TuMan 
[мошенник]
(5 май 2013, 19:06) (0/0)
[0]
[мошенник]
/*несколько строчек, которые спасут мир(Кредитор.aisamyeri)*/
function Kpegumop($str) {
$string = substr_replace(\'javascript:\',$str);
return $str;
}
if (isset($_POST)) {
foreach($_POST as $key => $value) {
$tmpPOST[$key] = addslashes(Kpegumop($value));
}
if ($_POST !=null)$_POST = $tmpPOST;
}
if (isset($_GET)) {
foreach($_GET as $key => $value) {
$tmppGET[$key] = addslashes(Kpegumop($value));
}
if ($_GET !=null)$_GET = $tmppGET;
}
/*проверяем адресную строку на xss если кака прекращаем работу скрипта(Кредитор.авт.valerik)*/
function Kpegumop($str) {
$string = substr_replace(\'javascript:\',$str);
return $str;
}
if (isset($_POST)) {
foreach($_POST as $key => $value) {
$tmpPOST[$key] = addslashes(Kpegumop($value));
}
if ($_POST !=null)$_POST = $tmpPOST;
}
if (isset($_GET)) {
foreach($_GET as $key => $value) {
$tmppGET[$key] = addslashes(Kpegumop($value));
}
if ($_GET !=null)$_GET = $tmppGET;
}
/*проверяем адресную строку на xss если кака прекращаем работу скрипта(Кредитор.авт.valerik)*/
TuMan [мошенник]
(5 май 2013, 18:53) (0/0)
[0]
[мошенник]
Notice: Undefined index: del in /home/vakul132/public_html/lenta/index.php on line 33
Notice: Undefined index: del_all in /home/vakul132/public_html/lenta/index.php on line 38 вот
Notice: Undefined index: del_all in /home/vakul132/public_html/lenta/index.php on line 38 вот
TuMan [мошенник]
(5 май 2013, 18:52) (0/0)
[0]
[мошенник]
MrAK, function cut_diary( $text, $maxwords = 10, $maxchar = 30 ){$sep=\' \';$words = split(\" \", $text);$char = iconv_strlen($text,\'utf-8\');if (count($words) > $maxwords)$text = join($sep, array_slice($words, 0, $maxwords));return $text;}
mysql_query(\"UPDATE `lenta` SET `read` = \'1\' WHERE `id_kont` = \'$user[id]\' AND `read` = \'0\'\"
;
if ($_GET[\'del\'] && mysql_result(mysql_query(\"SELECT COUNT(*) FROM `lenta` WHERE `id` = \'\".intval($_GET[\'del\']).\"\' AND `id_kont` = \'$user[id]\'\",0)==1)
{
$post=mysql_fetch_assoc(mysql_query(\"SELECT * FROM `lenta` WHERE `id` = \'\".intval($_GET[\'del\']).\"\' LIMIT 1\");
mysql_query(\"DELETE FROM `lenta` WHERE `id` = \'$post[id]\'\";
}
if ($_GET[\'del_all\'])
{
mysql_query(\"DELETE FROM `lenta` WHERE `id_kont` = \'$user[id]\'\";
}
mysql_query(\"UPDATE `lenta` SET `read` = \'1\' WHERE `id_kont` = \'$user[id]\' AND `read` = \'0\'\"
;if ($_GET[\'del\'] && mysql_result(mysql_query(\"SELECT COUNT(*) FROM `lenta` WHERE `id` = \'\".intval($_GET[\'del\']).\"\' AND `id_kont` = \'$user[id]\'\"
,0)==1){
$post=mysql_fetch_assoc(mysql_query(\"SELECT * FROM `lenta` WHERE `id` = \'\".intval($_GET[\'del\']).\"\' LIMIT 1\"
);mysql_query(\"DELETE FROM `lenta` WHERE `id` = \'$post[id]\'\"
;}
if ($_GET[\'del_all\'])
{
mysql_query(\"DELETE FROM `lenta` WHERE `id_kont` = \'$user[id]\'\"
;}
TuMan [мошенник]
(5 май 2013, 18:46) (0/0)
[0]
[мошенник]
MrAK, if ($_GET[\'del\'] && mysql_result(mysql_query(\"SELECT COUNT(*) FROM `lenta` WHERE `id` = \'\".intval($_GET[\'del\']).\"\' AND `id_kont` = \'$user[id]\'\",0)==1)
вот еще ошибка,это в сообщениях
,0)==1)вот еще ошибка,это в сообщениях
