that’s the point - that one cannot dig through directories
rather “must” follow the menu from your website
and please do not publish your address until you have “patched” everything
it would be good to allow only alphanumeric characters here ( for all input )
because with some manipulation, anything could happen.
And that creation of directories and files could quickly lead you to the inode maximum if someone malicious goes in that direction.
Well yeah but it does not mean you allow everyone and everything to create and write to your hosting account.
In this sense writing and creating viruses in PHP is also a common and elementary thing, isn’t it?
If you are going to complain my statement I am going to say You can do everything with creating and writing to files in PHP, so this is also included.
And I am hinting you that InfinityFree does not allow file hosting even if it is PHP:
Those sentences require a good knowledge of programming to be understood, your statement That’s a nice extension. What’s the file name? clearly says you are a beginner.
@Oxy is trying to tell you that using non-UTF-8 editors can cause file corruption while writing codes in them and saving, it is safer to use a program which supports UTF-8 char-set to prevent such issue.
I have NO intention of PUBLISHING this anywhere. This is for me to LEARN with.
Do you post all your homework in public? I “published” it here to get JSON help (which is still broken, btw), and here we are.
This is a GREAT learning experience. I’m trying to figure out how to catch and stop your example, but I’m getting frustrated. My JavaScript regex doesn’t seem to be working. It’s catching it (or not), but the PHP is still getting called. ARGH!
In this sense writing and creating viruses in PHP is also a common and elementary thing, isn’t it?
I wouldn’t know. I’ve never created a virus, not even a viral video. We did write a few TSR programs in VB4.
safer to use a program which supports UTF-8 char-set
I have NEVER seen such advertised on any software I’ve ever used. Nothing I downloaded said anything about “UTF-8”. If you have to go out of your way to find it, then where does that leave anyone?
clearly says you are a beginner.
I never hinted here that I was anything but. I have 7 years of Classic ASP / VBScript on WindowsNT experience from 1994-2001. I actually worked as a WebMaster in 2000 on a small WinNT/Mac network for ~6 months. Been out of the webdev game for a while. This is the first PC I’ve owned in 7 years. In 2001, Visual Studio cost $500; earlier this year, I downloaded VSCode for FREE!
I never worked on UNIX, got frustrated every time I tried to play w Linux. SOOOO many inside jokes and self-referential references that I stopped laughing FAST.
What’s the old joke?
Did you hear about the guy who dropped a book on his keyboard?
He crashed Wall St, gave secrets to the KGB, confessed the treason to the CIA, and formatted his HDD all at the same time.
I did not say you create it, but judging by how you make it public and accessible for everyone they can create whatever they want on your platform even virus.
Hmm, do you realize it is been two decades since then? We are having an advanced and different technology since then, things are changed since then which means you have to match your knowledge with present. You cannot just learn programming one time and use the same method in future decades.
This is like complaining knife because you cannot drink soup with.
We cannot change our servers to use old windows NT just because you do not know how to work it. You do have to learn today’s knowledge of technology don’t give up 
If you want help with code, StockOverflow might be a better place to go. They are more experienced.
No, but you can take what you learned and apply the new techniques. If you know an old way, it will probably help you now as well.
I can’t exactly help as I’m more of an HTML CSS PHP guy, but best of luck!
Explain it.
I did not say you create it , but . . . they can create whatever they want on your platform even virus.
There are “creators” and “destroyers”. Some think like creators to use things for constructive purposes. Others think like destroyers to use things for more nefarious purposes. People have been doing this kind of stuff since the beginning.
Person 1: uses sticks and rocks to catch fish and build a house.
Person 2: uses sticks and rocks to kill man, steal his fish and live in his house.
Or we could have this same debate over other inanimate objects like guns:
Person 1: Uses gun to defend life, fish and house.
Person 2: Uses gun to kill and steal.
you make it public and accessible for everyone
After I get through this series, I’ll be moving into MySQL so I can get into password protected areas and put other barriers between general public and invited public. I have redesigned this thing dozens of times as I learned something new. 5 major revisions so far, 1 for each language listed. A 6th will be incorporating a MySQL DB. The 7th will be Laravel.
You cannot just learn programming one time and use the same method in future decades.
