php help 1k oneeeeeeeeeeeee

nipunahasanka · Sep 12, 2009

mata one page ekaka video embed(window media player plugin eka) ekaka play wena video eka pahala tiyena video files wla links click kalama adala video eka play karanna puluwan script ekak. eka ekama page eke idan karanna puluwan ekak wenna ona. :love:

dannawa nam help krannakoooooooooooooooooooooooo

3.5G · Sep 16, 2009

try and see

PHP:

<?php
	$db_handle = mysql_connect($server, $user_name, $password);
	$db_found = mysql_select_db($database, $db_handle);
	if ($db_found) 
	{		
		$video=$_GET[video];
		$SQL = "SELECT `videosub`.* FROM videosub WHERE (`videosub`.`vid` ='$video'))";

		$result = mysql_query($SQL);
		if ($result)
		{
			$playfile=$result['file_url'];
		}
		mysql_close($db_handle);
	}
	else 
	{
		print "Database NOT Found ";
		mysql_close($db_handle);
	}

?>

Code:

<html>

<head>
</head>

<body>
  <OBJECT ID="MediaPlayer" WIDTH="400" HEIGHT="389" CLASSID="CLSID:22D6F312-B0F6-11D0-94AB-0080C74C7E95"
STANDBY="Loading" TYPE="application/x-oleobject">
    <PARAM NAME="FileName" VALUE="[B][COLOR="Red"]<?php print($playfile);?>[/COLOR][/B]">
    <PARAM name="autostart" VALUE="false">
    <PARAM name="ShowControls" VALUE="true">
    <param name="ShowStatusBar" value="false">
    <PARAM name="ShowDisplay" VALUE="false">
    <EMBED TYPE="application/x-mplayer2" SRC="[B][COLOR="red"]<?php print($playfile);?>[/COLOR][/B]" NAME="MediaPlayer"
WIDTH="400" HEIGHT="389" ShowControls="1" ShowStatusBar="0" ShowDisplay="0" autostart="0"> </EMBED>
  </OBJECT>
  <br>

[U]<p><a href="video.php?video=1">Video 1</a></p>
<p><a href="video.php?video=2">Video 2 </a></p>
<p><a href="video.php?video=3">Video 3 </a></p>[/U]
</body>
</html>

CODE EXPLANATION

Using the links we pass the value

<a href="video.php?video=2">Video 2 </a>

Then using above php code we retrieve the value which is passed using the url (ie $_GET[video]=2]

We use that value to extract a file url from the database

Once the file url is retrieved we assign that value to a variable then use that variable in the wmv playersfile url code to view the video

thats all !!!

SaNDun · Sep 16, 2009

3.5G dala thiyenne database eken adala file eka select karala aragena print(display) karana script ekak.

ohoma nathuwa ona nam file name eka pass karala eka play wena widiyata script eka liyannath puluwan

mama meya uda dila thiyena script ekama change karala pennannam

video.php

PHP:

<?php
$vidID = ( isset($_GET['video']) && is_numeric($_GET['video']) ) ? $_GET['video'] : '';
?>
<html>
<head></head>
<body>
<?php
if ($vidID != '') {
$playfile = 'PATH TO THE FILE'.$vidID.'.EXTENTION';
# Example
# if file name of the file is  song1.mp3 , it will go like following
# $playfile = 'files/mp3/song'.$vidID.'.mp3';
# 1 = file ID
?>
  <OBJECT ID="MediaPlayer" WIDTH="400" HEIGHT="389" CLASSID="CLSID:22D6F312-B0F6-11D0-94AB-0080C74C7E95"
STANDBY="Loading" TYPE="application/x-oleobject">
    <PARAM NAME="FileName" VALUE="<?php echo($playfile);?>">
    <PARAM name="autostart" VALUE="false">
    <PARAM name="ShowControls" VALUE="true">
    <param name="ShowStatusBar" value="false">
    <PARAM name="ShowDisplay" VALUE="false">
    <EMBED TYPE="application/x-mplayer2" SRC="<?php echo($playfile);?>" NAME="MediaPlayer"
WIDTH="400" HEIGHT="389" ShowControls="1" ShowStatusBar="0" ShowDisplay="0" autostart="0"> </EMBED>
  </OBJECT>
  <br />

