overklokan

Re: Sql Injections? problem is that .php will not treat it like error ... no error means nothing to trigger messages like "geeeeeeez man please type your url properly, just once, plizzzzzzzz!" ... user would think all is fine and go away ... it's about script response, not about validity of url

Re: $10 Discount for CE Members so how exactly you shut them down? contact admins on hosting and say it's illegal or?

Re: $10 Discount for CE Members   the stolen buggy shit that I can name a few people are putting out there. yes.. Mine is debugged, built up more features, and comes with lifetime updates as they are released.   I didn't said about your offer, I'm just noticing that there's MANY mafia games, most very similar ...   Yea there is. As well I have shut down about 42 in the last 2 weeks with a list of more then 183 sites to shut down in total from illegal warez. TJ   OMG

Re: $10 Discount for CE Members   the stolen buggy shit that I can name a few people are putting out there. yes.. Mine is debugged, built up more features, and comes with lifetime updates as they are released.   I didn't said about your offer, I'm just noticing that there's MANY mafia games, most very similar ...

Re: Make Money from Your Site with these tips !   Quote: "2) You can become a publisher only if your web site receives at least around 10,000 unique visitors per day." :-o

Re: I want to make/own my own game, please help   nicely spoken ...

Re: Make Money from Your Site with these tips ! So, what would be the best for me as publisher? I mean AdSense is fine but I don't like possibility of being banned for something I have no control over ... I don't like idea of Google getting money and at the same time refusing to pay me some! AdToll seems like fine deal but I would like to read your thoughts on topic before I made a decision ... Thx in advance, overklokan ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Basic Ajax is easy   I'm not speaking about number of AJAX objects but about redesign of let's say 200kB text one-page blog or AJAX-ing CMS sort of stuff ... While AJAX itself is truly easy, redesign of existing pages might be a nightmare (my friend tried AJAX-ing his huge PHPNuke web site but gave up after 1 month)!

Re: Sql Injections? e-mail filtering is as easy as: $email = $_REQUEST["e"]; if(filter_var($email, FILTER_VALIDATE_EMAIL) === FALSE) { echo "Invalid e-mail address!"; } else {do something} so far I found no problems with it even some people say it will not filter some addresses with double or triple @ character (i tried many variations and all were filtered properly) ... for URL validation there are some problems though, example: <?php $url = 'http://...'; var_dump(filter_var($url, FILTER_VALIDATE_URL)); ?> Will display: string(10) "http://..." http://www.php.net/manual/en/ref.filter.php

Re: Sql Injections? no one speaking about PHP in-built functions to do the job? http://www.phpro.org/tutorials/Filterin ... h-PHP.html http://devzone.zend.com/node/view/id/1113

Re: Basic Ajax is easy redesign of static page to work with AJAX is usually not so easy ... It's easy as long as one wants to fetch complete static page, but splitting that page to many smaller ones and relinking can be huge job ... Same goes for dynamic pages because one must modify most server-side scripts in order not to pull complete page ... AJAX is elegant and works great but for that to be easily done it's better to design with AJAX in mind from start! Where I find AJAX very useful is reducing number of server requests ... That goes for pages that are accessed for the first time and for already loaded pages ... First time accessed pages can be much smaller, with less external components that browser must request to show page properly ... On any user's click or data submit, nothing but 1 request is sent ... Ordinary way it would be 1 request and complete .html download, than checking if external components have been changed on server (that might be 10+ request easy) ... If we are considering server under heavy load than using AJAX usualy means keeping server as is instead of upgrading to better one!

Re: [info] What webdev language should I learn first ? I wouldn't suggest anyone who explicitly don't have to use XHTML to use it ... On many sites that 4n4lyse how different browsers handle markup languages (HTML, XHTML) one can find alarming number of problems when it comes to XHTML and most browser in use today! Without going into details here (check blogs of guys behind W3C standards), you can run into cross-browser problems much easier if you use XHTML than HTML 4.01 ... I myself found this to be true since I started making my and some other pages in XHTML just to find out FF and IE refuse to show same content identically, even with things like CSS hacks ... After switching to HTML 4.01 Transitional (and cleaning code from XHTML remains) all my sites apeared exactly the way I wanted them to apear ... Also, many older versions of FF and IE worked correctly, which was not the case with XHTML page If you are listening not me but those people that are making standrads, XHTML is the thing of the past ... HTML 5.0 is about to take-over, same as JavaScript 2.0 ... You can find about that on most relevant web sites, for example: "2.1 Dependencies This specification relies on several underlying specifications. DOM A conforming user agent must support some subset of the functionality defined in DOM Events and DOM Core that this specification relies upon. HTML 5 This specification depends on HTML 5 for defining the Window object and finding the character encoding of a text/html resource. A conforming user agent must support these features. NOTE: The Window Object 1.0 draft is not referenced normatively as it appears to be no longer maintained and HTML 5 defines the Window object in more detail. This specification already depends on HTML 5 for other reasons so there is not much additional overhead because of this." http://www.w3.org/TR/2008/WD-XMLHttpRequest-20080415/

Re: Website Optimization I feel like continuing where mdshare stopped and type a few IMHO important things ... With all respect to Google, you can be better if not complying to their rules! First of all, many of those rules, especially ones about how links should be placed or used, might prevent you from making your site the way you want it to be ... Google is very unfriendly when it comes to JavaScript (AJAX) in general ... Same goes for sites that use a lot of Flash content ... Question here is how much are you willing to sacrifice of your own site design for (possibly, not guaranteed) better Google rank? One of the things that might make you that decision are server logs, where all traffic to your site is written ... By checking those logs you can see how much of the traffic and what quality of traffic you are getting by which source ... If your site is about some very specific content (like web-based non Flash multiplayer games) than you will definitely get higher quality traffic from relevant sites than from Google! Link from relevant site will bring you EXACTLY the type of surfers you need, while 1.000+ surfers from Google might not be really looking for your type of game ... Point is that you DON'T know what surfers will search for with Google! Many still don't know how to use Google query to refine their search, so one that is actualy looking for 3D client based MMORPGs might try searching "mmorpg multiplayer", get your site as 1st result, check it and go away! That's not what you want, right? Instead, by linking to your site from 1.000+ game lists that cover ONLY web-based games you can skip Google's rules completely and get insane and highly targeted traffic to your site ... Currently, more than 75% of traffic to my site come from those lists ... more than 50% of surfers that come from those lists stay for more 5 minutes on site (which is great since site is not finished yet) ... on contrary, around 15% of traffic comes from Google, where i have pretty nice rank already, but only 20% of people that found my site with Google stays over 1 minute on it! I guess they were not looking for exactly the content my site offers ... I think you got the point with this (TRUE, i might change my site's text / title / description / keywords a little but ATM I have better things to do ;o) Remember, Google is no.1 search engine now but that will not be forever ... Companies rise and fall ... by NOT depending heavily on some specific company you will be better in long run! Your 1.000+ links from highly targeted game lists will stay no matter what happens and very likely FORCE Google to give you high PageRank, even if your site is 100% Flash made ... Don't be a slave, make them your slaves!

Re: Do-It-Yourself SEO: A Beginner's Checklist   Above part is about thing called PageRank which Google uses as one of the main factors (beside useful content) when determining the importance of some web page ... if you are serious about getting highest possible PageRank (PR) this tool will come very handy: http://pr.blogflux.com/index2.php Just enter address of web page on which you are about to put link to your site and check it's PR! At that point you'll have to judge for yourself if that web page is more useful as high PR "Vote" for your site or as high (targeted) traffic source ... Keep in mind that Google 4n4lyses text which is located around your links! If your site covers very specific topic, linking to it from high PR but completely irrelevant web page might get you nothing at all (no useful traffic and no "Vote" relevancy) Also keep in mind that to get PR form Google takes time ... if your site is still on PR 0 after few months don't worry, it's all fine! Remember that Google must check ALL sites that link to your site, calculate their PR and than assign PR to your site ... that's process is not as fast as one might think so just have patience and keep on linking to your site (from relevant ones)

Re: How to add in favorites   rofl

Re: $10 Discount for CE Members so that's why i see mafia games poping-up everywhere ...

