Tag Archives: php

Simple PHP Page Protector

A couple of years ago I posted a way to protect a PHP page from access on the internet in an easy way.
I've spent around 15 minutes producing what I feel is a better version of the same script at the original post.
In order for it to work, you'll need a MD5 string, which you can get using the below box, just enter you password and then replace 6121904d3138741fb744fba85c276606 in the code, its quite self-explanatory.

<?php
session_start();
$_userpassword = "6121904d3138741fb744fba85c276606";
$_username = "pass";
/*DO NOT EDIT*/
if      ($_POST['pageprotector'])
        {
        if      (md5($_POST['pageprotectorpass']) == $_userpassword && $_POST['pageprotectoruser'] == $_username)
                {
                $_SESSION['bG9nZ2VkaW4p=']=$_userpassword; $_SESSION['bG9nZ2VkaW4u=']=$_username; header('Location:'.$_SERVER['PHP_SELF']);
                }
        else
                header('Location:'.$_SERVER['PHP_SELF'].'?wrongpass=1');
        }
if      ($_GET['pageprotectlogout'] == "1")
        {
        unset($_SESSION['bG9nZ2VkaW4p=']);unset($_SESSION['bG9nZ2VkaW4u=']);header('Location:'.$_SERVER['PHP_SELF']);
        }
if      ($_SESSION['bG9nZ2VkaW4p='] != $_userpassword && $_SESSION['bG9nZ2VkaW4u='] != $_username)
        {
        if      ($_GET['wrongpass'] == "1") echo "Wrong password";?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
Username: <input name="pageprotectoruser" type="text" /> Password: <input name="pageprotectorpass" type="text" /><input name="pageprotector" type="submit" value="Login">
</form><?php
        exit;
        }
/*DO NOT EDIT ABOVE*/
?>
 


[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Remote Email Address Validator

Hello,

Long time no post! I've been concentrating on my other projects lately so I have neglected to post on here :(
However I come back with a nice little email validator :)

Email addresses are changing all the time, and some people use shifty techniques to get around email validators. This means that a website owner has to update the regular expression code on all of their websites. However if the checking was done remotely, then there'd be no need to change it on all. You'd just have to change it at one place.

This is easy to implement into any website and I will provide it free for all :)

<?php
$_emailtocheck = "some@domain.com";
$_emailvalidationresult = file_get_contents("http://www.papaface.com/emailchecker/checker.php?email=".$_emailtocheck); // 0 = invalid 1 = valid
if      (trim($_emailvalidationresult) == "1")
        echo "Valid.";
else
        echo "Invalid email address.";
?>
 

The trim($_emailvalidationresult) will equal either 1 or 0. Zero if the address is invalid, and 1 if the address is correct and can receive emails.

Let me know what you think :)


[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Sanitizing $_POST and $_GET

Hey,
Well I haven't posted something PHP related for quite a few days now so I thought I'd show you something I use in every single script that I write that involves form submissions or URL data.
It is important to escape (sanitize) all data from forms that may be used in a mysql database query.
If you use some other database type, the function can easily be modified.

Place this code at the top of all your pages (maybe via an include):

        if(!function_exists(mysql_real_escape_array))
                {
        function mysql_real_escape_array($t)
                        {
        return array_map("mysql_real_escape_string",$t);
                        }
                }

        mysql_real_escape_array($_GET);
        mysql_real_escape_array($_POST);
 

It will automatically sanitize all your $_POST (from forms) and $_GET (URL data) to help prevent SQL injections.

Be aware though, that this is just one precaution you should take when inserting data into a mysql database.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

The Beginning of PHP

PHP – Hypertext preprocessor is basically a computer coding language. The language was designed by Rasmus Lerdorf and was developed by the PHP group. PHP was created in 1994 by Rasmus Lerdorf to help maintain his personal homepage.

He had written a bunch of Common Gateway Interface (CGI) binaries via the C coding language and wanted to restore a trivial set of Perl scripts which he had been using to preserve his homepage by the CGI. He wanted to do this in order to check the traffic on his homepage. This later was released publicly as the first ever version of Hypertext Preprocessor on 8 June, 1995 named PHP/FI (Form Interpreter).

One would wonder why there is an extra letter P in the abbreviation. The reason being the language is initialized again and again, recursively and that’s why the abbreviation PHP. PHP is an essential, object-oriented language. PHP is extensively used as an all-purpose scripting language, which is particularly fitting for web development. The working of PHP is simple. PHP essentially uses a web server to run, which takes the PHP code as input and results in web pages as output.

PHP was originally created for designing dynamic web pages. Over the years the main focus of PHP has changed. Server side scripting is the spotlight of PHP now. Moreover PHP has been declared as free software by the free software association. It is available over the internet and any one can download it. Due to this reason PHP stands out in comparison with competitors like Microsoft’s ASP.NET system, mod_perl framework and Sun Microsystems’ JavaServer Pages as they are not free. The PHP parser can run with both, a web browser and a web server which help in providing dynamic content.
The following is a simple Hello World code example for PHP:

<?php
Echo ’Hello World!’;
?>
 


[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Data Types in PHP

PHP is not a very strict language when it comes down to data types.
Strings:

$string = "This is a string";
 

Strings are values that contain characters. This can include basically everything you can type on your keyboard.

