check my site please

Discuss the many weaknesses of browser security and ways to mitigate the threat

check my site please

Post by jack08642qa on Wed Oct 03, 2012 10:57 pm
([msg=69895]see check my site please[/msg])

I have a site I have been building which is not done yet but I just updated the security systems I use in the php code for it

can you guys check to see if its vulnerable

and for proof this site is mine here is the code for the calendar I made from scratch on my site
just to tell you I won't include the css and javascript and a custom function I use on it to make it work
Code: Select all
<?php
     if (isset($_GET['day'])){
      $day = $_GET['day'];
     } else {
      $day = date("j");
     }
      if(isset($_GET['month'])){
      $month = $_GET['month'];
      } else {
      $month = date("n");
     }
     if(isset($_GET['year'])){
       $year = $_GET['year'];
     }else{
       $year = date("Y");
     }
     if($month > 12){
       $month = 12;
     }
     if($month < 1){
       $month = 1;
     }
     if(strlen($year) != 4){
       $year = date("Y");
     }

     if($month == 1){
       $year_back_button = ($year-1);
      $month_back_button = 12;
      $back_month = 12;
     }else {
       $month_back_button = ($month-1);
      $year_back_button = $year;
      $back_month = ($month-1);
     }
     if($month == 12){
       $year_forward_button = ($year+1);
      $month_forward_button = 1;
      $next_month = 1;
     }else {
       $month_forward_button = ($month+1);
      $year_forward_button = $year;
      $next_month = ($month+1);
     }
     $currentTimeStamp = strtotime( "$day-$month-$year");
     $backTimeStamp = strtotime( "$day-$back_month-$year");
     $nextTimeStamp = strtotime( "$day-$next_month-$year");
     $backmonthName = date("M", $backTimeStamp);
     $nextmonthName = date("M", $nextTimeStamp);
     $monthName = date("F", $currentTimeStamp);
     $numDays = date("t", $currentTimeStamp);
     $counter = 0;
    
     $con = mysql_connect("mysql15.000webhost.com","a8076823_user","08642qa") or die(mysql_error());
     $db = mysql_select_db("a8076823_main", $con);    
   ?>
    <?php if(isset($_GET['day'])){
     $sql = "SELECT * FROM `calendar` WHERE `year_of`='".$year."' AND `month_of`='".$month."' AND `day_of`='".$day."'";
     $res = mysql_query($sql) or die(mysql_error());
    
     $sqlcheck = "SELECT count(*) AS amount FROM `calendar` WHERE `year_of`='".$year."' AND `month_of`='".$month."' AND `day_of`='".$day."'";
     $rescheck = mysql_query($sqlcheck) or die(mysql_error());
    
     $is_event_counter = 0;
     $current_day = date("j", $currentTimeStamp);
     $current_month = date("n", $currentTimeStamp);
     $current_year = date("Y", $currentTimeStamp);
     $rowcheck = mysql_fetch_assoc($rescheck);
     if(mysql_num_rows($res) > 0){
         echo "There is ".$rowcheck['amount']." Events for this day, ".$current_month."/".$current_day."/".$current_year.".<br /><br />";
        while($row = mysql_fetch_assoc($res)){
         $type_of_event = $row['type_of_event'];
         $day_of = $row['day_of'];
         $month_of = $row['month_of'];
         $year_of = $row['year_of'];
         $event_title = $row['event_title'];
         $event_description = $row['event_description'];
         $is_event_counter++;
         
         if($day == $day_of){
           echo "Event ".$is_event_counter."<br />Title: ".$event_title."<br />Type of Event: ".$type_of_event."<br /><div class=\"description\">Event Description: ".htmlspecialchars_decode(nl2br2($event_description))."</div><br /><br />";
         }else {
           echo "There are no events for this day, ".$current_month."/".$current_day."/".$current_year.".";
         }
        }
     }else {
       echo "There are no events for this day, ".$current_month."/".$current_day."/".$current_year.".";
     }
     echo "<div id=\"back-to-calendar\"><a href=\"?month=".$month."&amp;year=".$year."\">Go Back?</a></div>";
    