Re: Clean up your .html code !!!   well yes, some sites might not get "valid" mark but 99% can ... people don't even look at their code ! you can find double doc types, tags before them, 2x same meta tag or even worse (one saying one thing, other completely oppossite) ... just think about what web crawler might end with after 4n4lyse ... check most high-ranked sites on web with same validators, you wont usualy find those errors and warnings :roll:

Re: SQL Injections   true, true ... don't get me wrong, maybe it ended looking like that, but i don't think one DON'T need server-side filtering of user data ... i just proposed JS as step 1 in building defense ... it will protect from to-be-hacker kids and also can reduce traffic/requests to server ... about prevention = general rule is that "the more freedom you give to user the worse" = filtering complex user input is not easy ... on one site i found nice advices, like "if you can do it so user submit only numbers do it" ! prevention than is much easier, cause one can use .php things to check if submited data is number ... if not, well ...

Re: SQL Injections   i do not asume, i reject anyone that has it disabled. no JS no game ... however, most sites that 4n4lyze internet traffic rate JS enabled at around 90%+ ... for example: JavaScript Stats Fri Feb 1 00:01:02 2008 - Fri Feb 29 23:58:01 2008 29.0 Days Javascript 1.2+: 6174899 (94%) Javascript <1.2: 10916 (0%) Javascript false: 335034 (5%) source: http://www.thecounter.com/stats/2008/Fe ... rowser.php (JS and other stats are on the right from browser stats) if you know how to "post" data to server than you are NOT in the group JS validation is added for :wink:

Re: Usefull JavaScripts Go high even more ;o) http://www.schillmania.com/projects/soundmanager2/ About walterzorn scripts: I found tooltip script to be problematic in many areas. One of them is if one decides to use TagToTip function and <span> tags. It works by automaticaly hidding those <span> elements when page is loading and it works ok in FF but not in IE, where all code that is in all <span> shows up if that "security" thing block execution of script. Very ugly imho and reason enough not to use that script with TagToTip function. Another problem i found is that tooltip refuses to show up on apropriate place when there is many <div> on page. It simply go another side of pointer e.g. up from it even if you set it to show under it. Other smaller "bugs" can be found, which prevented me to use script for important areas on my website (ordinary show/hide <div> tricks work much better)

It's very important to have clean .html code of pages you serve to others on internet. One might think page is good enough if it shows ok in most browsers. Not really. Don't forget that your traffic heavily relies on search engines, or it should be ! Web-crawlers that major search engine companies use are designed to pick your .html ONLY and skip all images, JavaScript, CSS and other code ... even if you have in-line JavaScript and CSS it makes no difference since they're removed from 4n4lyze that web-crawlers are doing after they pick your page. That's why you should try to have your .html with 0 errors and warnings ! There are many tools which you might use to check your final -html before uploading it to server. Two of the best i found are following, both designed for FireFox browsers: http://users.skynet.be/mgueury/mozilla/index.html http://chrispederick.com/work/web-developer/ Second one is multifunctional tool. Besides .html and other validations it offers many very usefull thingies. I'm writting this cause i found out that not a single web page i visited from here is clean of errors or warnings. Fix them people, you might be fighting some part of code in order to make it work properly but it's not about that part at all ):o=

Re: SQL Injections   im so tired and can't be asked to keep trying loads of different functions can someone post a working one here i just ain't got a clue about sql i will learn tomorrow :| it's not about sql, it's about php ... mysql is doing just what php asks it to do ... filters are part of .php code, and while many are very complicated, there's no need for that if you KNOW what type of data user can submit ... one of the first line of defense are JavaScript validators, they work on client-side (user browser) and can be set to filter ANY unwanted characters from data that user inputs inside his browser ... next thing is to make sure your submit buttons don't work when JavaScript is disabled in users' browser, otherwise validators are not helping at all ... on top of that, exactly the same kind of filter (or stronger) must be set on server side (in case that hacker avoid all client-side defenses) what is great with this aproach is that you will instantly know if you have "business" with good hacker or not ... for example, if you expect that user submit only numbers and you have JavaScript validator to filter that on client-side, on any non-number character sent to server you know that you are dealing with someone who is not kiddy playing with others' hack-programs ! if so, kick him out game immidiately ;o))