منتديات phpBBArabia

الدعم العربي لمنتديات phpBB
http://www.phpbbarabia.com/community/

إستفسار بخصوص لغة php

http://www.phpbbarabia.com/community/viewtopic.php?t=38402

صفحة 2 من 2

??????? ????? ??? php

مرسل: الجمعة سبتمبر 03, 2010 9:53 am
بواسطة developer.mahmoud

كود: تحديد الكل

$title
???? ???? ??? ?????? , ?? ??????? ??? ????

كود: تحديد الكل

$_POST['title']
???? ?? ?????? ?? ???? ???? ?? ?????? , ??? ???? ???? ?? ??? ?? ???? sql injection

??????? ????? ??? php

مرسل: الجمعة سبتمبر 03, 2010 3:43 pm
بواسطة harede2006
?????? ?????
???? ????? ????? ????? ?????? ?? ????

??????? ??????? ???? ?? ??? ?????? ??? ?? ??? ?? ???? ???????? ???? ?? ???? ?????? ?? ?? ?????? ??????? ???? ???????? ???? ???? ????? ??? ????? ????? ??? ???????? ????? ??????

??? ????????? ??? ???????? ?????

????? :
??? ??? ??? ???? ?? ???? ????? ???? ??
showforum.php?=6
?????? ?? ???????? ??????

???? ????? ??? selcet ??????? ?????? ????? ?? ????? ?? ??

??? ????? ?????

كود: تحديد الكل

<?php
session_start();
if(!$_SESSION['username']){ 
	echo "<font color=\"#FF0000\"><b>please log in <META HTTP-EQUIV=\"refresh\" CONTENT=\"1; URL=login.php\"></b></font>";
exit;
}  
	include('../config.php');
 	include('../easytemplate.php');
	$con = mysql_connect($hostname,$user,$pass);
	  if(!$con)  
	  {  
	   die('can not connect'.mysql_error());  
	  }  
	mysql_select_db($db_name,$con);
		 
	$post_all = "SELECT post_id,forum_id,title,img,small_data,data 
				FROM post 
				WHERE forum_id='$id'
				ORDER BY post_id DESC" ;
	
	$tmpl = new EasyTemplate('style','cache');
	print $tmpl->display('body/showforum_body.html');
     
	mysql_close($con); 
 ?>

??? ????? ???????

كود: تحديد الكل

<?php

session_start();
if(!$_SESSION['username']){ 
	echo "<font color=\"#FF0000\"><b>please log in <META HTTP-EQUIV=\"refresh\" CONTENT=\"1; URL=login.php\"></b></font>";
exit;
}
  
	 	include('../config.php');
 	include('../easytemplate.php');
	$con = mysql_connect("$hostname","$user","$pass");
	  if(!$con)  
	  {  
	   die('can not connect'.mysql_error());  
	  }  
	mysql_select_db($db_name,$con);

   $query_post = "select * from post where post_id ='$id'";  
   $result_post = mysql_query($query_post);  
    
   while($row = mysql_fetch_object($result_post)) { 
    $title = $row->title;
    $img = $row->img;    
    $data = $row->data;
    $post_id = $row->post_id;
   }  

	$forum_id_name = "SELECT post_id, img, title, data FROM post WHERE post_id='$id'" ;

	$tmpl = new EasyTemplate('style','cache');
	print $tmpl->display('body/showpost_body.html');
     
	mysql_close($con); 
 ?>

??????? ????? ??? php

مرسل: السبت سبتمبر 04, 2010 6:23 pm
بواسطة harede2006
?? ?? ???????

????? ??? ?? ????????? ?? id ?? ???????

???? ??

كود: تحديد الكل

$id
???? ??? ????

كود: تحديد الكل

$_GET[id]

??????? ????? ??? php

مرسل: الأحد سبتمبر 05, 2010 11:11 am
بواسطة harede2006
?? ??????? ???? ????? ???? ????? ?????????

??? ??? ???? mail()

????? ?????? ?????? ?????? ????? ???? ????? ???? ?? ??????? ?? ??? ???? ????? ?? ????? ?? ????? .. !!

كود: تحديد الكل

<html>
<body>
<?php
function spamcheck($field)
  {
  //filter_var() sanitizes the e-mail
  //address using FILTER_SANITIZE_EMAIL
  $field=filter_var($field, FILTER_SANITIZE_EMAIL);

  //filter_var() validates the e-mail
  //address using FILTER_VALIDATE_EMAIL
  if(filter_var($field, FILTER_VALIDATE_EMAIL))
    {
    return TRUE;
    }
  else
    {
    return FALSE;
    }
  }

if (isset($_REQUEST['email']))
  {//if "email" is filled out, proceed

  //check if the email address is invalid
  $mailcheck = spamcheck($_REQUEST['email']);
  if ($mailcheck==FALSE)
    {
    echo "Invalid input";
    }
  else
    {//send email
    $email = $_REQUEST['email'] ;
    $subject = $_REQUEST['subject'] ;
    $message = $_REQUEST['message'] ;
    mail("m_d55@hotmail.com", "Subject: $subject",
    $message, "From: $email" );
    echo "Thank you for using our mail form";
    }
  }
else
  {//if "email" is not filled out, display the form
  echo "<form method='post' action='aa.php'>
  Email: <input name='email' type='text' /><br />
  Subject: <input name='subject' type='text' /><br />
  Message:<br />
  <textarea name='message' rows='15' cols='40'>
  </textarea><br />
  <input type='submit' />
  </form>";
  }
?>

</body>
</html>

??????? ????? ??? php

مرسل: الاثنين سبتمبر 06, 2010 2:52 am
بواسطة developer.mahmoud
?? ?????? كتب:???? ?? ?????? ?? ???? ???? ?? ?????? , ??? ???? ???? ?? ??? ?? ???? sql injection

كود: تحديد الكل

$query_post = "select * from post where post_id ='$id'";
:shock:

??????? ????? ??? php

مرسل: الثلاثاء سبتمبر 07, 2010 1:39 am
بواسطة harede2006
?? ???? ???? !

????? ?? ?? ????? ?? ???? ??? ????? !!!!

??????? ????? ??? php

مرسل: الثلاثاء سبتمبر 07, 2010 12:01 pm
بواسطة harede2006
?????? ?????

???? ????? ???? ?????? ?? ??????

????? ??? ?? ??? ???? ?? ?????? ??? ?? ???? ??????

???????? ??????

'".intval($_GET[id])."'

??? ???? ???? ???? ???? ?? ??? ??? ??? ???? ?? ??? ??? ??? ????? ?????? ??? ??????? ?? ??? ???????
http://www.moffed.com/community/viewtop ... =31&t=3474
جميع الأوقات تستخدم التوقيت العالمي+03:00
صفحة 2 من 2

phpBB® Forum Software © phpBB Limited

Translated by phpBBArabia