   }else { ?>
  <table id="calendar-table" cellspacing="3" cellpadding="3">
    <tr id="top-controls">
      <th colspan="2" id="back-button"><?php echo "<a href=\"?month=".$month_back_button."&amp;year=".$year_back_button."\">"; ?><span style="font-size: 16px;">&laquo;</span>&nbsp;&nbsp;<?php echo $backmonthName; echo " $year_back_button"; ?></a></th>
      <th colspan="3"><?php echo $monthName." ".$year; ?></th>
      <th colspan="2" id="forward-button"><?php echo "<a href=\"?month=".$month_forward_button."&amp;year=".$year_forward_button."\">"; ?><?php echo $nextmonthName; echo " $year_forward_button";  ?>&nbsp;<span style="font-size: 16px;">&raquo;</span></a></th>
    </tr>
    <tr>
      <th>Sun</th>
      <th>Mon</th>
      <th>Tue</th>
      <th>Wed</th>
      <th>Thu</th>
      <th>Fri</th>
      <th>Sat</th>
    </tr>
    <?php
     echo "<tr>\r\n";
     for($i = 1; $i < $numDays+1; $i++, $counter++){
       $monthstring = $month;
      $monthlength = strlen($monthstring);
      $daystring = $i;
      $daylength = strlen($daystring);
       $timeStamp = strtotime("$year-$month-$i");
      $timeStamp_before = strtotime("$year-$month_before-$i");
      $month_before = ($month == 1) ? "12" : $month-1;
      $year_before = ($month == 1) ? $year-1 : $year;
    
       $firstDay = date("w", $timeStamp);
       $days_before = date("j", $timeStamp_before);
       $days_before_thisMonth = $days_before - $firstDay;
       $days_before_thisMonth = $days_before_thisMonth+1;
      
      for($if1=0;$if1!=1 && $i < 2;$if1++){
         $if_goes_over_check = ($days_before - $days_before_thisMonth) + 1;
      }
      
      if($i == 1) {
        //$firstDay = ($firstDay > 4) ? $firstDay = 4 : $firstDay;
       
        for($fd = 0; $fd < $firstDay; $fd++, $counter++, $days_before_thisMonth++) {
            echo "<td>";
            $sql = "SELECT * FROM `calendar` WHERE `year_of`='".$year_before."' AND `month_of`='".$month_before."'";
           $res = mysql_query($sql) or die(mysql_error());
           $sqlcheck = "SELECT count(*) AS amount FROM `calendar` WHERE `year_of`='".$year_before."' AND `month_of`='".$month_before."' AND `day_of`='".$days_before_thisMonth."'";
             $rescheck = mysql_query($sqlcheck) or die(mysql_error());
           echo "<a href=\"?day=".$days_before_thisMonth."&amp;month=".$month_before."&amp;year=".$year_before."\" class=\"calendar-link\"";
            while($rowcheck = mysql_fetch_assoc($rescheck)){
              $amount_of_events = $rowcheck['amount'];
             echo " onmouseover=\"showhint('There is ".$amount_of_events." event(s) for this day.', this, event, '300px')\"";
            }
            echo ">".$days_before_thisMonth."</a><br />";
    