Hence why I started back at HTML. In 2001, HTML5 had barely been released. CSS wasn’t supported by ANY browser since it was still being redefined. IE held 90+% of the browser market. Chrome didn’t exist. etc. As I go through my tutorial, it often gives “can vs should” programming constructs.
This is like complaining knife because you cannot drink soup with.
Is English your first language or just PHP?
You do have to learn today’s knowledge of technology don’t give up
Are you a teacher or just a critic?
StockOverflow might be a better place to go.
I use their resources OFTEN.
Does not mean you open their hand for it. if you do then they will blame you if anything happens to their service. hence why OxyDac tries to hide your domain name for security.
Much interesting, This is different if you are giving guns freely and not issuing legal license for them owning a gun.
I am not a native English speaker but I don’t see how this is actually related to my knowledge. I am saying everything is made for a purpose hence you cannot use it for unrelated ones, you cannot use your windows knowledge on linux ones that’s it.
I have taught some people with my knowledge before, calling me critic because I don’t debate in friendly way? sounds interesting.
This is different if you are giving guns freely and not issuing legal license for them owning a gun.
So if the guy already planned to steal stuff and kill people, why not steal a gun too?
It amazes me that people think that passing NEW laws will stop crime committed by people who are already breaking the old ones.
I know a cop who had his official cruiser stolen. They then went on a joyride, caused a lot of destruction and shot people with the firearms inside the cop car. Destroyers gonna destroy. If the recent BLM riots say anything, they remind us that “Some people just want to watch the world burn.”
You are literally missing my point, I’m not going to debate politics in a hosting forum.
Goodnight.
This is different if you are giving guns freely and not issuing legal license for them owning a gun.
So London outlawed guns to stop the murders.
They now have KNIFE bans because killers gonna kill.
People murdered others before guns or even knives were ever invented.
Do they not realize the problem is in the heart of the murderer?
as far as I can see it reporting that JSON is not valid
you can check here https://jsonlint.com/
has no name
but also logical if you look at the answer here
so you can modify here if you have the need
a faster (safer too) and easier way to learn and experiment is to use this https://ampps.com/
and then you put your website in this www folder (equivalent to htdocs)
run ampps and everything will be served on your local PC
Here is talk about “everything” so I put the topic in the informal category
So what I’m trying to do is…
Step 1: take a JavaScript array / object (such as from a form), convert it to JSON to be read and formatted by the PHP and sent back as plain HTML. (It works now.)
Step 2: take a PHP array/object (such as from a DB), convert it to JSON to be read and formatted by the JavaScript and displayed.
data: {fruit:json_fruit},
Error was right here. Instead …
data: json_fruit,
While the whole “replace JSON.stringify with a new JSON.stringify” didn’t work, I did use the “convertArraytoObj” function before “stringifying” the array vs NOT using it on the JS object.
our servers do what your code asks period, if your not getting the expected results your expecting then debug your code.
Hi
Javascript runs on the client-side (browsers),
for that reason, you do not have control over what code is running in my browser… I can completely bypass your JS in which you have a regex to check the alphanumeric input or write my own versions,
so
validation should always be done both on the browser and server-side.
The browser can catch simple failures like mandatory fields that are empty and when you enter text into a numbers only field, etc.,
these can however be bypassed, and you should make sure you check for these on deeper validation (server-side PHP).
Failing to do so could lead to malicious code or scripting code being inserted into the database or could cause undesirable results in your website.
I started this thread thinking that it was another “disallowed” problem. There are several threads on here discussing JSON that all ended with the admin in effect saying, “You’re not allowed to do what you’re doing.”
When I had the mail() lesson, I would do everything “correct”, but unless you jump through exactly these specific hoops (phpmailer, etc.) then sending mail() is DENIED. The behavior here was similar: send data and get nothing on either end. It’s like I was sending it into a void, like it was getting blocked by the admin.
Once we determined that it’s a code error, I fixed it and have moved on to the next challenge.
Along the way, we have “PHP Holmes” here showing his ego by proving that he’s a better hacker than I am a coder. (Not much of a challenge since this is my first ever foray into PHP, and he speaks binary as his native tongue.)
That doesn’t explain why it’s getting through on MY browser. I’m trying to get it to work.
PHP filename validation added.
%2F$ is now CAUGHT and invalidated.
Thanks for the education.
