Posts by Walkere

So Guys How can i Fix this issue so as to get through to my wprk

Well, the best way to do that would be to remember the password you used.

In lieu of that, you can log in as the root user and modify the password for the user 'pma' to something new.

Here's how you do this in phpmyadmin, once you're logged in as the "root" account.

• Click on "Privileges" tab
• Find username 'pma' in the list
• Click on the "Edit Privileges" icon all the way to the right
• Scroll down to where it says "Change Password"
• Select "Password" and enter a new password

If you don't know the password for the "root" account, you can re-set the password and then use the root account to reset the 'pma' account. Here's the relevant section of the mySQL documentation on re-setting the root password.

Good luck,
- Walkere

My idea is to store username and password in a php file and update them.

I'm not sure if this would be the best way to do it...

However, the basic functions you'll need to use are PHP's file functions. The simplest way to do it would be...

$fileContents = file_get_contents($filename);

//  Do something with the contents

file_put_contents($filename, $newFileContents);

file_get_contents() takes a filename (string) and returns the contents of the file in a string.
file_put_contents takes a filename (string) and contents (string) and writes them to the file.

For storing usernames and passwords, the best solution is probably to use a mysql database. You could read the databases section of Practical PHP Programming for an overview of mysql and the related php functions.

Another option would be to use an xml file to store the usernames and the hashed passwords (after they've been processed with md5 or crypt). This is a simpler option if you don't have access to or don't want to use a database.

PHP has some great built in functionality with xml now using SimpleXML. You could read the SimpleXML section of Practical PHP Programming for an overview on how to use it to read, write, and modify xml data.

Good luck,
- Walkere

Thanks for your reply.
If use $cypher = crypt( time() ) as my salt, I would have to remember the value generated by time(). This will allow me check their password during login. Am I right?
I am working on an existing site. I myself don't know why crypt was used.

Yes... and no.

Take a look at the output of this snippet.

$cypher = crypt ( time() );
echo $cypher . '<br />';
echo crypt('password', $cypher) . '<br />';
echo crypt('password1', $cypher) . '<br />';

$1$wq9DJoxw$BXWWXppH8uBry2NKaD3uF.
$1$wq9DJoxw$NuwqVpY4.7rcmllLROImH.
$1$wq9DJoxw$G.a0Gd1vbp4SAaQcCxj3c.

Notice how the first 11 characters of each line ($cypher, the crypt of 'password', and the crypt of 'password1') are all the same?

When you make the initial crypt() call, it automatically generates a salt for you. On my server, that automatically generated salt is based on an md5 hash - and is formatted as $1$xxxxxxxx$.

The crypt function always pre-pends the salt used to the output. So when you later encrypt 'password,' you're saving the salt inside that encryption. So you don't have to save the $cypher variable we created, you just need to save the outcome of crypt('password', $cypher) and use that as your new salt.

Like this example...

$cypher = crypt ( time() );
$password = crypt('password', $cypher);

if (crypt('password', $password) == $password)
	echo "Match!";
else
	echo "No match!";

So when you initially encrypt 'password,' you can use any md5 hash salt - including a random one based on time. Just save …

Hello,
I just used the crypt command on 'password' and 'password1' and got identical output!! What are the rules concerning the crypt function? Am I not allowed to use numbers? EXACTLY what am I allowed to use? Many thanks in advance.

According to this comment on php.net, certain situations will cause crypt() to only look at the first eight characters.

For example, in this situation, they seem to return the same thing and only compare the first eight characters...

<?php
echo crypt('password', 'blablabla');
echo crypt('password1', 'blablabla');
?>

One way to this doesn't happen is to use a md5 hash as the encryption salt. For example, this will automatically generate an md5 hash for the salt, and use that for the encryption (at least the way my server is set up).

<?php
$cypher = crypt( time() );
echo crypt('password', $cypher);
echo crypt('password1', $cypher);
?>

That will return two different strings like it is supposed to.

Random question... why use crypt? Why not just check the md5 hash of the password (saved in the db) against the md5 hash of the user input?

- Walkere

Most of your code seems to be fine, but I'm a little confused as to what the $week_cycle is supposed to do.

I took your code and worked out the example script (at the bottom of this post).

It starts with a beginning date - I entered the first day (Monday) of the first week of this year (12/31/2007). Remember that Week #1 will usually start in the previous year (unless the first day of the year is Monday).

It then loops through and saves the date of the Monday of each week ($week_data) and the date of the Sunday ($week_data).

I also didn't understand why you added a full week to get the week's end. Doesn't the week end on Sunday (6 days)? If you wanted it to be Monday to Monday, you could easily switch the ("+6 Days") back to ("+1 Week").

Script loops through 53 times, creating an entry for each week and saving it in an array indexed by the Week No.

Then you can simply loop through the array to output each week (like I did), or look up a specific week by it's Week No and echo that.

It seems to me this does what you need, unless I misunderstood what you were looking for...

Good luck,
- Walkere

<?php

$increment = 1;		//  # of weeks to increment by

//  First day of the first week of the year
$startdate = strtotime("31 December 2007"); …

... I'm not entirely sure why'd you write your own function when the built-in addslashes function works perfectly well.

Aye, I was wondering the same thing.

addslashes() is slightly different - it escapes a couple of extra characters (including '\' and NUL). However, these (especially \) need to be escaped anyway.

So, to fill in the original example...

$unedited = $_POST['content'];
$content = addslashes($unedited);

However, you might be looking to learn how to use preg_replace... so we'll go back to the original example.

You can use preg_replace() like Fungus did with str_replace - sending an array as the search and replacement parameters.

The problem with your example is that you're only presenting one thing for the replacement parameter - "\'".

In order to replace ' with \' and " with \" you need to do one of a few things - perform two preg_replaces (one for each replacement), use arrays within the preg_replace, or use a variable in the regex to print the quote based on what the search found. I'm not that good with regex, so I'm not sure if you can do that... but I think you can.

Anyhow, here's an example of how you could use arrays to perform the desired function with preg_replace.

$string = "\"You're not very wise,\" said the wise man.";

$string = preg_replace(array("/'/", '/"/'), array("\'", '\"'), $string);
echo $string;

That appears to escape both the single and double quotes just fine.

Good …