           while($row = mysql_fetch_assoc($res)){
            $type_of_event = $row['type_of_event'];
            $day_of = $row['day_of'];
            $month_of = $row['month_of'];
            $year_of = $row['year_of'];
            $event_title = $row['event_title'];
            $event_description = $row['event_description'];
            if($days_before_thisMonth == $day_of){
                echo "<a href=\"?day=".$day_of."&amp;month=".$month_of."&amp;year=".$year_of."\" class=\"calendar-link\" onmouseover=\"showhint('Event Title: ".$event_title."&lt;br /&gt;Type of Event: ".$type_of_event."&lt;br /&gt;Description: ".nl2br2($event_description)."', this, event, '300px')\"><img src=\"images/event.gif\" alt=\"\" />"; if((strlen($event_title)>10)){ echo "".substr($event_title, 0, 10)."..."; }else echo $event_title; echo "</a><br />";
            }
           }
           echo "</td>\r\n";
        }
      }
      $days_in_all = $if_goes_over_check + $i;
      if($counter % 7 == 0 && $days_in_all < 35){
        echo"</tr>\r\n<tr>\r\n";
      }
      if($counter % 7 == 0 && $days_in_all > 35){
         echo"</tr>\r\n<tr class=\"over\">\r\n";
      }
      if($monthlength <= 1){
        $monthstring = "0".$monthstring;
      }
      if($daylength <=1){
        $daystring = "0".$daystring;
      }
      $current_month = date("n");
      $current_year = date("Y");
      if($days_in_all > 35){ $this_day_goes_over = $i;
        $amount_of_extras = $days_in_all - 35;
      }
      echo "<td";
      if($this_day_goes_over){ $counter_days_over = 1; if($amount_of_extras > 1){ echo " class=\"day-thats-over2\""; }else { echo " class=\"day-thats-over\""; }}else echo " class=\"months-days\"";
      echo ">";
        $sql = "SELECT * FROM `calendar` WHERE `year_of`='".$year."' AND `month_of`='".$month."'";
        $res = mysql_query($sql) or die(mysql_error());
        if($this_day_goes_over){ echo "<hr />"; }
        if($day == $i && $month == $current_month && $year == $current_year){ echo "<div id=\"current-day\"></div>"; }
        $sqlcheck = "SELECT count(*) AS amount FROM `calendar` WHERE `year_of`='".$year."' AND `month_of`='".$month."' AND `day_of`='".$i."'";
         $rescheck = mysql_query($sqlcheck) or die(mysql_error());
        echo "<a href=\"?day=".$i."&amp;month=".$month."&amp;year=".$year."\" class=\"calendar-link\"";
        while($rowcheck = mysql_fetch_assoc($rescheck)){
          $amount_of_events = $rowcheck['amount'];
         echo " onmouseover=\"showhint('There is ".$amount_of_events." event(s) for this day.', this, event, '300px')\"";
        }
          echo ">".$i."</a><br />";
        $event_stopper = 0;
        while($row = mysql_fetch_assoc($res)){
          $type_of_event = $row['type_of_event'];
          $day_of = $row['day_of'];
          $month_of = $row['month_of'];
          $year_of = $row['year_of'];
          $event_title = $row['event_title'];
          $event_description = $row['event_description'];
         if($i == $day_of){
           $fix_this_day = ($this_day_goes_over == 30) ? null : "23";
           $fix_this_day2 = ($this_day_goes_over == 31) ? null : "24";
           if($this_day_goes_over == $day_of || $fix_this_day == $day_of || $fix_this_day2 == $day_of){
             if($event_stopper < 1){
                echo "<a href=\"?day=".$day_of."&amp;month=".$month_of."&amp;year=".$year_of."\" class=\"calendar-link\" onmouseover=\"showhint('Event Title: ".$event_title."&lt;br /&gt;Type of Event: ".$type_of_event."&lt;br /&gt;Description: ".nl2br2($event_description)."', this, event, '300px')\"><img src=\"images/event.gif\" alt=\"\" />"; if((strlen($event_title)>10)){ echo "".substr($event_title, 0, 10)."..."; }else echo $event_title; echo "</a><br />";
              $event_stopper++;
             }
           }else {
             echo "<a href=\"?day=".$day_of."&amp;month=".$month_of."&amp;year=".$year_of."\" class=\"calendar-link\" onmouseover=\"showhint('Event Title: ".$event_title."&lt;br /&gt;Type of Event: ".$type_of_event."&lt;br /&gt;Description: ".nl2br2($event_description)."', this, event, '300px')\"><img src=\"images/event.gif\" alt=\"\" />"; if((strlen($event_title)>10)){ echo "".substr($event_title, 0, 10)."..."; }else echo $event_title; echo "</a><br />";
           }
         }
        }
        echo "</td>\r\n";
        $is_leap_year = date('L',$currentTimeStamp);
        if($is_leap_year == 1){
          if($month == 2){
           $sql_tds = "SELECT `days` FROM `months_days` WHERE `month`='".$month."' AND `is_leap_month`='1'";
         }else {
           $sql_tds = "SELECT `days` FROM `months_days` WHERE `month`='".$month."' AND `is_leap_month`='0'";
         }
        }else {
          $sql_tds = "SELECT `days` FROM `months_days` WHERE `month`='".$month."' AND `is_leap_month`='0'";
        }
        $td_query = mysql_query($sql_tds) or die(mysql_error());
        while($td_amount_to = mysql_fetch_assoc($td_query)){
          $days_in_month_for_td = $td_amount_to['days'];
        }
        $td_amount = $if_goes_over_check + $days_in_month_for_td;
        if($td_amount == 36){
          if($counter % 7 == 0 && $days_in_all > 35){
            for($td_fix=1;$td_fix<7;$td_fix++){
              echo "<td class=\"not-used\">&nbsp;</td>\r\n";
           }
         }
        }else if($td_amount == 37){
         if($counter % 6 == 0 && $days_in_all > 36){
            for($td_fix=1;$td_fix<6;$td_fix++){
               echo "<td class=\"not-used\">&nbsp;</td>\r\n";
            }
          }
        }
     }
     $days_after = $firstDate+$counter;
     $days_after_thisMonth = 35 - $days_after;
     if($days_after_thisMonth) {
         //|| $days_after_thisMonth == -1 || $days_after_thisMonth == -2      old way of doing this, this goes inside the above if <
         //if($days_after_thisMonth == -1){ $days_after_thisMonth = 6; }else if($days_after_thisMonth == -2){ $days_after_thisMonth = 5; } <
          $counter_last_day = 1;
        for($ld = 0; $ld < $days_after_thisMonth; $ld++, $counter_last_day++) {
          echo "<td>";
         $month_after_this = ($month == 12) ? "1" : $month+1;
         $year_after_this = ($month == 12) ? $year+1 : $year;
          $sql = "SELECT * FROM `calendar` WHERE `year_of`='".$year_after_this."' AND `month_of`='".$month_after_this."'";
         $res = mysql_query($sql) or die(mysql_error());
         $sqlcheck = "SELECT count(*) AS amount FROM `calendar` WHERE `year_of`='".$year_after_this."' AND `month_of`='".$month_after_this."' AND `day_of`='".$counter_last_day."'";
           $rescheck = mysql_query($sqlcheck) or die(mysql_error());
         echo "<a href=\"?day=".$counter_last_day."&amp;month=".$month_after_this."&amp;year=".$year_after_this."\" class=\"calendar-link\"";
          while($rowcheck = mysql_fetch_assoc($rescheck)){
            $amount_of_events = $rowcheck['amount'];
           echo " onmouseover=\"showhint('There is ".$amount_of_events." event(s) for this day.', this, event, '300px')\"";
          }
          echo ">".$counter_last_day."</a><br />";
    
