could not the inventors build it simpler so it is easier to learn ?<br> Oh boy, oh boy!<br> </body> </html>
  6. Problem is, I don't know how many words there would exist on a page and therefore don't know how many arrays to create for each word. In my example above, I just used 5 words but in reality I won't know how many words would exist on a page. Trying to build a web crawler. So far, getting cURL to fetch the pages found on my db (user submissions). Now, php needs to break each sentence into words found on the fetched page (for my crawler to learn what keywords make-up the page) and line them up one by one. Like so: 1st word 2nd word 3rd word and so on for each and every word.
  7. How come the $words variable contain the value "1" ? <?php $content = "word1 word 2 word3 word 4 word5"; echo "Content: $content<br>"; $words = print_r(explode(" ", $content)); echo "words: $words"; ?> I see this: Content: word 1 word 2 word 3 word 4 word 5 Array ( [0] => word 1 [1] => word [2] => 2 [3] => word 3 [4] => word [5] => 4 [6] => word 5 ) words: 1 Anyway, I am trying to get each word from $content lined up like this: word 1 word 2 word 3 word 4 word 5 How do I do it ? Any code sample appreciated. Replacing the print_r with var_dump not good, either. :chomp: As I see this: Content: word1 word 2 word3 word 4 word5 array(7) { [0]=> string(5) "word1" [1]=> string(4) "word" [2]=> string(1) "2" [3]=> string(5) "word3" [4]=> string(4) "word" [5]=> string(1) "4" [6]=> string(5) "word5" } words: No good: <?php $content = "word1 word 2 word3 word 4 word5"; echo "Content: $content<br>"; $words = var_dump(explode(" ", $content)); echo "words: $words"; ?> Neither no good just echoing the $words value as I see this: Content: word1 word 2 word3 word 4 word5 Notice: Array to string conversion in C:\xampp\htdocs\project\explode.php on line 8 words: Array And, no good this, either: <?php $content = "word1 word 2 word3 word 4 word5"; echo "Content: $content<br>"; $words = (explode(" ", $content)); echo "words: $words"; ?> Thanks
  8. Php Buddies, I'm going to jump into building my own searchengine now. Starting off with the search box, then the index and then finally the crawler. Not too worried about the crawler. Gonna make use of cURL and implode,explode, etc. php functions. It's the Index that I quite can't get my head around. To build the Index, should I have the structure of the mysql tbl like this .... ? Option 1 Columns Url|Keywords Or, should I make the structure like this instead ..... ? Option 2 Columns Keyword|Urls Option 1a Example Columns Url | Keywords ----------------------------------------------------------------------- devshed.com | forum, programming, php Option 1b Example Columns Keyword | Urls -------------------------------------------------------------------------------------------------------------------------- forum | devshed.com, blackhat.com, warriorforum.com --------------------------------------------------------------------------------------------------------------------------- php | devshed.com/forum/php.htm, sitepoint.com/forum/php.php Option 2a Example Columns Urls | Keyword ----------------------------------------------------------------------- devshed.com | forum ----------------------------------------------------------------------- devshed.com | programming ----------------------------------------------------------------------- warriorforum.com | money ----------------------------------------------------------------------- warriorforum.com | forum Option 2b Example Columns Keywords | Urls -------------------------------------------------------------------------------------------------------------------------- forum | devshed.com/forum -------------------------------------------------------------------------------------------------------------------------- forum | blackhat.com/forum --------------------------------------------------------------------------------------------------------------------------- php | devshed.com/forum/php.htm --------------------------------------------------------------------------------------------------------------------------- php | sitepoint.com/forum/php.php Question 1: I have a feeling you won't like Option 1a or 1b atall. But, let's assume you need to do it out of them 2 options. Which one would you choose ? Question 2: I have a feeling you will like Option 2a or 2b. Which one would you choose ? Or, if you don't like any of them 2. Then, let's assume you need to do it out of them 2 options. Which one would you choose ? Question 3: If you don't like the structure of any of the 4 options then which structure would you yourself use or have used ? Best to show an example like I did. Btw, I know that, if I structure my tbl around the way I showed in my examples then users would only be able to make queires for a single keyword and not a phrase. But, dealing with phrases get complicated and so for the time being, as a beginner, let's concentrate one thing at a time. Concentrate on the very first basic of indexing a url. Thanks
  9. Php Masters! I need to know how you do things the way you do things. Let us say, I am building a Social Network (SN). Let us say, my mysql db looks like this in structure: METHOD 1 Tbl: users; Columns: id, username, email, friends. Example: id|username|email|friends 0|uniqueideaman|uniqueideaman@**.com|user1,user500 ,user697 Do you see, how I have crunched-up 3 usernames into a single cell ? Q1. Is this how you would do it to list my friends' usernames ? --------------- METHOD 2: I was told I should do it like this: Anyway, I was told to check these out: https://en.wikipedia.org/wiki/Fourth_normal_form https://www.youtube.com/watch?v=UrYLYV7WSHM Did not bother with the vid as I'm on low bandwidth. Also, googled: https://www.google.com/search?q=what...hrome&ie=UTF-8 And read: https://www.tutorialcup.com/dbms/fourth-normal-form.htm You php pro, do you think I should have a friends list where every member link is recorded in a three column table, the first being an auto_increment ID to keep all records sequential and unique, the 2nd ID is the User ID (UID) and the Friend ID is the FID ? Tbl: Friends ID is auto incremented. UID is User's ID. FID is Friend's ID. Columns ID | UID | FID 1 | 3 | 24 2 | 3 | 399 3 | 55 | 24 4 | 598 | 3 5 | 598 | 55 6 | 6000 | 598 7 | 3 | 598 8 | 24 | 55 9 | 55 | 598 So, you think apart from having the "users" tbl that lists the users during registration, I should have another tbl "friends" ? And you want me to populate the "freinds" tbl like shown above. Right ? Yes or no ? If "yes", then how would you db query to pull-up a user's friends ? Let's say you want to pull-up UID 5's friends. This is my try using PREP STMNT: $stmt = mysqli_prepare($conn, "SELECT FID FROM users WHERE UID = ? "); In the above example you can see that ID's 1 & 2 have two entries for UID 3 who is linked to friend's FID 24 & 399 and is also friends with UID 598. It appears that I am having multiple links here. And therefore, I did not originally want to do it this way to save the db getting populated to much (too many entries) to save it from getting bogged down from doing too many tasks. Q2. Would not it be less resource using and less querying (hence less traffic to the db) if I do it the way I demonstrated in my original post ?
  10. Happy Holiday Php Guys! You know, few yrs back I've fiddled with file cutting software where I cut a file into lots of smaller files. I've also merged lots of files into one. Now, I did all this with a desktop software (.exe). Now, I want to do it with php. Therefore, in order to cut & shorten and merge and enlarge text files, which functions should I look into ? Same question goes for img files. First, I want to cut an img file into many smaller files. For example, look at this img here: Logo Design Tool. Free and Online. The img shows text: Happy New Year. That phrase is displayed using a certain font. Now, I want to have each letter/char on it's own. That means, I need to cut the img file into many smaller files so each file only contain one letter/char. Eg. h.jpeg a.jpeg p.gpeg py.jpeg y.jpeg and so on. So, how do I break an img file into lots of smaller files ? Which function to use to do that ? I can break the file in 3 ways: 1. Cut the file into many smaller files by inserting a number. Like break the big file into 10 smaller files. 2. Cut the file into many smaller files by inserting a percentage. Like break the big file into 20% smaller files. (This would break into 5 files only). 3. Cut the file into many smaller files by inserting a delimiter. The delimiter can be a colour. In this example: Logo Design Tool. Free and Online. If I insert black as the delimiter then each file would be separated using black as the separator. That means, each char would be separated by the black colour (background colour). Result ? I'd get each file containing one char/letter. You do understand what I'm trying to do, right ? From this img in our example, I'm trying to extract all the chars and save each char on a separate file on it's own. In this case, 12 files would be created for 12 chars. Now, I need to do all this with php. And so, how do I do it ? Which functions to use ? Have you experimented with this type of thing ? Erm: I always come-up with good idea projects for a beginner for my learning purpose. Is not that so ? Always adventurous. Yes, I am a different type of student. Unorthodox. A unique student. A unique way of learning student. And, you're going to be the unique type of helper. Where's the fun when every student or teacher does things the orthodox way ? Let's make a change. :cool:
  11. Happy New Year! Folks, Have you seen those online greeting cards, where you choose a template (like a bunch of people holding a big white empty sign board) and whatever you type in the "greetings" text box then that shows-up in the image (your typed text shows up in the sign board) ? How did they program all that with php ? I mean, they did some kind of a text layout on the img, right ? We've done this kind of thing in Adobe Photoshop but how does php manage it ? Does php have some builtin function that deals with overlaying one img or text over another img ? Img overlaying ? if not, then how'd they manage to program it ? If you don't mind, I'd like to see a code sample from your end. That can be my new year gift! I think the programmers do it like the following technique. See if I'm correct or not ... They cut the template img in half. So, in our example, the bunch of people holding the empty white signboard is one whole img. Like: full.jpeg. With phptoshop and the like, the webmaster cut the img in 2. Half half. Like: left_half.jpeg & right_half.jpeg. Now, let's deal with you the user's input text and its img. With a font, let's say Ariel Style, I, the programmer, going to write each letter and save it. Like so: a.jpeg b.jpeg and so on right down to: y.jpeg z.jpeg Then, I'm going to give you, the visitor/greeting mssg creator a text box (in a web form). You will type your word such as: Happy New Year 2018. And, my script will call the required jpeg files and combine them to form your word. Like so: h.peg,a.jpeg,p.peg,p.jpeg,y.jpeg and so on. You get the picture. Gonna put each appropriate img files side by side that will make up your chosen word. Eg. $word = $h = mydomain\h.jpeg.$a = mydomain\a.jpeg; AND SO ON until your word is formed: Happy New year 2018. //combine left half of img with right half of img with greeter's $word inbetween the 2 imgs. echo left_half.jpeg.$word.right_half.jpeg; //concatenation taking place here. Is this how the php programmers build these greeting card sites ? Meaning using the same method I did. Ok, maybe programming slightly differntly by using better codes but the method of adding the greeter's greeting words on the image template is done like so. Right ? Don't forget to PM me your emails so when I get this Greeting Card site of mine up and running then I can give you all a card. Lol!
  12. Happy New Year! Guys, Look at this site: https://cooltext.com/Logos-Ice They have text fonts or something. You type your words/phrase and your chosen letter style (their fonts) writes your words or phrase. How did the site manage to do that ? For example, look at the Ice Cube style: https://cooltext.com/Logo-Design-Ice-Cube Now, type any phrase and their site types your phrase using that style. How'd they program that ? I want to build a site like that. This is how I'm gonna built it .... With a font, let's say Ice Cube Style, I'm going to write each letter and save it. Like so: a.jpeg b.jpeg and so on right down to: y.jpeg z.jpeg Then, I'm going to give you a text box (in a web form). You will type your word such as: Get Lost. And, my script will call the required jpeg files and combine them to form your word. Like so: g.peg,e.jpeg,t.gpeg and so on. You get the picture. Gonna put each appropriate img files side by side that will make up your chosen word. Eg. $a = localhost\a.jpeg $b = localhost\b.jpeg $word = $a = localhost\a.jpeg.$b = localhost\b.jpeg; echo "$word"; Ok, I'm going to do something like that but not quite like that. You do understand what I'm trying to do and how I'm trying to organize things or put the script up. Is this how they usually do it ? Ok, I've shown you a code sample, even though it ain't that good. Now, how-about a sample from your end ?
  13. Folks, I'm creating like a meta engine where you choose which searchengine to use. I'll get to the point where my site will show you search results that have links from all searchengine results. But as for now, let's take things one step at a time. OFF TOPIC: Oh man! Shut the F* Up! (I got a lousy fox howling at the back of my backyard near the woods!). It shut the hell up once I wrote this. maybe, I'm becoming psychic some-how getting my message across to creepy things! Lol! TOPIC: For now, I'm giving user the option to choose which searchengine to use. Right now, I've managed to program where the search results (from your chosen searchengine) is shown on the current window. I want it to show in a new window. So, how to code that part ? I've googled and checked Stack Over Flow and I see a lot of others are searching for the same code but no one is having any luck! Here's my code for now: <?php /* ERROR HANDLING */ declare(strict_types=1); ini_set('display_errors', '1'); ini_set('display_startup_errors', '1'); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); //Step 2: Check user submitted details. //2A. Check whether user made all the required inputs or not. if (isset($_POST["keywords"]) && isset($_POST["searchengine"])) { //2B. Create variables based on user inputs. $keywords = trim($_POST['keywords']); $searchengine = trim($_POST['searchengine']); if (strlen($searchengine) < 1) { $searchengine = 'mysearchengine'; } elseif ($searchengine = 'google') { $serp = "https://www.google.com/search?q=$keywords"; header("location: $serp"); } elseif ($searchengine = 'yahoo') { $serp = "https://search.yahoo.com/search?p=$keywords"; header("location: $serp"); } elseif ($searchengine = 'msn') { $serp = "https://www.bing.com/search?q=$keywords"; header("location: $serp"); } echo "$searchengine"; echo "$keywords"; } } ?> <!DOCTYPE html> <html> <head> <title><?php $site_name ?>Meta Searcher</title> <meta charset="utf-8"> </head> <body> <form method="post" action=""> <p align="left"><h2>Meta Searcher</h2></p> <fieldset> <label for="keywords_search">Search Keywords:</label> <input type="text" name="keywords" id="kw" value="" placeholder="Keywords"><br> <label for="searchengine">Searchengine:</label> <input type="radio" name="searchengine" value="mysearchengine" <?php if(isset($_POST['mysearchengine'])) { echo 'checked'; }?> required>My Searchengine <input type="radio" name="searchengine" value="google" <?php if(isset($_POST['google'])) { echo 'checked'; }?> required>Google <input type="radio" name="searchengine" value="yahoo" <?php if(isset($_POST['yahoo'])) { echo 'checked'; }?> required>Yahoo <input type="radio" name="searchengine" value="msn" <?php if(isset($_POST['msn'])) { echo 'checked'; }?> required>Msn </fieldset> <div class="SubmitsAndHiddens"> <input type="hidden" name="meta_searcher" id="meta_searcher" /> <br> <button type="submit">Search!</button> <br> </div> </form> </body> </html>
  14. Folks, I'm planning on running a public web proxy that would be a publicising service. A publicising tool for the public. So, if you ever want to publicise what you are browsing to any of the following groups then you use my web proxy that would be open to the public. It would not be a private web proxy. GROUPs: * Family * Friends * Work Colleagues * Public (public domain) * Commercial Companies I want to know from you, since I want to run a public proxy that would not be a service that allows you to surf the internet anonymously but it would be a service that is opposite to this (would be a publicising service) then would I attract the bad crowd (bad users) like criminals such as fraudsters, spammers, hackers, virus spreaders (virus uploaders), paedophiles, porn viewers, etc. if I undertake the following measures ? The following are the steps I am taking to ward-off trouble makers. Do you mind checking if they are safe & sound or not ? If I will attract unwanted users or guests, then how to prevent all this from happening ? Criminals (fraudsters, spammers, hackers, virus spreaders (virus uploaders), etc.) usually hunt for proxies that would hide their ID. Since my service would publicise their ID along with what they're browsing then I guess these unwanted guests would run a mile away from my service. Correct ? If not, then give your opinion if you think the following measures are good enough to get them to keep the hell away from my public service or not. Btw, you maybe wondering why any user would want to publicise their internet activities. Well, let's just say 4 groups of people have good reasons to do it. Publicising Groups of People 1. Attention Seekers - These are people who want others to trail them online just like fans trail their celebrities offline on the streets. It makes them feel "good" and they'll only publicise whenever they're in the mood to feel like a celebrity. 2. Group Shoppers - Imagine your sister is getting married and you all siblings need to go high street shopping to find the perfect bride dress for her and each of you need to see what the other is browsing so you all can give your opinions whether that one should get more looked-into or get passed-by without wasting any more time. But unfortunately, you're all living in different parts of the country and/or world. Now, you can go group shopping online through the publicising web proxy. This is where each of you can see which dress and which webpage each of you are viewing. (In this "Family Group" session, the publicising web proxy only publicises your browsed pages to your group only. In this case the group is: Family). 3. Bargain Hunters - Imagine you are searching for a Samsung Galaxy. If you google you'd get 100 pages with 1000 links. The top 10 links might not have what you're searching for or the prices might not be right for you. Now, you don't have time to go visiting a 1000 link. Best you not go to the shops. Best they come to you. That way, you save time. Now, you can go bargain hunting online through the publicising web proxy. This is where you'd type your chosen keywords and your min & max budget and your locality and the publicising web proxy would alert all those websites advertising under your chosen keywords and they'd be given an opportunity to browwse your browsing history and trail you online LIVE from their competition website to website to understand your shopping needds and message you offers. Each competitor would be able to see what the other is offering you in order to start a reverse bidding type of offers for you to get the best price. You'd go to the one who offers you the lowest price. (In this "Bargain Hunting Group" session, the publicising web proxy only publicises your browsed pages to those marketers who got what you want to buy. In this case the group is: Marketers). So you see. There are groups of people who have good reasons to publicise their browsings to certain groups of people. I just gave you 3 examples. But, there are more. Now, let's talk-about what measures to take to draw-off the bad crowd from signing-up to the service. To get my venture up and running, I thought I need to track people what they are viewing and then publicise their browsings to their chosen group. Now, in the past, you tracked what your users are browsing by showing them their chosen pages on the bottom frame and you track them via the top frame on your website like searchengines do. But, nowadays ith php 5, frames & iframes are rendered useless. And so, I find no other way to track a user unless via a web proxy or cache proxy. Yes, I know. I can build my own web browser and track my ussers browsings and I have already done that. But people are ary to download & install unknown or less known brands. But, people are not that fussy when it comes to signing upto a service online such as a social network or web proxy. My web proxy would give users accounts and track their browsings through their account usernames. Yes, I've been suggested to build browser plugins and track via them. But, I'd rather not build plugins for 3rd party popular browsers. And so, if you have any better idea on how to track my peoples internet surfings (other than run a searchengine and track users via that) then let me know. MEASURES TO DETER UNWANTED USERS 1. Not run an SMTP. This is to prevent anyone using my mail server to spam; 2. Publicise the user's IP along with the links he visits to prevent anyone from daring to view illegal sites or upload anything malicious or download anything illegal; 3. Force the user to open an account under a username that matches his domain name and log his username/domain along with the links he visits. Example: Time|IP|Username|KW Searched|Visited Page 02:59pm|143.133.135.138|devshed.com|php 7 books|php-book.com During registration, I would get the php script to prompt the user to submit an email address under his domain name. The email would contain his account activation link. That is how I would make sure that it is Tom Boy who is submitting tom@tomboy.com and not any Tom, Dick & Harry. 4. Added a Banned Words Filter that checks for banned words on a proxied page and prevents loading pages that contain banned words. 5. Add a php function in the proxy script to block file downloads. That should prevent anyone downloading anything related to illegal stuffs. Example, the proxy would replace .mp3, mp4 extensions from links. Change: https://www.devshed.com/download/php.mp4 to: https://www.devshed.com/download/php.*** That way, any link containing a downloadable extension would not be fetched by the proxy. Block downloads altogether. Do you think this tactic would work to prevent downloads ? 6. Add php function(s) in the proxy script to block audio/video streaming. That should prevent anyone downloading or uploading or viewing/playing any files related to illegal stuffs. Block streaming pages altogether. Do you think this tactic would work to prevent anyone watching streaming videos ? 7. Add php function(s) in the proxy script to block uploads. Block uploading altogether. That should prevent anyone uploading any files related to illegal stuffs. Do you think this tactic would work to prevent anyone uploading viruses, send-out spams ? TECHNICAL QUESTIONS Q1. So, what is that php function that blocks downloads ? That should prevent anyone downloading malware/viruses, etc. using my proxy ? Q2. And, what is that php function that blocks audio/video streaming (downloading) ? That should prevent anyone viewing video streams using my proxy ? Q3. And, what is that php function that blocks uploads ? That should prevent anyone uploading malware/viruses, etc. using my proxy. Q4. And, what is that php function that blocks audio/video streaming (uploading) ? That should prevent anyone uploading viruses infected video files, etc. using my proxy. Q5. And, what is that php function that prevents the user's browser from playing any audio/video files on a website ? Eg. Prevent playing youtube vids, vimeo vids, metacafe vids, clickbank vids, etc. ? Q6. And, what is that php function that records bandwidth usage (uploads & downloads and audio/video streaming) ? I might aswell give each account just enough data limit for them to browse text pages but not enough limit to view or listen to audio/video pages (like youtube vid pages). Q7. Any other features to add to prevent anyone abusing my public proxy service ? If so, which php functions should I use to add them ? Thank You!
  15. Folks, I'm planning on running a public web proxy that would be a publicising service. A publicising tool for the public. So, if you ever want to publicise what you are browsing to any of the following groups then you use my web proxy that would be open to the public. It would not be a private web proxy. GROUPs: * Family * Friends * Work Colleagues * Public (public domain) * Commercial Companies I want to know from you, since I want to run a public proxy that would not be a service that allows you to surf the internet anonymously but it would be a service that is opposite to this (would be a publicising service) then would I attract the bad crowd (bad users) like criminals such as fraudsters, spammers, hackers, virus spreaders (virus uploaders), paedophiles, porn viewers, etc. if I undertake the following measures ? The following are the steps I am taking to ward-off trouble makers. Do you mind checking if they are safe & sound or not ? If I will attract unwanted users or guests, then how to prevent all this from happening ? Criminals (fraudsters, spammers, hackers, virus spreaders (virus uploaders), etc.) usually hunt for proxies that would hide their ID. Since my service would publicise their ID along with what they're browsing then I guess these unwanted guests would run a mile away from my service. Correct ? If not, then give your opinion if you think the following measures are good enough to get them to keep the hell away from my public service or not. Btw, you maybe wondering why any user would want to publicise their internet activities. Well, let's just say 4 groups of people have good reasons to do it. Publicising Groups of People 1. Attention Seekers - These are people who want others to trail them online just like fans trail their celebrities offline on the streets. It makes them feel "good" and they'll only publicise whenever they're in the mood to feel like a celebrity. 2. Group Shoppers - Imagine your sister is getting married and you all siblings need to go high street shopping to find the perfect bride dress for her and each of you need to see what the other is browsing so you all can give your opinions whether that one should get more looked-into or get passed-by without wasting any more time. But unfortunately, you're all living in different parts of the country and/or world. Now, you can go group shopping online through the publicising web proxy. This is where each of you can see which dress and which webpage each of you are viewing. (In this "Family Group" session, the publicising web proxy only publicises your browsed pages to your group only. In this case the group is: Family). 3. Bargain Hunters - Imagine you are searching for a Samsung Galaxy. If you google you'd get 100 pages with 1000 links. The top 10 links might not have what you're searching for or the prices might not be right for you. Now, you don't have time to go visiting a 1000 link. Best you not go to the shops. Best they come to you. That way, you save time. Now, you can go bargain hunting online through the publicising web proxy. This is where you'd type your chosen keywords and your min & max budget and your locality and the publicising web proxy would alert all those websites advertising under your chosen keywords and they'd be given an opportunity to browwse your browsing history and trail you online LIVE from their competition website to website to understand your shopping needds and message you offers. Each competitor would be able to see what the other is offering you in order to start a reverse bidding type of offers for you to get the best price. You'd go to the one who offers you the lowest price. (In this "Bargain Hunting Group" session, the publicising web proxy only publicises your browsed pages to those marketers who got what you want to buy. In this case the group is: Marketers). So you see. There are groups of people who have good reasons to publicise their browsings to certain groups of people. I just gave you 3 examples. But, there are more. Now, let's talk-about what measures to take to draw-off the bad crowd from signing-up to the service. To get my venture up and running, I thought I need to track people what they are viewing and then publicise their browsings to their chosen group. Now, in the past, you tracked what your users are browsing by showing them their chosen pages on the bottom frame and you track them via the top frame on your website like searchengines do. But, nowadays ith php 5, frames & iframes are rendered useless. And so, I find no other way to track a user unless via a web proxy or cache proxy. Yes, I know. I can build my own web browser and track my ussers browsings and I have already done that. But people are ary to download & install unknown or less known brands. But, people are not that fussy when it comes to signing upto a service online such as a social network or web proxy. My web proxy would give users accounts and track their browsings through their account usernames. Yes, I've been suggested to build browser plugins and track via them. But, I'd rather not build plugins for 3rd party popular browsers. And so, if you have any better idea on how to track my peoples internet surfings (other than run a searchengine and track users via that) then let me know. MEASURES TO DETER UNWANTED USERS 1. Not run an SMTP. This is to prevent anyone using my mail server to spam; 2. Publicise the user's IP along with the links he visits to prevent anyone from daring to view illegal sites or upload anything malicious or download anything illegal; 3. Force the user to open an account under a username that matches his domain name and log his username/domain along with the links he visits. Example: Time|IP|Username|KW Searched|Visited Page 02:59pm|143.133.135.138|devshed.com|php 7 books|php-book.com During registration, I would get the php script to prompt the user to submit an email address under his domain name. The email would contain his account activation link. That is how I would make sure that it is Tom Boy who is submitting tom@tomboy.com and not any Tom, Dick & Harry. 4. Added a Banned Words Filter that checks for banned words on a proxied page and prevents loading pages that contain banned words. 5. Add a php function in the proxy script to block file downloads. That should prevent anyone downloading anything related to illegal stuffs. Example, the proxy would replace .mp3, mp4 extensions from links. Change: https://www.devshed.com/download/php.mp4 to: https://www.devshed.com/download/php.*** That way, any link containing a downloadable extension would not be fetched by the proxy. Block downloads altogether. Do you think this tactic would work to prevent downloads ? 6. Add php function(s) in the proxy script to block audio/video streaming. That should prevent anyone downloading or uploading or viewing/playing any files related to illegal stuffs. Block streaming pages altogether. Do you think this tactic would work to prevent anyone watching streaming videos ? 7. Add php function(s) in the proxy script to block uploads. Block uploading altogether. That should prevent anyone uploading any files related to illegal stuffs. Do you think this tactic would work to prevent anyone uploading viruses, send-out spams ? TECHNICAL QUESTIONS Q1. So, what is that php function that blocks downloads ? That should prevent anyone downloading malware/viruses, etc. using my proxy ? Q2. And, what is that php function that blocks audio/video streaming (downloading) ? That should prevent anyone viewing video streams using my proxy ? Q3. And, what is that php function that blocks uploads ? That should prevent anyone uploading malware/viruses, etc. using my proxy. Q4. And, what is that php function that blocks audio/video streaming (uploading) ? That should prevent anyone uploading viruses infected video files, etc. using my proxy. Q5. And, what is that php function that prevents the user's browser from playing any audio/video files on a website ? Eg. Prevent playing youtube vids, vimeo vids, metacafe vids, clickbank vids, etc. ? Q6. And, what is that php function that records bandwidth usage (uploads & downloads and audio/video streaming) ? I might aswell give each account just enough data limit for them to browse text pages but not enough limit to view or listen to audio/video pages (like youtube vid pages). Q7. Any other features to add to prevent anyone abusing my public proxy service ? If so, which php functions should I use to add them ?
  16. As for the risks involved with running a web proxy server, I can think of the following at the top of my head. I'd appreciate it if you can add your own risk possibilities and grow the list.* Too many users simultaneously using the service - (slowing down your proxy server)* Illegal Sites Browsing - (getting your proxy server IP in trouble with the law)* Viewing Streaming videos - (slowing down your proxy server and draining the bandwidth and causing trouble for other users such as timeouts)* Bulk Downloads (videos, music files) - (slowing down your proxy server and draining the bandwidth and causing trouble for other users such as timeouts)* Bulk Uploads (videos, music files) - (uploading virus & distributing it, slowing down your proxy server and draining the bandwidth and causing trouble for other users such as timeouts)* DOS Attack - (getting your proxy server IP in trouble with the laws)* Pirate Software Downloads - (getting your proxy server IP in trouble)But, I don't think I would have any of the following risks by running a web proxy unless I run a Socks Proxy, right ?* Spamming via your SMTP (unless, I run a webmail)* Torrenting (Mas Seeding)* Spreading Virus & Malware (unless, I allow uploading to my site/server)What do you say ?Anyway, do you know what kind of hacking risks there are by running a web proxy (if there are any risks, that is) ?
  17. Folks, You know I have been googling to learn the risks of running your own open public proxy but no luck in finding any link that spells-out all the risks involved. Do you know of any good link ? Gonna use Mini Proxy gpl script. I want to run a web proxy like anonymouse.org. Been reading: https://www.godaddy.com/garage/how-to-set-up-an-https-proxy-server/ The following questions are regarding running my own web proxy. Q1. What must I look-out for when running my own web proxy ? Q2. Is it necessary to host your web proxy on httpS (SSL) ? Q3. Is it necessary to buy a httpS (SSL) certificate for my domain or website ? Q4. What resources must I get from my webhost as a minimum ? I was told to get the following: * An Apache server with at least PHP 5 installed, along with cURL support. * Write access to public_html. * The ability to set up a proxy. Is there anything else you'd like to add in that list that I must get as a minimum from my webhost to run my own open public web proxy ? Q5. Anything I should know ? Thank You
  18. I'm not good enough in php to build one by referring to their docs. Best I can do is look over your's and learn from that. Mind you, if I have any questions then I'm opening threads in your forum.
  19. Does Stef agree to this ? May I see a sample code on how to use the sha-256 ? Take my code and work on that to demo your suggestion. Thank You!
  20. I did not understand others' hints that you do not concatenate inside dbl quotes but sngl quotes only. Thank You! Solved.
  21. It is like this: $body = "$first_name." ".$surname ?>, The dbl quote prior to $first_name represents the opening dbl quote for the variable $body. The 2 dbl quotes in between $first_name. .$surname represent a space. (Space inbetween $first & $surname). So, $firstname, concatenator, 2 dbl quotes representing the space, concatenator, $surname. The closing dbl quote for the $body variable is right after the closing html tag (few lines below the $body variable). I hope that is clear. Therefore, I do not see any errors on this line: $body = "$first_name." ".$surname ?>, According to the error, one of these dbl quotes should not exist. It does not say which one but I'm guessing php is picking on the first one ALL for nothing.
  22. Folks, Do you spot any logical errors in my script ? I have not given the full script but the SendMail part where I am encountering problem. I get error: Parse error: syntax error, unexpected '"' in /home/...... on line 155. Line 155 is the line before the <html> tag. That line shows this: $body = "$first_name." ".$surname ?>, Look at the 5th line from the following code. That is where the error occurs: [php] $account_name = "$username"; //Step 3C. Email user their account activation link for them to click to confirm their Email Address and activate their new Account. $to = "$primary_website_email"; $subject = "Your Following Browser account activation details!"; $body = "$first_name." ".$surname ?>, <html> <head> <title>Activation Link</title> </head> <body> Thank you for joining us!<br> You need to click on the following link <a href="<?php .$account_activation_link.">$account_activation_link?></a> to activate your account. </body> </html>"; <?php $headers = "From: $site_admin_email"; //More headers //Always set content-type when sending HTML email $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-9" . "\r\n"; if (!mail($to,$subject,$body,$headers)) { //Alert user System Error. System unable to email the Account Activation Link. echo "Sorry! We have failed to email you your account activation details. Please contact the website administrator!"; exit(); } else { //Alert user System Success. System was able to email the Account Activation Link. echo "<h3 style='text-align:center'>Thank you for your registration!</h3><br>"; echo "Now, check your email \"$primary_website_email\" for details on how to activate your new account \"$account_name\" which you just registered."; exit(); } [/php]
  23. I want to know if BigInt is enough in size. I have created a registration.php where the user gets emailed an account activation link to click to verify his email so his account gets activated. Account Activation Link is in this format: $account_activation_link = "http://www.".$site_domain."/".$social_network_name."/activate_account.php?primary_website_email=".$primary_website_email."&account_activation_code=".$account_activation_code.""; Account Activation Code is in this format: $account_activation_code = sha1( (string) mt_rand(5, 30)); //Type Casted the INT to STRING on the 1st parameter of sha1 as it needs to be a STRING. Now, the following link got emailed: http://www.myssite.com/folder/activate_account.php?primary_website_email=my.email@gmail.com&account_activation_code=22d200f8670dbdb3e253a90eee5098477c95c23d Note the account activation code that got generated by sha1: 22d200f8670dbdb3e253a90eee5098477c95c23d But in my mysql db, in the "account_activation_code" column, I only see: "22". The rest of the activation code is missing. Why is that ? The column is set to BigInt. Is not that enough to house the Sha1 generated code ? What is your suggestion ? I changed mysql column type to VARCHAR(40) and then VARCHAR(160) and even to BINARY(40) but no luck. The sha1 generates the account activation code to 40 digits in the account activation link that gets emailed to the user but the account_activation_code mysql column does not hold that 40 digit value. Only holds the first 2 or 3 digits. What is wrong ? Using php 5. Here is the full script registration.php. And the account_activation.php registration.php. <?php /* ERROR HANDLING */ declare(strict_types=1); ini_set('display_errors', '1'); ini_set('display_startup_errors', '1'); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); include 'config.php'; //Step 1: Check if User is already logged-in or not. If logged-in then do not register a 2nd account. if (is_logged() === true) { die("You are already logged-in to your account! No need to register again for another account! Only one account per user."); } //Perform following actions after REGISTER button is clicked. if ($_SERVER['REQUEST_METHOD'] == "POST") { //Step 2: Check user submitted details. //2A. Check whether user made all the required inputs or not. if (isset($_POST['agree_to_tos']) && isset($_POST["username"]) && isset($_POST["password"]) && isset($_POST["password_confirmation"]) && isset($_POST["primary_website_domain"]) && isset($_POST["primary_website_email_account"]) && isset($_POST["primary_website_email_account_confirmation"]) && isset($_POST["primary_website_email_domain"]) && isset($_POST["primary_website_email_domain_confirmation"]) && isset($_POST["first_name"]) && isset($_POST["middle_name"]) && isset($_POST["surname"]) && isset($_POST["gender"]) && isset($_POST["working_status"])) { //2B. Create variables based on user inputs. $agree_to_tos = trim($_POST['agree_to_tos']); $username = trim($_POST["username"]); $password = $_POST["password"]; $password_confirmation = $_POST["password_confirmation"]; $primary_website_domain = trim($_POST["primary_website_domain"]); $primary_website_email_account = trim($_POST["primary_website_email_account"]); $primary_website_email_account_confirmation = trim($_POST["primary_website_email_account_confirmation"]); $primary_website_email_domain = trim($_POST["primary_website_email_domain"]); $primary_website_email_domain_confirmation = trim($_POST["primary_website_email_domain_confirmation"]); //Combine Primary Website Email Account and Primary Website Email Domain to form Primary Email. $primary_website_email = "$primary_website_email_account"."@"."$primary_website_email_domain"; $first_name = trim($_POST["first_name"]); $middle_name = trim($_POST["middle_name"]); $surname = trim($_POST["surname"]); $gender = $_POST["gender"]; $working_status = $_POST["working_status"]; $account_activation_code = sha1( (string) mt_rand(5, 30)); //Type Casted the INT to STRING on the 1st parameter of sha1 as it needs to be a STRING. $account_activation_link = "http://www.".$site_domain."/".$social_network_name."/activate_account.php?primary_website_email=".$primary_website_email."&account_activation_code=".$account_activation_code.""; $account_activation_status = 0; // 1 = Active or Account Activated; 0 = Active or Pending Registration. $hashed_password = password_hash($password, PASSWORD_DEFAULT); //Encrypt the password. //2C. Check whether user inputs valid or not. // Check if inputted Username is between the required 8 to 30 characters long or not. if ($agree_to_tos != 'yes') { echo "You must agree to our Terms & Conditions!<br>"; echo "Click the BACK button on your browser and try again!"; exit(); } elseif (strlen($username) < 8 || strlen($username) > 30) { echo "Username must be between 8 to 30 characters long!<br>"; echo "Click the BACK button on your browser and try again!"; exit(); // Check if Password is between 8 to 30 characters long or not. } elseif (strlen($password) < 8 || strlen($password) > 30) { echo "Password must be between 8 to 30 characters long!<br>"; echo "Click the BACK button on your browser and try again!"; exit(); // Check if inputed Email is valid or not. } elseif (!filter_var($primary_website_email, FILTER_VALIDATE_EMAIL)) { echo "Invalid Email! Insert your real Email in order for us to email you your account activation details.<br>"; echo "Click the BACK button on your browser and try again!"; exit(); // Check if both inputted Passwords match or not. } elseif ($password != $password_confirmation) { echo "Your inputted Passwords don't match<br>"; echo "Click the BACK button on your browser and try again!"; exit(); // Check if both inputted Email Account match or not. } elseif ($primary_website_email_account != $primary_website_email_account_confirmation) { echo "Your inputted Email Accounts don't match!<br>"; echo "Click the BACK button on your browser and try again!"; exit(); // Check if both inputted Email Domain match or not. } elseif ($primary_website_email_domain != $primary_website_email_domain_confirmation) { echo "Your inputted Email Domains don't match!<br>"; echo "Click the BACK button on your browser and try again!"; exit(); // Check if both inputted Primary Website Email and Primary Website Domain match or not. } elseif ($primary_website_email_domain != $primary_website_domain) { echo "Your Primary Website Domain ($primary_website_domain) and Primary Website Email's Domain (@$primary_website_email_domain) don't match!<br>"; echo "NOTE: Your inputted Email Address must belong to your Primary Website Domain \"$primary_website_domain\".<br>"; echo "Click the BACK button on your browser and try again!<br>"; exit(); } else { //2D. Check user inputs against DB. //Select Username, Primary Domain and Primary Domain Email to check against Mysql DB if they are already registered or not. $stmt = mysqli_prepare($conn, "SELECT username, primary_website_domain, primary_website_email FROM users WHERE username = ? OR primary_website_domain = ? OR primary_website_email = ?"); mysqli_stmt_bind_param($stmt, 'sss', $username, $primary_website_domain, $primary_website_email); mysqli_stmt_execute($stmt); $result = mysqli_stmt_bind_result($stmt, $db_username, $db_primary_website_domain, $db_primary_website_email); //$row = mysqli_fetch_array($result, MYSQLI_ASSOC); // Use this line or next ? $row = mysqli_stmt_fetch($stmt); //Use this line or previous ? // Check if inputted Primary Website Domain Name is already registered or not. if ($row['primary_website_domain'] == $primary_website_domain) { echo "That domain name $primary_website_domain is already registered.<br>"; exit(); //Check if inputted Username is already registered or not. } elseif ($row['username'] == $username) { echo "That username $username is already registered!<br>"; echo "Click the BACK button on your browser and try again!"; exit(); // Check if inputted Email is already registered or not. } elseif ($row['primary_website_email'] == $primary_website_email) { echo "That email $primary_website_email is already registered.<br>"; exit(); } else { //Step 3: Insert user's inputs into DB. //Step 3A. Insert user's inputs into DB using php's sql injection prevention method "Prepared Statements". $stmt = mysqli_prepare($conn, "INSERT INTO users(username, password, primary_website_domain, primary_website_email, first_name, middle_name, surname, gender, working_status, account_activation_status, account_activation_code) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); mysqli_stmt_bind_param($stmt, 'ssssssssssi', $username, $hashed_password, $primary_website_domain, $primary_website_email, $first_name, $middle_name, $surname, $gender, $working_status, $account_activation_status, $account_activation_code); mysqli_stmt_execute($stmt); //Step 3B. Check whether user's registration data was successfully submitted or not. if (!$stmt) { echo "Sorry! Our system is currently experiencing a problem registering your account! You may try registering some other time."; exit(); } else { $account_name = "$username"; //Step 3C. Email user their account activation link for them to click to confirm their Email Address and activate their new Account. $headers = "From: " . $site_admin_email . "\r\n"; //More headers //Always set content-type when sending HTML email $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-9" . "\r\n"; $to = "$primary_website_email"; $subject = "Your SN account activation details!"; $body = "".$first_name." ".$surname.", <html> <head> <title>Activation Link</title> </head> <body> You need to click on the following link <a href=".$account_activation_link.">.$account_activation_link.</a> to activate your account. </body> </html>"; if (!mail($to,$subject,$body,$headers)) { //Alert user System Error. System unable to email the Account Activation Link. echo "Sorry! We have failed to email you your account activation details. Please contact the website administrator!"; exit(); } else { //Alert user System Success. System was able to email the Account Activation Link. echo "<h3 style='text-align:center'>Thank you for your registration!</h3><br>"; echo "Now, check your email \"$primary_website_email\" for details on how to activate your new account \"$account_name\" which you just registered."; exit(); } } } } } } ?> <!DOCTYPE html> <html> <head> <title><?php $social_network_name ?> Signup Page</title> </head> <body> <div class ="container"> <?php // Error Messages. if (isset($_SESSION['error']) && !empty($_SESSION['error'])) { echo '<p style="color:red;">'.$_SESSION['error'].'</p>'; } ?> <?php //Session Messages. if (isset($_SESSION['message']) && !empty($_SESSION['message'])) { echo '<p style="color:red;">'.$_SESSION['error'].'</p>'; } ?> <?php //Clear Registration Session. function clear_registration_session() { //Clear the User Form inputs, Session Messages and Session Errors so they can no longer be used. unset($_SESSION['message']); unset($_SESSION['error']); unset($_POST); exit(); } ?> <p align="left"><font color="red" size="3"><b>Already have an account ? </b><a href="login.php">Login here!</a></font></p> <form method="post" action=""> <p align="left"><h2>Signup Form</h2></p> <fieldset> <div class="form-group"> <p align="left"><label>* Username:</label> <input type="text" placeholder="Enter a unique Username" name="username" required [A-Za-z0-9] value="<?php if(isset($_POST['username'])) { echo htmlentities($_POST['username']); }?>"></p> </div> <div class="form-group"> <p align="left"><label>* Password:</label> <input type="password" placeholder="Enter a new Password" name="password" required [A-Za-z0-9]></p> </div> <div class="form-group"> <p align="left"><label>* Repeat Password:</label> <input type="password" placeholder="Repeat a new Password" name="password_confirmation" required [A-Za-z0-9]></p> </div> <div class="form-group"> <p align="left"><label>* Primary Website Domain:</label> <input type="primary_domain" placeholder="Enter your Primary Website Domain" name="primary_website_domain" required [A-Za-z0-9] value="<?php if(isset($_POST['primary_website_domain'])) { echo htmlentities($_POST['primary_website_domain']); }?>"> <font color="red" size="1"><b> Don't have a Domain ? </b><a href="domain_register.php">Register one here!</a></font></p> </div> <div class="form-group"> <p align="left"><label>* Email Account:</label> <input type="text" placeholder="Enter your Email Account name (first part before @)" name="primary_website_email_account" required [A-Za-z0-9] value="<?php if(isset($_POST['primary_website_email_account'])) { echo htmlentities($_POST['primary_website_email_account']); }?>"></p> </div> <div class="form-group"> <p align="left"><label>* Repeat Email Account:</label> <input type="text" placeholder="Repeat your Email Account name (first part before @)" name="primary_website_email_account_confirmation" required [A-Za-z0-9] value="<?php if(isset($_POST['primary_website_email_account_confirmation'])) { echo htmlentities($_POST['primary_website_email_account_confirmation']); }?>"></p> </div> <div class="form-group"> <p align="left"><label>* Email Address Domain:</label> <input type="text" placeholder="Enter your Email Account Domain (last part after @)" name="primary_website_email_domain" required [A-Za-z0-9] value="<?php if(isset($_POST['primary_website_email_domain'])) { echo htmlentities($_POST['primary_website_email_domain']); }?>"></p> </div> <div class="form-group"> <p align="left"><label>* Repeat Email Address Domain:</label> <input type="text" placeholder="Repeat your Email Account Domain (last part after @)" name="primary_website_email_domain_confirmation" required [A-Za-z0-9] value="<?php if(isset($_POST['primary_website_email_domain_confirmation'])) { echo htmlentities($_POST['primary_website_email_domain_confirmation']); }?>"></p> </div> <div class="form-group"> <p align="left"><label>* First Name:</label> <input type="text" placeholder="Enter your First Name" name="first_name" required [A-Za-z] value="<?php if(isset($_POST['first_name'])) { echo htmlentities($_POST['first_name']); }?>"></p> </div> <div class="form-group"> <p align="left"><label>Middle Name:</label> <input type="text" placeholder="Enter your Middle Name" name="middle_name" required [A-Za-z] value="<?php if(isset($_POST['middle_name'])) { echo htmlentities($_POST['middle_name']); }?>"></p> </div> <div class="form-group"> <p align="left"><label>* Surname:</label> <input type="text" placeholder="Enter your Surname" name="surname" required [A-Za-z] value="<?php if(isset($_POST['surname'])) { echo htmlentities($_POST['surname']); }?>"></p> </div> <div class="form-group"> <p align="left"><label>* Gender:</label> <input type="radio" name="gender" value="Male" <?php if(isset($_POST['gender'])) { echo 'checked'; }?> required>Male<input type="radio" name="gender" value="Female" <?php if(isset($_POST['gender'])) { echo 'checked'; }?> required>Female</p> </div> <div class="form-group"> <p align="left"><label>* Working Status:</label> <input type="radio" name="working_status" value="Selfemployed" <?php if(isset($_POST['working_status'])) { echo 'checked'; }?> required>Selfemployed<input type="radio" name="working_status" value="Employed" <?php if(isset($_POST['working_status'])) { echo 'checked'; }?> required>Employed<input type="radio" name="working_status" value="Unemployed" <?php if(isset($_POST['working_status'])) { echo 'checked'; }?> required>Unemployed</p> </div> <div class="form-group"> <p align="left"><label>* Agree to Terms & Conditions ?:</label> <input type="radio" name="agree_to_tos" value="yes" <?php if(isset($_POST['tos'])) { echo 'checked'; }?> required>Yes <input type="radio" name="agree_to_tos" value="no" <?php if(isset($_POST['tos'])) { echo 'checked'; }?> required>No </div> </fieldset> <p align="left"><button type="submit" class="btn btn-default" name="submit">Register!</button></p> </form> <p align="left"><font color="red" size="3"><b>Already have an account ? </b><a href="login.php">Login here!</a></font></p> </body> </html> activate_account.php <?php /* ERROR HANDLING */ declare(strict_types=1); ini_set('display_errors', '1'); ini_set('display_startup_errors', '1'); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); include 'config.php'; //Step 1: Check whether URL is in the GET Method or not. //Perform following actions if Url is not in the GET Method and does not contain user Email and Account Activation Code. if (!isset($_GET["primary_website_email"], $_GET["account_activation_code"]) === TRUE) { $primary_website_email = htmlspecialchars($_GET['primary_website_email']); $account_activation_code = htmlspecialchars($_GET['account_activation_code']); //Give user alert the Account Activation Link is Invalid. echo "Invalid Account Activation Link! Try registering for an account if you do not already have one! <a href=\"http://myssite.com/sn/register.php\">Register here!</a>"; exit(); } else { //Step 2: Check user submitted details. //2A. Check user inputs against DB. //Select Username, Primary Domain and Primary Domain Email to check against DB if they are pending registration or not. $stmt = mysqli_prepare($conn, "SELECT username, account_activation_status FROM users WHERE primary_website_email = ? AND account_activation_code = ?"); mysqli_stmt_bind_param($stmt, 'si', $_GET["primary_website_email"], $_GET["account_activation_code"]); mysqli_stmt_bind_result($stmt, $username, $account_activation_status); //Perform following if Account Activation Link was valid (Correctly had the registered email and Account Activation Code associated with it). if (mysqli_stmt_execute($stmt) && mysqli_stmt_fetch($stmt)) { //Perform following if Account Activation Status is not on "0" (Account Activation Pending) on DB. if ($account_activation_status != 0) { //Give user alert Account already activated. echo "Since your account is already activated, why are you trying to activate it again ? Do not do that again and just login from <a href=\"login.php\">this webpage</a> next time! Make a note of that webpage, ok ?"; exit; } else { //Set Account Activation Status to 1 (1 = "Account Activated" and 0 = "Activation Pending") on DB. $account_activation_status = 1; $stmt = mysqli_prepare($conn, "UPDATE users SET account_activation_status = ? WHERE username = ?"); mysqli_stmt_bind_param($stmt, 'is', $account_activation_status, $username); if (mysqli_stmt_execute($stmt)) { //Give user alert Account has now been activated. echo "<h3 style='text-align:center'>Thank you for confirming your email \"$primary_website_email\" and activating your account $username.<br /> Redirecting you to the login page ...</h3>"; exit; } } } else { //Perform following if Primary Website Email and/or Account Activation Code is not Pending Registration. $primary_website_email = htmlspecialchars($_GET['primary_website_email']); $account_activation_code = htmlspecialchars($_GET['account_activation_code']); //Give user alert the Email Address and/or the Account Activation Code in the Account Activation Link is Invalid or the Account Activation Link is out of date (Email no longer registered). echo "Either this Email Address $primary_website_email was not pending registration with this Account Activation Code $account_activation_code or one or both of them are invalid! Or, the Account Activation Link is out of date (Email no longer registered) Try registering an account if you have not already done so! <a href=\"http://myssite.com/sn/register.php\">Register here!</a>"; exit; } }
  24. I put echoes on both IFs & ELSEs and so atleast one of them should echo.
  25. Php Gurus, I built a registration.php but I know not why I see a blank page after clicking "Register" button. Ignore the <center> tag for the time being. Will replace that with <p align> tag. I put echoes on conditions to see which part of the conditions get triggered. But the echoes don't occur. And, out of the following 2, which one suits my context ? $row = mysqli_fetch_array($result, MYSQLI_ASSOC); // Use this line or next ? $row = mysqli_stmt_fetch($stmt); //Use this line or previous ? registration.php <?php /* ERROR HANDLING */ declare(strict_types=1); ini_set('display_errors', '1'); ini_set('display_startup_errors', '1'); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); include 'config.php'; //Step 1: Before registering User account, check if User is already registered or not. //Check if User is already logged-in or not. if (is_logged() === true) { die("You are already logged-in! No need to register again!"); } if ($_SERVER['REQUEST_METHOD'] == "POST") { //Step 2: Check User Submitted Details. //Check if user made all the required inputs or not. if (isset($_POST["username"]) && isset($_POST["password"]) && isset($_POST["password_confirmation"]) && isset($_POST["email"]) && isset($_POST["email_confirmation"]) && isset($_POST["first_name"]) && isset($_POST["surname"]) && isset($_POST["gender"])) { //Step 3: Check User details for matches against database. If no matches then validate inputs and register User account. //Create variables based on user inputs. $username = trim($_POST["username"]); $password = $_POST["password"]; $password_confirmation = $_POST["password_confirmation"]; $email = trim($_POST["email"]); $email_confirmation = trim($_POST["email_confirmation"]); $first_name = trim($_POST["first_name"]); $surname = trim($_POST["surname"]); $gender = $_POST["gender"]; $account_activation_code = sha1( (string) mt_rand(5, 30)); //Type Casted the INT to STRING on the 1st parameter of sha1 as it needs to be a STRING. $account_activation_link = "http://www.".$site_domain."/".$social_network_name."/activate_account.php? email=".$_POST['email']."&account_activation_code=".$account_activation_code.""; $account_activation_status = 0; // 1 = active; 0 = not active. $hashed_password = password_hash($password, PASSWORD_DEFAULT); //Encrypt the password. //Select Username and Email to check against Mysql DB if they are already registered or not. $stmt = mysqli_prepare($conn, "SELECT usernames, emails FROM users WHERE usernames = ? OR emails = ?"); mysqli_stmt_bind_param($stmt, 'ss', $username, $email); mysqli_stmt_execute($stmt); $result = mysqli_stmt_bind_result($stmt, $db_username, $db_email); //$row = mysqli_fetch_array($result, MYSQLI_ASSOC); // Use this line or next ? $row = mysqli_stmt_fetch($stmt); //Use this line or previous ? // Check if inputted Username is already registered or not. if ($row['usernames'] == $username) { $_SESSION['error'] = "That username is already registered."; exit(); // Check if inputted Username is between the required 8 to 30 characters long or not. } elseif (strlen($username) < 8 || strlen($username) > 30) { $_SESSION['error'] = "Username must be between 8 to 30 characters long!"; exit(); // Check if both inputted Emails match or not. } elseif ($email != $email_confirmation) { $_SESSION['error'] = "Emails don't match!"; exit(); // Check if inputed Email is valid or not. } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $_SESSION['error'] = "Invalid email! Insert your real Email in order for us to email you your account activation details."; exit(); // Check if inputted Email is already registered or not. } elseif ($row['emails'] == $email) { $_SESSION['error'] = "That email is already registered."; exit(); // Check if both inputted Passwords match or not. } elseif ($password != $password_confirmation) { $_SESSION['error'] = "Passwords don't match."; exit(); // Check if Password is between 8 to 30 characters long or not. } elseif (strlen($password) < 8 || strlen($password) > 30) { $_SESSION['error'] = "Password must be between 6 to 30 characters long!"; exit(); echo "line 88"; } else { //Insert the user's inputs into Mysql database using php's sql injection prevention method "Prepared Statements". $stmt = mysqli_prepare($conn, "INSERT INTO users(usernames, passwords, emails, first_names, surnames, genders, accounts_activations_codes, accounts_activations_statuses) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"); mysqli_stmt_bind_param($stmt, 'sssssssi', $username, $hashed_password, $email, $first_name, $surname, $gender, $account_activation_code, $account_activation_status); mysqli_stmt_execute($stmt); echo "line 96"; //Check if user's registration data was successfully submitted or not. if (!$stmt) { $_SESSION['error'] = "Sorry! Our system is currently experiencing a problem registering your account! You may try registering some other time."; echo "line 102"; exit(); } else { echo "line 107"; //Email the account activation link for user to click it to confirm their email and activate their new account. $to = $email; $subject = "Your ".$site_name." account activation details!"; $body = nl2br(" ===============================\r\n ".$site_name." \r\n ===============================\r\n From: ".$site_admin_email."\r\n To: ".$email."\r\n Subject: Yours ".$subject." \r\n Message: ".$first_name." ".$surname."\r\n You need to click on this following <a href=".$account_activation_link.">link</a> to activate your account. \r\n"); $headers = "From: " . $site_admin_email . "\r\n"; if (!mail($to,$subject,$body,$headers)) { $_SESSION['error'] = "Sorry! We have failed to email you your account activation details. Please contact the website administrator!"; exit(); } else { echo "<h3 style='text-align:center'>Thank you for your registration!<br /> Check your email for details on how to activate your account which you just registered.</h3>"; exit(); } } } } } ?> <!DOCTYPE html> <html> <head> <title><?php $social_network_name ?> Signup Page</title> </head> <body> <div class ="container"> <?php // Error Messages. if (isset($_SESSION['error']) && !empty($_SESSION['error'])) { echo '<p style="color:red;">'.$_SESSION['error'].'</p>'; } ?> <?php //Session Messages. if (isset($_SESSION['message']) && !empty($_SESSION['message'])) { echo '<p style="color:red;">'.$_SESSION['error'].'</p>'; } ?> <?php //Clear Registration Session. function clear_registration_session() { //Clear the User Form inputs, Session Messages and Session Errors so they can no longer be used. unset($_SESSION['message']); unset($_SESSION['error']); unset($_POST); exit(); } ?> <form method="post" action=""> <center><h2>Signup Form</h2></center> <div class="form-group"> <center><label>Username:</label> <input type="text" placeholder="Enter a unique Username" name="username" required [A-Za-z0-9] value="<?php if(isset($_POST['username'])) { echo htmlentities($_POST['username']); }?>"> </center> </div> <div class="form-group"> <center><label>Password:</label> <input type="password" placeholder="Enter a new Password" name="password" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>Repeat Password:</label> <input type="password" placeholder="Repeat a new Password" name="password_confirmation" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>Email:</label> <input type="email" placeholder="Enter your Email" name="email" required [A-Za-z0-9] value="<?php if(isset($_POST['email'])) { echo htmlentities($_POST['email']); }?>"></center> </div> <div class="form-group"> <center><label>Repeat Email:</label> <input type="email" placeholder="Repeat your Email" name="email_confirmation" required [A-Za-z0-9] value="<?php if(isset($_POST['email_confirmation'])) { echo htmlentities($_POST['email_confirmation']); }?>"></center> </div> <div class="form-group"> <center><label>First Name:</label> <input type="text" placeholder="Enter your First Name" name="first_name" required [A-Za-z] value="<?php if(isset($_POST['first_name'])) { echo htmlentities($_POST['first_name']); }?>"></center> </div> <div class="form-group"> <center><label>Surname:</label> <input type="text" placeholder="Enter your Surname" name="surname" required [A-Za-z] value="<?php if(isset($_POST['surname'])) { echo htmlentities($_POST['surname']); }?>"></center> </div> <div class="form-group"> <center><label>Gender:</label> <input type="radio" name="gender" value="male" <?php if(isset($_POST['gender'])) { echo 'checked'; }?> required>Male<input type="radio" name="gender" value="female" <?php if(isset($_POST['gender'])) { echo 'checked'; }?> required>Female</center> </div> <center><button type="submit" class="btn btn-default" name="submit">Register!</button></center> <center><font color="red" size="3"><b>Already have an account ?</b><br> <a href="login.php">Login here!</a></font></center> </form> </div> </body> </html>
×
×
  • Create New...