Integers:

$string = 1;
 

Integers are values that just contain numbers. Notice in the example above that there are no quotes?
Well, you can write an integer like that, or like this:

$string = "1";
 

PHP automatically converts numbers contained in a string with no other characters into a integer. The only time you need to be careful of this is when you are using operators (I will discuss that in another post).

Boolean:

$string = true;
$string2 = false;
 

Booleans are values that contain either true or false. They can be used in if statements like:

$string = true;
if ($string)//checks if $string is true
 {
 echo '$string is true';
 }
else
 {
 echo '$string is false';
 }
 

Hope that helps you understand data types in PHP better. Obviously I have just scratched the surface in my explanations.
Feel free to comment and ask any questions 😀

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

How to make a Dynamic Image

Dynamic images (as I call them) are images that change depending on a condition.
A regular image URL is something like:
#1

<img src="http://www.papaface.com/blog/wp-content/themes/papaface/images/beer.png" />
 

However a Dynamic Image's URL could be something like:
#2

<img src="http://www.papaface.com/blog/somephpfile.php" />
 

Notice the difference?
Example 1's URL is actually an image file, however example 2's URL is actually a PHP file producing a dynamic image in this case.

These dynamic images are useful if you want to change the image produced at any point.

Lets say we are providing a link checking service and I want to offer the visitors the ability to put an image on their site once they've used the link checking service. The image will change to green when the link is valid, and red when it is not.

<img src="http://www.papaface.com/blog/resources/dynamicimage/example.php?id=22451" />
 

Now every time the image is loaded the script can actually look for link id "22451" in a database. It can then check the image for validity and produce a green or red image like so:

This is the code that would allow you to do this:

<?php  
       
        $linkid = $_GET['id']; //this is the link id that the script needs to look for in the database
       
        //you would open a mysql connection here
       
        $get = @mysql_query("SELECT `link` FROM `tbllinks` WHERE `linkid`='".mysql_real_escape_string($linkid)."'"); //@ suppresses the error message (this is usually a bad coding practice, but in this case we do not want anything other than an image displayed to the user.

        list($url) = mysql_fetch_array($get);
        /*The code below checks the link. If it is a valid and working link it will return a 200 code.*/
        $ch = curl_init($url);
        curl_setopt($ch, CURLOPT_NOBODY, true);
        curl_setopt($ch, CURLOPT_HEADER, true);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true );
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_exec($ch);
        $info = curl_getinfo($ch, CURLINFO_HTTP_CODE);
        curl_close($ch);
        if      ($info == "200")
                $colour = "green";   //link is valid
        else
                $colour = "red"; //link is NOT valid
        }

    //code above decided if it should be green or red and produced $colour
   
        header("Content-type: image/jpg");
        $im     = imagecreatefromjpeg($colour.".jpg"); //tells the script what image to source locally (green.jpg/red.jpg are actual images in the directory)
        $orange = imagecolorallocate($im, 220, 210, 60);
        $px     = (imagesx($im) - 7.5 * strlen($string)) / 2;
        imagestring($im, 3, $px, 9, $string, $orange);
        imagepng($im);
        imagedestroy($im);

?>
 

And that is a way of making a dynamic image. I have provided a relatively basic example of how to use dynamic images, I hope it was interesting :)

Feel free to ask me any questions!

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

A Simple Banner Rotator Script

I'm in the coding mood today :) .
I cannot count how many times I've been asked to code a UBER simple banner rotator script.
These things are so simple, but if you don't know PHP it can be difficult to understand.

The script below has two variables:

$links = array(
"http://www.google.com",
"http://www.msn.com",
"http://forums.digitalpoint.com"
);
//add a new link for the banner to a new line in the same format as above
 

and:

$images = array(
"http://www.google.co.uk/intl/en_uk/images/logo.gif",
"http://stc.msn.com/br/hp/en-us/css/35/decoration/msn_b.gif",
"http://forums.digitalpoint.com/images/misc/dps_logo.gif"
);
//add a new image link for the banner to a new line in the same format as above
 

As you can see they match up. The first line for the $links variable is for a google image, the second is for a msn image etc.
Here is the full code:

<?php
session_start();

$links = array(
"http://www.google.com",
"http://www.msn.com",
"http://forums.digitalpoint.com"
);
//add a new link for the banner to a new line in the same format as above

$images = array(
"http://www.google.co.uk/intl/en_uk/images/logo.gif",
"http://stc.msn.com/br/hp/en-us/css/35/decoration/msn_b.gif",
"http://forums.digitalpoint.com/images/misc/dps_logo.gif"
);
//add a new image link for the banner to a new line in the same format as above
//-------- DO NOT EDIT BELOW THIS LINE----------
$count = count($links) -1;

$randnum = mt_rand(0,$count);

if      ($randnum == $_SESSION['randnum'])
        {
        $randnum = mt_rand(0,$count);
        }
$_SESSION['randnum'] = $randnum;
echo '<a href="'.$links[$randnum].'"><img style="border:none" src="'.$images[$randnum].'" /></a>';

?>
 

The code has been constructed so that the likelihood of getting the same banner displayed twice is greatly reduced.

Comment here if you like the script, or have any questions 😀

You can see an example of the script running here.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]