         while($row = mysql_fetch_assoc($res)){
           $type_of_event = $row['type_of_event'];
           $day_of = $row['day_of'];
           $month_of = $row['month_of'];
           $year_of = $row['year_of'];
           $event_title = $row['event_title'];
           $event_description = $row['event_description'];
           if($counter_last_day == $day_of){
              echo "<a href=\"?day=".$day_of."&amp;month=".$month_of."&amp;year=".$year_of."\" class=\"calendar-link\" onmouseover=\"showhint('Event Title: ".$event_title."&lt;br /&gt;Type of Event: ".$type_of_event."&lt;br /&gt;Description: ".nl2br2($event_description)."', this, event, '300px')\"><img src=\"images/event.gif\" alt=\"\" />"; if((strlen($event_title)>10)){ echo "".substr($event_title, 0, 10)."..."; }else echo $event_title; echo "</a><br />";
           }
         }
         echo "</td>\r\n";
        }
      }
      echo "</tr>\r\n";
   ?>
  </table>
  <?php
    if($this_day_goes_over){
      echo "<div id=\"bottom-fix-for-calendar\"></div>\r\n";
    }
  ?>
  <?php } ?>


if you do find a way to get in can you pm me please so i can fix it
http://troop557.vacau.com/
Last edited by limdis on Thu Oct 04, 2012 9:01 am, edited 2 times in total.
Reason: Original URL url [url=http://troop557.vacau.com/]troop557.vacau.com[/url]
jack08642qa
New User
New User
 
Posts: 16
Joined: Wed Oct 03, 2012 10:14 pm
Blog: View Blog (0)


Re: check my site please

Post by centip3de on Thu Oct 04, 2012 12:34 am
([msg=69897]see Re: check my site please[/msg])

jack08642qa wrote:I have a site I have been building which is not done yet but I just updated the security systems I use in the php code for it

can you guys check to see if its vulnerable

and for proof this site is mine here is the code for the calendar I made from scratch on my site
just to tell you I won't include the css and javascript and a custom function I use on it to make it work
Code: Select all
<?php
     if (isset($_GET['day'])){
      $day = $_GET['day'];
     } else {
      $day = date("j");
     }
      if(isset($_GET['month'])){
      $month = $_GET['month'];
      } else {
      $month = date("n");
     }
     if(isset($_GET['year'])){
       $year = $_GET['year'];
     }else{
       $year = date("Y");
     }
     if($month > 12){
       $month = 12;
     }
     if($month < 1){
       $month = 1;
     }
     if(strlen($year) != 4){
       $year = date("Y");
     }