<?php
} else {
echo "INVALID FILE NAME SPECIFIED.<br />Please Try Again!";
}
?>
<p><a href="video.php?video=1">Video 1</a></p>
<p><a href="video.php?video=2">Video 2 </a></p>
<p><a href="video.php?video=3">Video 3 </a></p>
</body>
</html>

meka mama me dan edit karala code kale :rofl:

SaNDun · Sep 16, 2009

3.5G said:

PHP:

<?php
	$db_handle = mysql_connect($server, $user_name, $password);
	$db_found = mysql_select_db($database, $db_handle);
	if ($db_found) 
	{		
		$video=$_GET[video];
		$SQL = "SELECT `videosub`.* FROM videosub WHERE (`videosub`.`vid` ='$video'))";

		$result = mysql_query($SQL);
		if ($result)
		{
			$playfile=$result['file_url'];
		}
		mysql_close($db_handle);
	}
	else 
	{
		print "Database NOT Found ";
		mysql_close($db_handle);
	}

?>

Code:

<html>

<head>
</head>

<body>
  <OBJECT ID="MediaPlayer" WIDTH="400" HEIGHT="389" CLASSID="CLSID:22D6F312-B0F6-11D0-94AB-0080C74C7E95"
STANDBY="Loading" TYPE="application/x-oleobject">
    <PARAM NAME="FileName" VALUE="[B][COLOR="Red"]<?php print($playfile);?>[/COLOR][/B]">
    <PARAM name="autostart" VALUE="false">
    <PARAM name="ShowControls" VALUE="true">
    <param name="ShowStatusBar" value="false">
    <PARAM name="ShowDisplay" VALUE="false">
    <EMBED TYPE="application/x-mplayer2" SRC="[B][COLOR="red"]<?php print($playfile);?>[/COLOR][/B]" NAME="MediaPlayer"
WIDTH="400" HEIGHT="389" ShowControls="1" ShowStatusBar="0" ShowDisplay="0" autostart="0"> </EMBED>
  </OBJECT>
  <br>

[U]<p><a href="video.php?video=1">Video 1</a></p>
<p><a href="video.php?video=2">Video 2 </a></p>
<p><a href="video.php?video=3">Video 3 </a></p>[/U]
</body>
</html>

CODE EXPLANATION

Using the links we pass the value

Then using above php code we retrieve the value which is passed using the url (ie $_GET[video]=2]

We use that value to extract a file url from the database

Once the file url is retrieved we assign that value to a variable then use that variable in the wmv playersfile url code to view the video

thats all !!!

machan oyage code eka weda karanawa.. habai e code eka secutrity athi nam godak durvalai. SQL INJECTION ekak gahanna puluwan lesiyenma

Code:

[COLOR=#000000][COLOR=#0000BB]$video[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$_GET[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]video[/COLOR][COLOR=#007700]]; [/COLOR][/COLOR]

othanadi kisima security check kirimak wenne na. :rofl:

3.5G · Sep 16, 2009

SaNDun said:
machan oyage code eka weda karanawa.. habai e code eka secutrity athi nam godak durvalai. SQL INJECTION ekak gahanna puluwan lesiyenma

Code:

[COLOR=#000000][COLOR=#0000BB]$video[/COLOR][COLOR=#007700]=[/COLOR][COLOR=#0000BB]$_GET[/COLOR][COLOR=#007700][[/COLOR][COLOR=#0000BB]video[/COLOR][COLOR=#007700]]; [/COLOR][/COLOR]

othanadi kisima security check kirimak wenne na.

yea bro thats correct this piece of code can be easily sql injected !!

the code below will check weather the value passed is integer if any other character other than numbers are passed then the variable video will be 0 then after that we check with a if condition whether the variable has a value which is greater than 0!!

PHP:

<?php
$video = $_GET['video'];
$video = (int) $video;
if($video>0)
{
     #dbcode
}
?>

hope now the security problem is ok
for more security URL REWRITE is good !!!

SaNDun · Sep 16, 2009

3.5G said:
yea bro thats correct this piece of code can be easily sql injected !!

the code below will check weather the value passed is integer if any other character other than numbers are passed then the variable video will be 0 then after that we check with a if condition whether the variable has a value which is greater than 0!!

PHP:

<?php $video = $_GET['video']; $video = (int) $video; if($video>0) { #dbcode } ?>

hope now the security problem is ok
for more security URL REWRITE is good !!!

This will do that process better

PHP:

<?php
$video = (isset($_GET['video'])) ?  $_GET['video'] : '';
if( (is_numeric($video)) && ($video>0) )
{
     #dbcode
}
?>

3.5G · Sep 16, 2009

SaNDun said:
This will do that process better

PHP:

<?php $video = (isset($_GET['video'])) ? $_GET['video'] : ''; if( (is_numeric($video)) && ($video>0) ) { #dbcode } ?>

SANDAKELUM2009 · Sep 16, 2009

ahhh machan mokada mage script eka epaadooo, hooooo

SaNDun · Sep 16, 2009

3.5G said:

integer check karanakota is_int() function use karanna epa. ekata is_numeric() function eka use karanna.. security forum ekaka ehema kiyala thiyenawa mama dakka

SANDAKELUM2009 · Sep 16, 2009

hoooo, menna meka wageda ? Radio Player

SaNDun · Sep 16, 2009

SANDAKELUM2009 said:
ahhh machan mokada mage script eka epaadooo, hooooo

SaNDun · Sep 16, 2009

SANDAKELUM2009 said:
hoooo, menna meka wageda ?

eke ithin PHP sambandayak naa ne.. JavaScript eken ne stream select wenne. JavaSripts disable nam radio eka weda na

BTW - DO NOT SPAM

PS:- [Powered By Sandakelum Encryption Technology ]

dan oke monawada encrypt karala thiyenne :rolleyes:

SANDAKELUM2009 · Sep 16, 2009

naaa bro, nipunaya mage player eka dakala thamai oka illanne. mama oota kindiyak damme

SaNDun · Sep 16, 2009

SANDAKELUM2009 said:
naaa bro, nipunaya mage player eka dakala thamai oka illanne. mama oota kindiyak damme

hik hik ok

3.5G · Sep 16, 2009

SaNDun said:
eke ithin PHP sambandayak naa ne.. JavaScript eken ne stream select wenne. JavaSripts disable nam radio eka weda na

BTW - DO NOT SPAM

PS:- [Powered By Sandakelum Encryption Technology ]

dan oke monawada encrypt karala thiyenne

any way nowadays for a good video site we should go 4 AJAX !!!
thats more good if v can !!

anyway gud discussions!!

SANDAKELUM2009 · Sep 16, 2009

source code eka encypted karalaa thiyenne

SANDAKELUM2009 · Sep 16, 2009

nathnum denatath player eka nipunaya copy karalaa

SaNDun · Sep 16, 2009

onna ekkenek illapu hinda code eka ayin kara

SANDAKELUM2009 · Sep 16, 2009

yes it is can decrypt anyone

SaNDun · Sep 16, 2009

SANDAKELUM2009 said:
yes it is can decrypt anyone

hari hari

encrypt karala wedakata athi ekak ona encrypt karanna..

me thiyenne oyage encrypted code eka

http://www.fileden.com/files/2006/8/16/171304/script.txt

php help 1k oneeeeeeeeeeeee

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Member

Well-known member

Member

Well-known member

Well-known member

Member

Well-known member

Well-known member

Member

Member

Well-known member

Member

Well-known member

Similar threads