.htaccess help

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    .htaccess help

    hi there i use free host but my hosting pannel doesnt support .htaccess files by the way i dont even need that..
    here is my .htaccess
    PHP Code:
    php_value date.timezone Europe/Dublin
    php_flag register_globals on 
    without .htaccess my site runing good but i face problems

    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY shtime DESC LIMIT 0, 6' at line 1

    but when i use .htaccess it doesnot show any error pls tell me what is the meaning

    PHP Code:
    php_value date.timezone Europe/Dublin
    php_flag register_globals on 
    ?????

    #2
    Your coding is INSECURE and can be exploited or injected sumway through register_globals. When u turn it on, it registers a global, when u dont global request vars dnt register thus ur error.

    Comment


      #3
      here is my error line code

      $sql = "SELECT id, shout, shouter, shtime , shid FROM 420_shout WHERE shid='".$shid."' ORDER BY shtime DESC LIMIT $limit_start, $items_per_page";

      why this code needs php_flag register_globals on ?? if i use it then no errors occured if not then error !! help me MGIGS bro

      Added after 40 minutes:

      thank u Mgigs bro i got the concept thanx a lot
      Last edited by shakil420; 19.10.10, 18:35.

      Comment


        #4
        Your error is your not collecting the variable $shid (nothing is assigned to it) ... so you need something like this:
        $shid = $_GET['shid'];

        Comment


          #5
          Yes something else bro.

          Comment


            #6
            now another problem page next or previous option not working when i wanto see my shout history !!

            Comment


              #7
              All these problem occurs as because of your code is basically made for global registering and your server regs global is off. but if you turn it on your site is on in danger.

              use all strng like someting_else writes. $code = $GET_['code'];

              Comment


                #8
                If ur script cant work with globals off then its not work jerking over.

                Comment


                  #9
                  What is global registering.i need basic idea to understand.

                  Comment


                    #10
                    PHP Code:
                    // Psedo code
                    if($_POST['password'] === 'foo')
                    {
                     
                    $authorized TRUE;
                    }

                    if(
                    $authorized)
                    {
                     echo 
                    'logged in';
                    }
                    else
                    {
                     echo 
                    'logged out';

                    The code above doesnt look like its got any problems. But visiting http://site.com/file.php?authorized=1 with register globals on will log the user in, but with it off it wont. Basically i can assign values to vars with globals on. Bear in mind tho that the register_globals function is not insecure, its the user coding that is. With good coding practise, u can work with it on. Example
                    PHP Code:
                    // Psedo code
                    $authorized FALSE;

                    if(
                    $_POST['password'] === 'foo')
                    {
                     
                    $authorized TRUE;
                    }

                    if(
                    $authorized === TRUE)
                    {
                     echo 
                    'logged in';
                    }
                    else
                    {
                     echo 
                    'logged out';

                    By defining variables first, you can be a tad safer. Bt generally, its nt worth getting stoned over, turning off global registering is waay easier.
                    Last edited by CreativityKills; 21.10.10, 11:25.

                    Comment


                      #11
                      0w thats it.thanx bro mGigs.

                      Comment


                        #12
                        ok anytime. . .

                        Comment

                        Working...
                        X