     if($month == 1){
       $year_back_button = ($year-1);
      $month_back_button = 12;
      $back_month = 12;
     }else {
       $month_back_button = ($month-1);
      $year_back_button = $year;
      $back_month = ($month-1);
     }
     if($month == 12){
       $year_forward_button = ($year+1);
      $month_forward_button = 1;
      $next_month = 1;
     }else {
       $month_forward_button = ($month+1);
      $year_forward_button = $year;
      $next_month = ($month+1);
     }
     $currentTimeStamp = strtotime( "$day-$month-$year");
     $backTimeStamp = strtotime( "$day-$back_month-$year");
     $nextTimeStamp = strtotime( "$day-$next_month-$year");
     $backmonthName = date("M", $backTimeStamp);
     $nextmonthName = date("M", $nextTimeStamp);
     $monthName = date("F", $currentTimeStamp);
     $numDays = date("t", $currentTimeStamp);
     $counter = 0;
    
     $con = mysql_connect("mysql15.000webhost.com","a8076823_user","08642qa") or die(mysql_error());
     $db = mysql_select_db("a8076823_main", $con);    
   ?>
    <?php if(isset($_GET['day'])){
     $sql = "SELECT * FROM `calendar` WHERE `year_of`='".$year."' AND `month_of`='".$month."' AND `day_of`='".$day."'";
     $res = mysql_query($sql) or die(mysql_error());
    
     $sqlcheck = "SELECT count(*) AS amount FROM `calendar` WHERE `year_of`='".$year."' AND `month_of`='".$month."' AND `day_of`='".$day."'";
     $rescheck = mysql_query($sqlcheck) or die(mysql_error());
    
     $is_event_counter = 0;
     $current_day = date("j", $currentTimeStamp);
     $current_month = date("n", $currentTimeStamp);
     $current_year = date("Y", $currentTimeStamp);
     $rowcheck = mysql_fetch_assoc($rescheck);
     if(mysql_num_rows($res) > 0){
         echo "There is ".$rowcheck['amount']." Events for this day, ".$current_month."/".$current_day."/".$current_year.".<br /><br />";
        while($row = mysql_fetch_assoc($res)){
         $type_of_event = $row['type_of_event'];
         $day_of = $row['day_of'];
         $month_of = $row['month_of'];
         $year_of = $row['year_of'];
         $event_title = $row['event_title'];
         $event_description = $row['event_description'];
         $is_event_counter++;
         
         if($day == $day_of){
           echo "Event ".$is_event_counter."<br />Title: ".$event_title."<br />Type of Event: ".$type_of_event."<br /><div class=\"description\">Event Description: ".htmlspecialchars_decode(nl2br2($event_description))."</div><br /><br />";
         }else {
           echo "There are no events for this day, ".$current_month."/".$current_day."/".$current_year.".";
         }
        }
     }else {
       echo "There are no events for this day, ".$current_month."/".$current_day."/".$current_year.".";
     }
     echo "<div id=\"back-to-calendar\"><a href=\"?month=".$month."&amp;year=".$year."\">Go Back?</a></div>";
    
   }else { ?>
  <table id="calendar-table" cellspacing="3" cellpadding="3">
    <tr id="top-controls">
      <th colspan="2" id="back-button"><?php echo "<a href=\"?month=".$month_back_button."&amp;year=".$year_back_button."\">"; ?><span style="font-size: 16px;">&laquo;</span>&nbsp;&nbsp;<?php echo $backmonthName; echo " $year_back_button"; ?></a></th>
      <th colspan="3"><?php echo $monthName." ".$year; ?></th>
      <th colspan="2" id="forward-button"><?php echo "<a href=\"?month=".$month_forward_button."&amp;year=".$year_forward_button."\">"; ?><?php echo $nextmonthName; echo " $year_forward_button";  ?>&nbsp;<span style="font-size: 16px;">&raquo;</span></a></th>
    </tr>
    <tr>
      <th>Sun</th>
      <th>Mon</th>
      <th>Tue</th>
      <th>Wed</th>
      <th>Thu</th>
      <th>Fri</th>
      <th>Sat</th>
    </tr>
    <?php
     echo "<tr>\r\n";
     for($i = 1; $i < $numDays+1; $i++, $counter++){
       $monthstring = $month;
      $monthlength = strlen($monthstring);
      $daystring = $i;
      $daylength = strlen($daystring);
       $timeStamp = strtotime("$year-$month-$i");
      $timeStamp_before = strtotime("$year-$month_before-$i");
      $month_before = ($month == 1) ? "12" : $month-1;
      $year_before = ($month == 1) ? $year-1 : $year;
    
