Jump to content


Check out our Community Blogs

SoN9ne

Member Since 20 Mar 2010
Offline Last Active Aug 02 2012 11:51 AM
-----

#616813 Undefined index and Strict Standards: Non-static method

Posted by SoN9ne on 12 December 2011 - 08:42 AM

This will help you get rid of your undefined indexes errors.
$act = isset($_REQUEST['act']) ? addslashes(htmlentities($_REQUEST['act'])) : NULL;
$view = isset($_REQUEST['view']) ? addslashes(htmlentities($_REQUEST['view'])) : NULL;
$do = isset($_REQUEST['do']) ? addslashes(htmlentities($_REQUEST['do'])) : NULL;
$pic = isset($_REQUEST['viewpic']) ? addslashes(htmlentities($_REQUEST['viewpic'])) : NULL;


Then you can do sanity checks for null values.

Personally, I would create a custom filter function and just call that so you have a single method to update that can handle all sanitation. See my post here for an example: http://forum.codecal...html#post317841

On a side note: You seem to be doing pointless double sanitization...

Use htmlentities or htmlspecialchars... not both.

htmlentities() is identical to htmlspecialchars() in all ways, except with htmlentities(), all characters which have HTML character entity equivalents are translated into these entities.
  • -1


#578370 Looking for ideas of how to compare data for a data matrix.

Posted by SoN9ne on 28 October 2010 - 12:21 PM

Hello everyone!

I am playing around with a questionnaire system and I am attempting to figure out a method to compare data between users automatically using a matrix.

Let me give a quick scenario to better understand what I am trying to accomplish.
An end-user will answer a quick questionnaire about what they want from a product.
A product vendor will answer a questionnaire about their product.
I am trying to figure out a reliable algorithm for comparing the data points and recommend a product to the end-user.

The current questionnaire will allow for data to be collected for, but not limited to, 3 points of interest. The number of points of interest are irrelevant as they are basically points to match the data in and there will eventually be more than 20. The questionnaire has the ability to assign questions to a comparison point for both the vendor and the user; it also has the ability to assign points to an answered question and, depending on the question type (radio, check, dropdown), each response can have a different point association. What I am trying to isolate is a valid means to total the points for a comparison point and then find the best products for the user.

I have never done anything like this and I am eager to learn something new. I am concerned the information may be a little confusing. So I’ll attempt to explain it a step further.

As I have stated, there are comparison points and questions are assigned to each comparison point. There are no limits to how many questions are in each comparison point or how many comparison points there can be. I assumed that a total of the points for each comparison section could be compared against each vendor in the system but I am concerned that this will be flawed and perhaps not work efficiently at all. I am trying to have an unbiased comparison but I simply lack the experience with a tool of this sort. Any experience or expertise is greatly appreciated.

Thanks for your time and hopefully someone can push me in the right direction.

p.s. – I did look into the Pearson significance object but I was not sure if this is the proper way to handle this as I simply have never used it before and am not sure if it can be used for my questionnaire. Also, this is not a homework assignment so please don't assume this; I am simply trying to get feedback and suggestions from others.

Thanks again :)
  • 1


#575482 Question on html forms and php

Posted by SoN9ne on 04 October 2010 - 07:50 AM

An example of what I do for my login systems:

  • I use the onsubmit to call a JS method to hash the user's password with their username and a unique random salt that is generated and saved to the session for verification. (this will semi-protect the users password. It can still be deciphered but will take some work)
  • I verify the hash with the salt in the session before I attempt a login.
  • I then query the db using the username to retrieve the user specific salt (regenerated every successful login) and their password hash. I use a different Hash algorithm for passwords stored in the db. (the trick here is to store the hash with the proper salt and hashing standard to be used throughout the script.) I use the same unique salt from the form to verify the password when validating the hash to ensure the hash is the same.
  • I then clear the session vars used and regenerate the session ID and delete the old session file to protect the session.

This is very similar to what I do. I have a few other steps I perform but this is the main concept of my login systems. I try to protect the user's password as best as I can but even hashing it with JS is not that secure since it can easily be deciphered but I'd rather make hackers go through the extra step.
  • -1


#575229 Can a website tell if they're your homepage?

Posted by SoN9ne on 01 October 2010 - 08:04 AM

That would be too invasive and many users may not like it.
The only way I could think to do this without being too invasive is to have a link to add it to their homepage and have this update a field in the database using onclick.
Of course this is a flawed since clicking doesn't mean it is actually being set to their homepage.

Trying to monitor the setting on someones computer is invasive and ethics are called into play here (homepage is a setting). I would never trust a site that much. Better yet, what is the point? I keep my homepage as blank because I don't like loading the same page every time I start my browser. Plus why do I want to wait for a page to load when I want to go somewhere else? Asides from trying to force users to stay on your page, there is no point. It seems this would only benefit the site owner, not the user, hence the reward program. Shady practice in my opinion.

Good idea but benefits do not outweigh the costs.
  • -1


Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download