Re: php image-gallery
Accally, I had my main problem fixed before you guys managed to answer
But these last posts has made me uncertain of my code, Suvek did indeed point out my problem, and I accually used that way of fixing it.
Now, insecure?Code:<?php mysql_connect('localhost','thorbear','xxx') || die(mysql_error()); @mysql_select_db('thorbear') || die("Unable to select database"); //Skriver ut alt i tabellen $query = mysql_query('SELECT * FROM gallery'); $num_rows = mysql_num_rows($query); $i = 0; if ($num_rows == 0) { echo "<b>No galleries in database</b>"; } else { echo "<table border=\"0\" align=\"center\"><tr>"; while ($i < $num_rows) { //while $GID = mysql_result($query,$i,"GID"); $name = mysql_result($query,$i,"name"); echo "\n\t\t<td class=\"center\"><a href=\"pictures.php?galleryid=$GID\"> $name </a></td>"; $i++; }//while echo "</tr></table>"; } mysql_free_result($query); mysql_close(); mysql_connect('localhost','thorbear','xxx') || die(mysql_error()); @mysql_select_db('thorbear') || die("Unable to select database"); $query2 = mysql_query("SELECT * FROM `image` WHERE `GID` = '".$_GET['galleryid']."'"); $num_rows2 = mysql_num_rows($query2); $i2 = 0; if ($num_rows2 == 0) { echo "<br /><br /><b>Please select a category</b>"; } else { while($i2 < $num_rows2) { $ImID = mysql_result($query2,$i2,'ImID'); $alt = mysql_result($query2,$i2,'alt'); $adress = mysql_result($query2,$i2,'adress'); echo "\n\t\t<a href=\"$adress\"><img height=\"200px\" src=\"$adress\" alt=\"$alt\"></a>"; $i2++; } // while } mysql_free_result($query2); //Lukker koblingen til databasen mysql_close(); echo "\n\t\t<p>© Thorbear Incognito</p>\n"; ?>
I would like to know how...why?
I haven't really looked innto "secure php" because I was under the impression that none but those with ftp access could view anything but the html output...
PS. The code is still quite messy case I haven't clean-written it yet :P
The script is in use at my homepage www.thorbear.tk under Pictures.
Reply With Quote
Bookmarks