       $firstDay = date("w", $timeStamp);
       $days_before = date("j", $timeStamp_before);
       $days_before_thisMonth = $days_before - $firstDay;
       $days_before_thisMonth = $days_before_thisMonth+1;
      
      for($if1=0;$if1!=1 && $i < 2;$if1++){
         $if_goes_over_check = ($days_before - $days_before_thisMonth) + 1;
      }
      
      if($i == 1) {
        //$firstDay = ($firstDay > 4) ? $firstDay = 4 : $firstDay;
       
        for($fd = 0; $fd < $firstDay; $fd++, $counter++, $days_before_thisMonth++) {
            echo "<td>";
            $sql = "SELECT * FROM `calendar` WHERE `year_of`='".$year_before."' AND `month_of`='".$month_before."'";
           $res = mysql_query($sql) or die(mysql_error());
           $sqlcheck = "SELECT count(*) AS amount FROM `calendar` WHERE `year_of`='".$year_before."' AND `month_of`='".$month_before."' AND `day_of`='".$days_before_thisMonth."'";
             $rescheck = mysql_query($sqlcheck) or die(mysql_error());
           echo "<a href=\"?day=".$days_before_thisMonth."&amp;month=".$month_before."&amp;year=".$year_before."\" class=\"calendar-link\"";
            while($rowcheck = mysql_fetch_assoc($rescheck)){
              $amount_of_events = $rowcheck['amount'];
             echo " onmouseover=\"showhint('There is ".$amount_of_events." event(s) for this day.', this, event, '300px')\"";
            }
            echo ">".$days_before_thisMonth."</a><br />";
    
           while($row = mysql_fetch_assoc($res)){
            $type_of_event = $row['type_of_event'];
            $day_of = $row['day_of'];
            $month_of = $row['month_of'];
            $year_of = $row['year_of'];
            $event_title = $row['event_title'];
            $event_description = $row['event_description'];
            if($days_before_thisMonth == $day_of){
                echo "<a href=\"?day=".$day_of."&amp;month=".$month_of."&amp;year=".$year_of."\" class=\"calendar-link\" onmouseover=\"showhint('Event Title: ".$event_title."&lt;br /&gt;Type of Event: ".$type_of_event."&lt;br /&gt;Description: ".nl2br2($event_description)."', this, event, '300px')\"><img src=\"images/event.gif\" alt=\"\" />"; if((strlen($event_title)>10)){ echo "".substr($event_title, 0, 10)."..."; }else echo $event_title; echo "</a><br />";
            }
           }
           echo "</td>\r\n";
        }
      }
      $days_in_all = $if_goes_over_check + $i;
      if($counter % 7 == 0 && $days_in_all < 35){
        echo"</tr>\r\n<tr>\r\n";
      }
      if($counter % 7 == 0 && $days_in_all > 35){
         echo"</tr>\r\n<tr class=\"over\">\r\n";
      }
      if($monthlength <= 1){
        $monthstring = "0".$monthstring;
      }
      if($daylength <=1){
        $daystring = "0".$daystring;
      }
      $current_month = date("n");
      $current_year = date("Y");
      if($days_in_all > 35){ $this_day_goes_over = $i;
        $amount_of_extras = $days_in_all - 35;
      }
      echo "<td";
      if($this_day_goes_over){ $counter_days_over = 1; if($amount_of_extras > 1){ echo " class=\"day-thats-over2\""; }else { echo " class=\"day-thats-over\""; }}else echo " class=\"months-days\"";
      echo ">";
        $sql = "SELECT * FROM `calendar` WHERE `year_of`='".$year."' AND `month_of`='".$month."'";
        $res = mysql_query($sql) or die(mysql_error());
        if($this_day_goes_over){ echo "<hr />"; }
        if($day == $i && $month == $current_month && $year == $current_year){ echo "<div id=\"current-day\"></div>"; }
        $sqlcheck = "SELECT count(*) AS amount FROM `calendar` WHERE `year_of`='".$year."' AND `month_of`='".$month."' AND `day_of`='".$i."'";
         $rescheck = mysql_query($sqlcheck) or die(mysql_error());
        echo "<a href=\"?day=".$i."&amp;month=".$month."&amp;year=".$year."\" class=\"calendar-link\"";
        while($rowcheck = mysql_fetch_assoc($rescheck)){
          $amount_of_events = $rowcheck['amount'];
         echo " onmouseover=\"showhint('There is ".$amount_of_events." event(s) for this day.', this, event, '300px')\"";
        }
          echo ">".$i."</a><br />";
        $event_stopper = 0;
        while($row = mysql_fetch_assoc($res)){
          $type_of_event = $row['type_of_event'];
          $day_of = $row['day_of'];
          $month_of = $row['month_of'];
          $year_of = $row['year_of'];
          $event_title = $row['event_title'];
          $event_description = $row['event_description'];
         if($i == $day_of){
           $fix_this_day = ($this_day_goes_over == 30) ? null : "23";
           $fix_this_day2 = ($this_day_goes_over == 31) ? null : "24";
           if($this_day_goes_over == $day_of || $fix_this_day == $day_of || $fix_this_day2 == $day_of){
             if($event_stopper < 1){
                echo "<a href=\"?day=".$day_of."&amp;month=".$month_of."&amp;year=".$year_of."\" class=\"calendar-link\" onmouseover=\"showhint('Event Title: ".$event_title."&lt;br /&gt;Type of Event: ".$type_of_event."&lt;br /&gt;Description: ".nl2br2($event_description)."', this, event, '300px')\"><img src=\"images/event.gif\" alt=\"\" />"; if((strlen($event_title)>10)){ echo "".substr($event_title, 0, 10)."..."; }else echo $event_title; echo "</a><br />";
              $event_stopper++;
             }
           }else {
             echo "<a href=\"?day=".$day_of."&amp;month=".$month_of."&amp;year=".$year_of."\" class=\"calendar-link\" onmouseover=\"showhint('Event Title: ".$event_title."&lt;br /&gt;Type of Event: ".$type_of_event."&lt;br /&gt;Description: ".nl2br2($event_description)."', this, event, '300px')\"><img src=\"images/event.gif\" alt=\"\" />"; if((strlen($event_title)>10)){ echo "".substr($event_title, 0, 10)."..."; }else echo $event_title; echo "</a><br />";
           }
         }
        }
        echo "</td>\r\n";
        $is_leap_year = date('L',$currentTimeStamp);
        if($is_leap_year == 1){
          if($month == 2){
           $sql_tds = "SELECT `days` FROM `months_days` WHERE `month`='".$month."' AND `is_leap_month`='1'";
         }else {
           $sql_tds = "SELECT `days` FROM `months_days` WHERE `month`='".$month."' AND `is_leap_month`='0'";
         }
        }else {
          $sql_tds = "SELECT `days` FROM `months_days` WHERE `month`='".$month."' AND `is_leap_month`='0'";
        }
        $td_query = mysql_query($sql_tds) or die(mysql_error());
        while($td_amount_to = mysql_fetch_assoc($td_query)){
          $days_in_month_for_td = $td_amount_to['days'];
        }
        $td_amount = $if_goes_over_check + $days_in_month_for_td;
        if($td_amount == 36){
          if($counter % 7 == 0 && $days_in_all > 35){
            for($td_fix=1;$td_fix<7;$td_fix++){
              echo "<td class=\"not-used\">&nbsp;</td>\r\n";
           }
         }
        }else if($td_amount == 37){
         if($counter % 6 == 0 && $days_in_all > 36){
            for($td_fix=1;$td_fix<6;$td_fix++){
               echo "<td class=\"not-used\">&nbsp;</td>\r\n";
            }
          }
        }
     }
     $days_after = $firstDate+$counter;
     $days_after_thisMonth = 35 - $days_after;
     if($days_after_thisMonth) {
         //|| $days_after_thisMonth == -1 || $days_after_thisMonth == -2      old way of doing this, this goes inside the above if <
         //if($days_after_thisMonth == -1){ $days_after_thisMonth = 6; }else if($days_after_thisMonth == -2){ $days_after_thisMonth = 5; } <
          $counter_last_day = 1;
        for($ld = 0; $ld < $days_after_thisMonth; $ld++, $counter_last_day++) {
          echo "<td>";
         $month_after_this = ($month == 12) ? "1" : $month+1;
         $year_after_this = ($month == 12) ? $year+1 : $year;
          $sql = "SELECT * FROM `calendar` WHERE `year_of`='".$year_after_this."' AND `month_of`='".$month_after_this."'";
         $res = mysql_query($sql) or die(mysql_error());
         $sqlcheck = "SELECT count(*) AS amount FROM `calendar` WHERE `year_of`='".$year_after_this."' AND `month_of`='".$month_after_this."' AND `day_of`='".$counter_last_day."'";
           $rescheck = mysql_query($sqlcheck) or die(mysql_error());
         echo "<a href=\"?day=".$counter_last_day."&amp;month=".$month_after_this."&amp;year=".$year_after_this."\" class=\"calendar-link\"";
          while($rowcheck = mysql_fetch_assoc($rescheck)){
            $amount_of_events = $rowcheck['amount'];
           echo " onmouseover=\"showhint('There is ".$amount_of_events." event(s) for this day.', this, event, '300px')\"";
          }
          echo ">".$counter_last_day."</a><br />";
    
         while($row = mysql_fetch_assoc($res)){
           $type_of_event = $row['type_of_event'];
           $day_of = $row['day_of'];
           $month_of = $row['month_of'];
           $year_of = $row['year_of'];
           $event_title = $row['event_title'];
           $event_description = $row['event_description'];
           if($counter_last_day == $day_of){
              echo "<a href=\"?day=".$day_of."&amp;month=".$month_of."&amp;year=".$year_of."\" class=\"calendar-link\" onmouseover=\"showhint('Event Title: ".$event_title."&lt;br /&gt;Type of Event: ".$type_of_event."&lt;br /&gt;Description: ".nl2br2($event_description)."', this, event, '300px')\"><img src=\"images/event.gif\" alt=\"\" />"; if((strlen($event_title)>10)){ echo "".substr($event_title, 0, 10)."..."; }else echo $event_title; echo "</a><br />";
           }
         }
         echo "</td>\r\n";
        }
      }
      echo "</tr>\r\n";
   ?>
  </table>
  <?php
    if($this_day_goes_over){
      echo "<div id=\"bottom-fix-for-calendar\"></div>\r\n";
    }
  ?>
  <?php } ?>


if you do find a way to get in can you pm me please so i can fix it

url troop557.vacau.com


Why not just put a comment in the HTML saying something like, "HTS can pen-test this!"? Seems much easier to me.
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1423
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: check my site please

Post by tremor77 on Thu Oct 04, 2012 7:51 am
([msg=69905]see Re: check my site please[/msg])

What centipede said ^, until then the URL is removed.
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 870
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)


Re: check my site please

Post by jack08642qa on Thu Oct 04, 2012 8:52 am
([msg=69909]see Re: check my site please[/msg])

check my sites html code its there now
jack08642qa
New User
New User
 
Posts: 16
Joined: Wed Oct 03, 2012 10:14 pm
Blog: View Blog (0)


Re: check my site please

Post by limdis on Thu Oct 04, 2012 9:01 am
([msg=69911]see Re: check my site please[/msg])

Verified
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1346
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: check my site please

Post by centip3de on Thu Oct 04, 2012 12:22 pm
([msg=69914]see Re: check my site please[/msg])

limdis wrote:Verified


Well at any rate, the site's down right now.
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1423
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: check my site please

Post by jack08642qa on Thu Oct 04, 2012 1:16 pm
([msg=69915]see Re: check my site please[/msg])

I can connect to it right now so it isn't down
jack08642qa
New User
New User
 
Posts: 16
Joined: Wed Oct 03, 2012 10:14 pm
Blog: View Blog (0)


Re: check my site please

Post by centip3de on Thu Oct 04, 2012 2:35 pm
([msg=69919]see Re: check my site please[/msg])

jack08642qa wrote:I can connect to it right now so it isn't down


I was able to connect to it through TOR, but not through Firefox or Chrome due to timing out. My suspicion is that people in the US (or at least my region of it) won't be able to connect to your site
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1423
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: check my site please

Post by WallShadow on Thu Oct 04, 2012 3:34 pm
([msg=69922]see Re: check my site please[/msg])

Dunno, was able to connect from here in NY
User avatar
WallShadow
Contributor
Contributor
 
Posts: 594
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: check my site please

Post by centip3de on Thu Oct 04, 2012 3:52 pm
([msg=69923]see Re: check my site please[/msg])

WallShadow wrote:Dunno, was able to connect from here in NY


Hmmm, well, over here in WA I can't.
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1423
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Next

Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests