|
Server Help Community forums for Subgame, ASSS, and bots
|
Author |
Message |
BDwinsAlt Agurus's Posse
Age:33 Gender: Joined: Jun 16 2003 Posts: 1145 Location: Alabama Offline
|
Posted: Sun Oct 01, 2006 5:14 pm Post subject: PHP/SQL: Partial data :S |
|
|
|
|
echo htmlentities($row['name']);
PROBLEM SOLVED.
Ok this dude is named E><istance, but when i try and get the name to print from the database it only prints as "E>" and stops the names after it from printing, how can I make it come out right?
I delete him from the db and I get all the names:
2 Dope, 50 Cent_, 5ex, 6od, A Black Hole, Afroman, Air China+, Akai, Anchor man, Andrute, anthonysandifer, BDwinsAlt, Blaine, bodlet, bologna_89, bone thug, BOOOOOOOOOOM IMDEAD, brizz, Budweis0r, Bungie, c-unit,andrew, c-unit,yellow, C-word, CapnCK+, Captivelemon, cheses king 1, Choc Ice, Classical, courie, Cp!, Credit$, Crunk$, D O N T Cry, D( )|_|_/-\$, D4vETh3M4n, Dango., DareSound, Darkness^^Falls, Darth_Dynasty, DDgrl213, Death Cube K, Death Dweller, Death?to?all, Defined, DeMo=GoBlIn., Dildos, Diyos~, Doomsy, Dr. Mario123, DragonKnight E, DragonKnight S, DragonKnight Z, drazib, Dude_on_fire, dusty's trash, Erosion, Fahoogawad, fiLL+, fireBLiND, FLiP*STaH, Fox News, friendly., G'd up^, G.R.I.M., Genisis+, Genius288, Gh0$t M4n+, GhandE, Givin, Green Blaze, Guilty, Gun Charge, Gun Play, Halo King, Halt, hatetred~, Holy-Messiah, Hotshy, Hugh, I - cy, Im fat, Jack Knife, Jack the Monkey, Jack-In-The-Box, JediJax'sCreditCard, Jiant, Joesph_, JokerZero, Jonkku, Kagetoki, Kajou, Kamikaze Squirrell, Karlov, KillerBee12, kitlee, Klean-Y, Knight of the Realm, kuya, Lightlings, Lord_Zitu, Love*less, Machu, MadShipKiller, Malcolm X, Martisek, master sky, Meatz, Mishra, Mojo, Molten Ice, MOM!, Neither, Night Elf31, Noo$e, Onlooker, OrangeeoZ, OwNaGe...!!!, Pa$$ion+, PChanHibiki, PH34R /\/\3, PoLiX, Premier of the Order of, PURESTRENGTH, Purge, quebec__libre., R.A.P.E.D., Rakeem., Razer-Blade, RCS2222, Recon___, Red Blade, Red Strike XXIV, RelocK, Requiem Knight, Right Sneeky, Rude Awakening, rumbleKING, Russky, rXeNa, Ryuji, S ! R, Sangre, Scratt, SeKular, Sgt. Sanders, Shook one, Shook Won, Sir Sean, Skyy, slayerKING, SlayerPro, Smore, Snow~, Soldierz, SRG, Starblist, StarScraper, Synister, Tashiketsu, Tdx, Tech 9, tgif, THE H4X0R, The Prism, The_Destroyer*, The_Projenator, ThunderJam, Top UnderDog, Tr1bunE, TruFFle-ShuFFle, Tsan Han, Tunkel, Turand, Venture500, veolier, Viking From Hell, vVeapon, Walshy, Weaser, welfare bum, wHo iS MiLkY, Wizter, Woot., xStr1Kerx, Xx_$ilver_xX, Xycho, YonatoN, Yucateco, Yusukespiritgun, Z0M8I3, ZeeDeuce,
|
I am using this code:
$result = mysql_query("SELECT * FROM aliasbot_lb_adbt")
or die(mysql_error());
while($row = mysql_fetch_array( $result )) {
echo($row['name'] . ', ');
}
|
echo htmlentities($row['name']);
Last edited by BDwinsAlt on Sun Oct 01, 2006 6:08 pm, edited 4 times in total |
|
Back to top |
|
|
Cyan~Fire I'll count you!
Age:36 Gender: Joined: Jul 14 2003 Posts: 4608 Location: A Dream Offline
|
Posted: Sun Oct 01, 2006 5:40 pm Post subject: |
|
|
|
|
Are you sure it's not just printing it and then your browser is thinging everything else is a tag? Replace '<' with "<". Also, SELECT name. _________________ This help is informational only. No representation is made or warranty given as to its content. User assumes all risk of use. Cyan~Fire assumes no responsibility for any loss or delay resulting from such use.
