Programming C, C++, Java, PHP, Ruby, Turing, VB
Computer Science Canada 
Programming C, C++, Java, PHP, Ruby, Turing, VB  

Username:   Password: 
 RegisterRegister   
 Using php to generate an image
Index -> Web Design
Goto page Previous  1, 2, 3, 4  Next
View previous topic Printable versionDownload TopicSubscribe to this topicPrivate MessagesRefresh page View next topic
Author Message
Sur_real




PostPosted: Thu Feb 24, 2011 9:25 am   Post subject: RE:Using php to generate an image

To prevent SQL injections, for every query use mysql_real_escape_string().

As for the problem with line 41, look at your curly brackets Wink
Sponsor
Sponsor
Sponsor
sponsor
2goto1




PostPosted: Thu Feb 24, 2011 10:47 am   Post subject: RE:Using php to generate an image

Another option to handle SQL injection attacks is to parameterize all of your queries. This approach works with all popular database platforms. To do so with PHP, see http://stackoverflow.com/questions/60174/best-way-to-stop-sql-injection-in-php
ProgrammingFun




PostPosted: Thu Feb 24, 2011 6:50 pm   Post subject: RE:Using php to generate an image

Thanks for all the help! I am now in the final stages of the development. This poll is going to be used as a school-wide election.
Please check it out at http://test.victoriaparkci.com/poll4/ (you are free to vote) and tell me what you think!
My leader has some oppositions, please tell me if you agree with her or with my response.

She says that results and voting should be on completely separate pages and that the user should go between them...but I point out that that is not user-friendly and tedious, and no professional poll does that.

She says that the list should be ordered from most to least polls...I say that this will destroy a common order and will make it more confusing and biased.

Please tell me what you think!
Sur_real




PostPosted: Thu Feb 24, 2011 7:31 pm   Post subject: RE:Using php to generate an image

First of all, I think the song choices should be in alphabetical order. Also, you're right, the result should not be in descending order but in the order on the voting page.

Secondly, I don't know how professional (read: accurate) you want it to be but it seems like anyone can vote any number of times. This also brings up the issue of botting...while this isn't a website like google or etc so the chances of botting are low, you still might want to look into how you are getting votes (from the .php you posted eariler, it uses GET, maybe you want to change that to POST) just in case.
Tony




PostPosted: Thu Feb 24, 2011 7:31 pm   Post subject: Re: RE:Using php to generate an image

ProgrammingFun @ Thu Feb 24, 2011 6:50 pm wrote:
tell me what you think

I'm never gonna give you up.
Latest from compsci.ca/blog: Tony's programming blog. DWITE - a programming contest.
Tony




PostPosted: Thu Feb 24, 2011 7:33 pm   Post subject: Re: RE:Using php to generate an image

Sur_real @ Thu Feb 24, 2011 7:31 pm wrote:
it uses GET, maybe you want to change that to POST) just in case.

So then I'll just change my Rick.rb script to make a POST request instead of GET Wink
Latest from compsci.ca/blog: Tony's programming blog. DWITE - a programming contest.
ProgrammingFun




PostPosted: Thu Feb 24, 2011 7:35 pm   Post subject: RE:Using php to generate an image

My leader wanted it to be bot-able...in other words, she wanted users to be able to vote multiple times...I was thinking of limiting how many votes can be submitted per IP address for a time period but then gave it up...

@Tony: What do you mean? Is there another security bug?
Sur_real




PostPosted: Thu Feb 24, 2011 7:36 pm   Post subject: RE:Using php to generate an image

sigh, so you're the one voting for rick LOL
ProgrammingFun




PostPosted: Thu Feb 24, 2011 7:38 pm   Post subject: Re: RE:Using php to generate an image

Is there any way to limit an IP address to vote for a certain song only once?

@Tony: Would you mind sending me the script? I could use it myself Mr. Green Smile Very Happy
Sur_real




PostPosted: Thu Feb 24, 2011 7:40 pm   Post subject: RE:Using php to generate an image

You could try getting the IP of people who voted and put it in a SQL table.
ProgrammingFun




PostPosted: Thu Feb 24, 2011 7:48 pm   Post subject: RE:Using php to generate an image

But then how would I re-allow that IP after the time limit has passed?
Actually, this may not be a good idea because that might just block my school's IP for some time and that is where most people will access it from...What should I do?
Tony




PostPosted: Thu Feb 24, 2011 7:49 pm   Post subject: RE:Using php to generate an image

code:

while(true) {
   send_request // so simple GET request of a page
   sleep(some_time) // self-throttling is generally a good idea
}
Latest from compsci.ca/blog: Tony's programming blog. DWITE - a programming contest.
Sur_real




PostPosted: Thu Feb 24, 2011 7:52 pm   Post subject: RE:Using php to generate an image

Hmmm...I guess you can also have a timestamp at the time they voted. So next time they vote, you check with the timestamp to allow/disallow and if allow, change timestamp to current again.
ProgrammingFun




PostPosted: Thu Feb 24, 2011 7:54 pm   Post subject: RE:Using php to generate an image

Do you think that I should just remove the voting option from the results page? That way, you script will have to return to the other page to vote each time...
Tony




PostPosted: Thu Feb 24, 2011 7:55 pm   Post subject: RE:Using php to generate an image

Nope, I never hit the results page. Or the form page. Sending requests directly to http://test.victoriaparkci.com/poll4/process.php?song[]=26&vote=Vote
Latest from compsci.ca/blog: Tony's programming blog. DWITE - a programming contest.
Display posts from previous:   
   Index -> Web Design
View previous topic Tell A FriendPrintable versionDownload TopicSubscribe to this topicPrivate MessagesRefresh page View next topic

Page 2 of 4  [ 49 Posts ]
Goto page Previous  1, 2, 3, 4  Next
Jump to:   


Style:  
Search: