PDA

View Full Version : php help 1k oneeeeeeeeeeeee

nipunahasanka
09-12-2009, 08:45 PM
:angry::angry:mata one page ekaka video embed(window media player plugin eka) ekaka play wena video eka pahala tiyena video files wla links click kalama adala video eka play karanna puluwan script ekak. eka ekama page eke idan karanna puluwan ekak wenna ona.:love::love:

dannawa nam help krannakoooooooooooooooooooooooo
3.5G
09-16-2009, 05:21 AM
<?php
$db_handle = mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found)
{
$video=$_GET[video];
$SQL = "SELECT `videosub`.* FROM videosub WHERE (`videosub`.`vid` ='$video'))";

$result = mysql_query($SQL);
if ($result)
{
$playfile=$result['file_url'];
}
mysql_close($db_handle);
}
else
{
print "Database NOT Found ";
mysql_close($db_handle);
}

?>



<html>

<head>
</head>

<body>
<OBJECT ID="MediaPlayer" WIDTH="400" HEIGHT="389" CLASSID="CLSID:22D6F312-B0F6-11D0-94AB-0080C74C7E95"
STANDBY="Loading" TYPE="application/x-oleobject">
<PARAM NAME="FileName" VALUE="<?php print($playfile);?>">
<PARAM name="autostart" VALUE="false">
<PARAM name="ShowControls" VALUE="true">
<param name="ShowStatusBar" value="false">
<PARAM name="ShowDisplay" VALUE="false">
<EMBED TYPE="application/x-mplayer2" SRC="<?php print($playfile);?>" NAME="MediaPlayer"
WIDTH="400" HEIGHT="389" ShowControls="1" ShowStatusBar="0" ShowDisplay="0" autostart="0"> </EMBED>
</OBJECT>
<br>

<p><a href="video.php?video=1">Video 1</a></p>
<p><a href="video.php?video=2">Video 2 </a></p>
<p><a href="video.php?video=3">Video 3 </a></p>
</body>
</html>




CODE EXPLANATION

Using the links we pass the value
<a href="video.php?video=2">Video 2 </a>

Then using above php code we retrieve the value which is passed using the url (ie $_GET[video]=2]

We use that value to extract a file url from the database

Once the file url is retrieved we assign that value to a variable then use that variable in the wmv playersfile url code to view the video

thats all !!!:)
SaNDun
09-16-2009, 06:47 AM
3.5G dala thiyenne database eken adala file eka select karala aragena print(display) karana script ekak.

ohoma nathuwa ona nam file name eka pass karala eka play wena widiyata script eka liyannath puluwan :D

mama meya uda dila thiyena script ekama change karala pennannam ;)

video.php

<?php
$vidID = ( isset($_GET['video']) && is_numeric($_GET['video']) ) ? $_GET['video'] : '';
?>
<html>
<head></head>
<body>
<?php
if ($vidID != '') {
$playfile = 'PATH TO THE FILE'.$vidID.'.EXTENTION';
# Example
# if file name of the file is song1.mp3 , it will go like following
# $playfile = 'files/mp3/song'.$vidID.'.mp3';
# 1 = file ID
?>
<OBJECT ID="MediaPlayer" WIDTH="400" HEIGHT="389" CLASSID="CLSID:22D6F312-B0F6-11D0-94AB-0080C74C7E95"
STANDBY="Loading" TYPE="application/x-oleobject">
<PARAM NAME="FileName" VALUE="<?php echo($playfile);?>">
<PARAM name="autostart" VALUE="false">
<PARAM name="ShowControls" VALUE="true">
<param name="ShowStatusBar" value="false">
<PARAM name="ShowDisplay" VALUE="false">
<EMBED TYPE="application/x-mplayer2" SRC="<?php echo($playfile);?>" NAME="MediaPlayer"
WIDTH="400" HEIGHT="389" ShowControls="1" ShowStatusBar="0" ShowDisplay="0" autostart="0"> </EMBED>
</OBJECT>
<br />

<?php
} else {
echo "INVALID FILE NAME SPECIFIED.<br />Please Try Again!";
}
?>
<p><a href="video.php?video=1">Video 1</a></p>
<p><a href="video.php?video=2">Video 2 </a></p>
<p><a href="video.php?video=3">Video 3 </a></p>
</body>
</html>
meka mama me dan edit karala code kale :rofl:
SaNDun
09-16-2009, 06:52 AM
<?php
$db_handle = mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found)
{
$video=$_GET[video];
$SQL = "SELECT `videosub`.* FROM videosub WHERE (`videosub`.`vid` ='$video'))";

$result = mysql_query($SQL);
if ($result)
{
$playfile=$result['file_url'];
}
mysql_close($db_handle);
}
else
{
print "Database NOT Found ";
mysql_close($db_handle);
}

?>



<html>

<head>
</head>

<body>
<OBJECT ID="MediaPlayer" WIDTH="400" HEIGHT="389" CLASSID="CLSID:22D6F312-B0F6-11D0-94AB-0080C74C7E95"
STANDBY="Loading" TYPE="application/x-oleobject">
<PARAM NAME="FileName" VALUE="<?php print($playfile);?>">
<PARAM name="autostart" VALUE="false">
<PARAM name="ShowControls" VALUE="true">
<param name="ShowStatusBar" value="false">
<PARAM name="ShowDisplay" VALUE="false">
<EMBED TYPE="application/x-mplayer2" SRC="<?php print($playfile);?>" NAME="MediaPlayer"
WIDTH="400" HEIGHT="389" ShowControls="1" ShowStatusBar="0" ShowDisplay="0" autostart="0"> </EMBED>
</OBJECT>
<br>

<p><a href="video.php?video=1">Video 1</a></p>
<p><a href="video.php?video=2">Video 2 </a></p>
<p><a href="video.php?video=3">Video 3 </a></p>
</body>
</html>




CODE EXPLANATION

Using the links we pass the value


Then using above php code we retrieve the value which is passed using the url (ie $_GET[video]=2]

We use that value to extract a file url from the database

Once the file url is retrieved we assign that value to a variable then use that variable in the wmv playersfile url code to view the video

thats all !!!:)
machan oyage code eka weda karanawa.. habai e code eka secutrity athi nam godak durvalai. SQL INJECTION ekak gahanna puluwan lesiyenma :D


$video=$_GET[video];



othanadi kisima security check kirimak wenne na. :rofl:
3.5G
09-16-2009, 10:12 AM
machan oyage code eka weda karanawa.. habai e code eka secutrity athi nam godak durvalai. SQL INJECTION ekak gahanna puluwan lesiyenma :D


$video=$_GET[video];



othanadi kisima security check kirimak wenne na. :rofl:

:yes::yes::yes::yes:

yea bro thats correct this piece of code can be easily sql injected !!

the code below will check weather the value passed is integer if any other character other than numbers are passed then the variable video will be 0 then after that we check with a if condition whether the variable has a value which is greater than 0!!
<?php
$video = $_GET['video'];
$video = (int) $video;
if($video>0)
{
#dbcode
}
?>

hope now the security problem is ok
for more security URL REWRITE is good !!!
SaNDun
09-16-2009, 10:32 AM
:yes::yes::yes::yes:

yea bro thats correct this piece of code can be easily sql injected !!

the code below will check weather the value passed is integer if any other character other than numbers are passed then the variable video will be 0 then after that we check with a if condition whether the variable has a value which is greater than 0!!
<?php
$video = $_GET['video'];
$video = (int) $video;
if($video>0)
{
#dbcode
}
?>hope now the security problem is ok
for more security URL REWRITE is good !!!

This will do that process better :)

<?php
$video = (isset($_GET['video'])) ? $_GET['video'] : '';
if( (is_numeric($video)) && ($video>0) )
{
#dbcode
}
?>
3.5G
09-16-2009, 10:33 AM
This will do that process better :)

<?php
$video = (isset($_GET['video'])) ? $_GET['video'] : '';
if( (is_numeric($video)) && ($video>0) )
{
#dbcode
}
?>

:yes::yes::yes::yes::yes:
SANDAKELUM2009
09-16-2009, 10:36 AM
ahhh machan mokada mage script eka epaadooo, hooooo
SaNDun
09-16-2009, 10:36 AM
:yes::yes::yes::yes::yes:

integer check karanakota is_int() function use karanna epa. ekata is_numeric() function eka use karanna.. security forum ekaka ehema kiyala thiyenawa mama dakka :)
SANDAKELUM2009
09-16-2009, 10:37 AM
hoooo, menna meka wageda ? Radio Player (http://www.samanaleeonline.com/radio.html)
SaNDun
09-16-2009, 10:37 AM
ahhh machan mokada mage script eka epaadooo, hooooo

:oo: :oo: :oo: :oo: :oo: :oo: :oo: :rolleyes: :rolleyes: :rolleyes: :rolleyes: :rolleyes: :rolleyes: :rolleyes:
SaNDun
09-16-2009, 10:40 AM
hoooo, menna meka wageda ?
eke ithin PHP sambandayak naa ne.. JavaScript eken ne stream select wenne. JavaSripts disable nam radio eka weda na :P

BTW - DO NOT SPAM :D

PS:- [Powered By Sandakelum Encryption Technology ]

dan oke monawada encrypt karala thiyenne :rolleyes: :rofl:
SANDAKELUM2009
09-16-2009, 10:42 AM
naaa bro, nipunaya mage player eka dakala thamai oka illanne. mama oota kindiyak damme
SaNDun
09-16-2009, 10:43 AM
naaa bro, nipunaya mage player eka dakala thamai oka illanne. mama oota kindiyak damme
hik hik ok :D
3.5G
09-16-2009, 10:47 AM
eke ithin PHP sambandayak naa ne.. JavaScript eken ne stream select wenne. JavaSripts disable nam radio eka weda na :P

BTW - DO NOT SPAM :D

PS:- [Powered By Sandakelum Encryption Technology ]

dan oke monawada encrypt karala thiyenne :rolleyes: :rofl:

any way nowadays for a good video site we should go 4 AJAX !!!
thats more good if v can !!

anyway gud discussions!!
SANDAKELUM2009
09-16-2009, 10:57 AM
source code eka encypted karalaa thiyenne
SANDAKELUM2009
09-16-2009, 10:59 AM
nathnum denatath player eka nipunaya copy karalaa
SaNDun
09-16-2009, 12:04 PM
onna ekkenek illapu hinda code eka ayin kara :D
SANDAKELUM2009
09-16-2009, 12:07 PM
yes it is can decrypt anyone
SaNDun
09-16-2009, 12:15 PM
yes it is can decrypt anyone
hari hari :P

encrypt karala wedakata athi ekak ona encrypt karanna..

me thiyenne oyage encrypted code eka :P

http://www.fileden.com/files/2006/8/16/171304/script.txt
SANDAKELUM2009
09-16-2009, 12:21 PM
e mokakda bro e ?
3.5G
09-16-2009, 12:26 PM
yes it is can decrypt anyone

ekaaa encrypt karalamea naa neaa !!its just a JS escape !! and using ffx we can easily view the source :)
SaNDun
09-16-2009, 12:29 PM
ekaaa encrypt karalamea naa neaa !!its just a JS escape !! and using ffx we can easily view the source :)
ow machan.. mama oka gena kiyala sandakelum ta pm ekakuth damma :D

thaman mahansi wela mokak hari code karanawa nam eka eka paarama thawa kenek ta copy karanna bari wenna hadanna ona. dan me sandakelum ge hard work (meyath kohen hari ussapu ekak da danne na, ussala modify karala :P) eka thawa kenek ta 1 simple step eken code eka pitinma ussanna puluwan :rofl:
3.5G
09-16-2009, 12:37 PM
ow machan.. mama oka gena kiyala sandakelum ta pm ekakuth damma :D

thaman mahansi wela mokak hari code karanawa nam eka eka paarama thawa kenek ta copy karanna bari wenna hadanna ona. dan me sandakelum ge hard work (meyath kohen hari ussapu ekak da danne na, ussala modify karala :P) eka thawa kenek ta 1 simple step eken code eka pitinma ussanna puluwan :rofl:

he he ow machan !!! eaaka nam hari
therz no full security zone in the internet :lol::lol:

Some how all apps and websites has a crack !!! he he
SANDAKELUM2009
09-16-2009, 02:12 PM
:angry: mama kohenwath issuwe naa ban. owath wadada. :angry:
SaNDun
09-16-2009, 03:25 PM
:angry: mama kohenwath issuwe naa ban. owath wadada. :angry:
nikan boru kiyanne nathuwa idapan machan..

me api koi kawuruth oya stream links wena wena sites walin ussala nemei nam kohomada danne na neda ekathu kale :P :rofl:
nipunahasanka
09-18-2009, 08:17 AM
ahhh machan mokada mage script eka epaadooo, hooooo


Ube eke copy rights wedi
nipunahasanka
09-18-2009, 08:20 AM
naaa bro, nipunaya mage player eka dakala thamai oka illanne. mama oota kindiyak damme
Uba kata wahan idapan
SANDAKELUM2009
09-26-2009, 11:18 AM
hooo hooo
SaNDun
09-26-2009, 11:20 AM
hooo hooo
moko hoo kiyanne?
SANDAKELUM2009
09-28-2009, 08:48 AM
kindiyata banz. paw ape nipunaya