Wise men STILL seek Him. |
|
Back to top |
|
|
CypherJF I gargle nitroglycerin
Gender: Joined: Aug 14 2003 Posts: 2582 Location: USA Offline
|
Posted: Sun Oct 01, 2006 5:55 pm Post subject: |
|
|
|
|
when in doubt use print_r() to verify things. _________________ Performance is often the art of cheating carefully. - James Gosling |
|
Back to top |
|
|
BDwinsAlt Agurus's Posse
Age:33 Gender: Joined: Jun 16 2003 Posts: 1145 Location: Alabama Offline
|
|
Back to top |
|
|
CypherJF I gargle nitroglycerin
Gender: Joined: Aug 14 2003 Posts: 2582 Location: USA Offline
|
Posted: Sun Oct 01, 2006 6:22 pm Post subject: |
|
|
|
|
I guess that would make sense since someone could technically have a '>' or '<' in their name and HTML would think it would be a tag. Didn't you check the source of the document? |
|
Back to top |
|
|
Mine GO BOOM Hunch Hunch What What
Age:40 Gender: Joined: Aug 01 2002 Posts: 3614 Location: Las Vegas Offline
|
Posted: Sun Oct 01, 2006 11:27 pm Post subject: |
|
|
|
|
Good thing his username wasn't <script> |
|
Back to top |
|
|
Maverick
Age:39 Gender: Joined: Feb 26 2005 Posts: 1521 Location: The Netherlands Offline
|
Posted: Mon Oct 02, 2006 2:44 am Post subject: |
|
|
|
|
Mine GO BOOM wrote: | Good thing his username wasn't <script> |
You can't even make a username that is "<script>" since you can't start a username with a < . _________________
|
|
Back to top |
|
|
Smong Server Help Squatter
Joined: 1043048991 Posts: 0x91E Offline
|
Posted: Mon Oct 02, 2006 3:58 am Post subject: |
|
|
|
|
I think htmlentities is what makes my life hard trying to make plugins for ssnews, everything that can be encoded gets encoded (apart from letters and numbers), like all the different types of quotes and brackets. Although actually thinking about it now, it seems to mostly be found with rss feeds not plain pages.
Anyway in my php I use htmlspecialchars(stripslashes($blah)), I don't know if that's the correct way but it works. |
|
Back to top |
|
|
Bak ?ls -s 0 in
Age:25 Gender: Joined: Jun 11 2004 Posts: 1826 Location: USA Offline
|
Posted: Mon Oct 02, 2006 4:20 am Post subject: |
|
|
|
|
same, but there's other problems with php, such as form input containing certain keywords like wget or python leads to the server (I think) trying to execute a wget or python and leads to a 403 Foribdden. In fact, I know I can't post those words on Hockey Zone forums... mgb do you have some sort of fix you put in or am I missing something?
The only hackish workaround I could think of was to use javascript to convert such inputs to wget_ or python_ (or something else), and convert them back before I put them into the post database. _________________ SubSpace Discretion: A Third Generation SubSpace Client |
|
Back to top |
|
|
Mine GO BOOM Hunch Hunch What What
Age:40 Gender: Joined: Aug 01 2002 Posts: 3614 Location: Las Vegas Offline
|
Posted: Mon Oct 02, 2006 4:47 am Post subject: |
|
|
|
|
What the hell are you talking about? A 403 sounds like they put up a .htaccess block on it. User data should never be inside a system or exec call unless you really know what you are doing and parse the input heavily.
Why are you using stripslashes? I'm assuming you are getting the data from either the user or a database, it shouldn't have useless slashes thrown throughout the data. I sure hope you don't have magic_quotes turned on, as that is a horrible, horrible feature in PHP. You should be using mysql_real_escape_string instead of anything else, as that is the only builtin function proven to be safe for MySQL query strings. |
|
Back to top |
|
|
Smong Server Help Squatter
Joined: 1043048991 Posts: 0x91E Offline
|
Posted: Mon Oct 02, 2006 5:01 am Post subject: |
|
|
|
|
Yeah I was talking about my bug tracker, that uses mysql. I am using mysql_real_escape_string to escape strings when writing to the DB and stripslashes to unescape them when showing results. The magic quotes thing I don't know if thats on/off, I just coded so it works on the webspace I have available.
The weird keyword thing I noticed on my toktok site once, I couldn't enter the word "python" using my news script (cutenews, which is naff but does the job). I'm not sure if it still happens, I wouldn't be surprised if some random server upgrades turn this "feature" on/off. _________________ ss news |
|
Back to top |
|
|
Bak ?ls -s 0 in
Age:25 Gender: Joined: Jun 11 2004 Posts: 1826 Location: USA Offline
|
|
Back to top |
|
|
CypherJF I gargle nitroglycerin
Gender: Joined: Aug 14 2003 Posts: 2582 Location: USA Offline
|
Posted: Mon Oct 02, 2006 6:09 pm Post subject: |
|
|
|
|
SSCentral has mod_security enabled. I know this because whenever a POST is made with the word PERL in it the server returns a HTTP error. It's very frustrating when I'm trying to blog about such things. :/ |
|
Back to top |
|
|
Bak ?ls -s 0 in
Age:25 Gender: Joined: Jun 11 2004 Posts: 1826 Location: USA Offline
|
Posted: Mon Oct 02, 2006 9:05 pm Post subject: |
|
|
|
|
Yeah, it's gotta be the webserver, because an equivilent html file also yields 403s. I wish there was a list of all the forbidden keywords so I could use javascript to prevent the user from attempting to post a comment containing one of these guys... |
|
Back to top |
|
|
Mine GO BOOM Hunch Hunch What What
Age:40 Gender: Joined: Aug 01 2002 Posts: 3614 Location: Las Vegas Offline
|
Posted: Mon Oct 02, 2006 9:56 pm Post subject: |
|
|
|
|
See if you can override the mod_security settings via htaccess, as the current version will allow it if AllowOverride AuthConfig is enabled in apache. |
|
Back to top |
|
|
CypherJF I gargle nitroglycerin
Gender: Joined: Aug 14 2003 Posts: 2582 Location: USA Offline
|
Posted: Mon Oct 02, 2006 10:23 pm Post subject: |
|
|
|
|
Got a internal server error.
Quote: | Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, wwwadmin@sscentral.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request. |
I have left messages for Swift and Polix but they never got back to me. |
|
Back to top |
|
|
|
|
You can post new topics in this forum You can reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You can attach files in this forum You can download files in this forum
|
Software by php BB © php BB Group Server Load: 1177 page(s) served in previous 5 minutes.
|