Question php script error

Discussion in 'Web Applications' started by Ch4ch4rR4t0, Oct 3, 2016.

  1. Ch4ch4rR4t0

    Ch4ch4rR4t0 Member

    FIXED!
    Thanks @Terror

    New problem below coments
     
    Last edited: Oct 4, 2016
  2. Laszl0w

    Laszl0w Contributing Member

    Im gonna look it when i will be home.
     
  3. Ch4ch4rR4t0

    Ch4ch4rR4t0 Member

    what, no is possible, is connection same var
     
  4. Terror

    Terror New Member

    replace

    PHP:
    $get_user $connect->query("SELECT * FROM users WHERE username= '$_SESSION['username']'");
    with

    PHP:
    $get_user $connect->query("SELECT * FROM users WHERE username= '{$_SESSION['username']}'");
    or

    PHP:
    $get_user $connect->query("SELECT * FROM users WHERE username= '" $_SESSION['username'] . "'");
     
    Ch4ch4rR4t0 likes this.
  5. Ch4ch4rR4t0

    Ch4ch4rR4t0 Member

    Last edited: Oct 4, 2016
  6. ehthe

    ehthe TS3 Dev-Team Contributor

    SQLi 101
     
  7. Ch4ch4rR4t0

    Ch4ch4rR4t0 Member

  8. Terror

    Terror New Member

    you can't use vairables in single qoutes, replace

    PHP:
    get_time_ago('$GetDataLog');
    with

    PHP:
    get_time_ago($GetDataLog);
     
  9. Ch4ch4rR4t0

    Ch4ch4rR4t0 Member

    No working!!!

    $GetDataAgo = get_time_ago($GetDataLog);
    or
    <td>'.get_time_ago($GetDataLog).'</td>

    PHP:
    public static function historyPurchases()
    {
        global 
    $connect;
       
        
    $user $_SESSION['username'];
       
        
    $get_history $connect->query("SELECT id,user,product_name,product_id,price,Status, Buyed FROM purchases WHERE user = '$user' ORDER BY id");
        
    $row_this $get_history->num_rows;
       
        if(
    $row_this)
        {
            while(
    $history_fetch $get_history->fetch_array(MYSQLI_ASSOC))
            {
                if(
    $history_fetch['Status'] == 3){
                
    $msgStatus "<font color=green>Approved</font>";
                }else if(
    $history_fetch['Status'] == 2){
                    
    $msgStatus "<font color=red>Failed</font>";
                }else if(
    $history_fetch['Status'] == 4){
                    
    $msgStatus "<font color=warning>Refunded</font>";
                }else if(
    $history_fetch['Status'] == 5){
                    
    $msgStatus "<font color=orange>Locked</font>";
                }else{
                    
    $msgStatus "<font color=red>Error</font>";
                }
               
                
    $adata = new DateTime($history_fetch['Buyed']);
                
    $GetDataLog $adata->format("d/M/Y  H:i:s");
                
    $GetDataAgo get_time_ago($GetDataLog);

                echo 
    '
                <tr>
                    <td>'
    .$history_fetch['product_id'].'</td>
                    <td>'
    .$history_fetch['product_name'].'</td>
                    <td>$'
    .$history_fetch['price'].'</td>
                    <td>'
    .$msgStatus.'</td>
                    <td>'
    .$GetDataLog.'</td>
                    <td>'
    .$GetDataAgo.' (beta)</td>
                   
                </tr>'
    ;
            }
           
        }
    }
     
  10. Terror

    Terror New Member

    i'm assuming you are using the get_time_ago function from w3schools.in (http://www.w3schools.in/php/time-ago/) You need to convert your formatted time into a timestamp and it should work.

    replace

    PHP:
    $GetDataAgo get_time_ago($GetDataLog);
    with

    PHP:
    $timestamp strtotime($adata->format("d.m.Y  H:i:s"));
    $GetDataAgo get_time_ago($timestamp);
    And i hope you know what you are doing, i see a lot of potential XSS vulnerabilities in your code...
     
    Last edited: Oct 5, 2016
  11. Ch4ch4rR4t0

    Ch4ch4rR4t0 Member


    Format working (02/02/2016 02:15:00)
    your method error
    I used so and get 7 months ago (i need to get 3 days ago)
    PHP:
    $GetDataLogAgo $adata->format("d/m/Y H:i:s");
                
    $GetDataAgo get_time_ago($GetDataLogAgo);
     
  12. Ch4ch4rR4t0

    Ch4ch4rR4t0 Member

    http://image.prntscr.com/image/e61fc0c5b1204f03ac4ef1f9f6794a9d.png
    my function
    PHP:
    function get_time_ago($timestamp)
     {  
        
    $time_ago strtotime($timestamp);  
        
    $current_time time();  
        
    $time_difference $current_time $time_ago;  
        
    $seconds $time_difference;  
        
    $minutes      round($seconds 60 );           // value 60 is seconds  
        
    $hours           round($seconds 3600);           //value 3600 is 60 minutes * 60 sec  
        
    $days          round($seconds 86400);          //86400 = 24 * 60 * 60;  
        
    $weeks          round($seconds 604800);          // 7*24*60*60;  
        
    $months          round($seconds 2629440);     //((365+365+365+365+366)/5/12)*24*60*60  
        
    $years          round($seconds 31553280);     //(365+365+365+365+366)/5 * 24 * 60 * 60  
         
        
    if($seconds <= 60)  
        {  
            return 
    "Just Now";  
        }  
        else if(
    $minutes <=60)
        {
            if(
    $minutes==1)  
            {  
                return 
    "one minute ago"
            }  
            else  
            {  
                return 
    "$minutes minutes ago";  
            }  
        }  
          else if(
    $hours <=24)  
          {  
         if(
    $hours==1)  
               {  
           return 
    "an hour ago";  
         }  
               else  
               {  
           return 
    "$hours hrs ago";  
         }  
       }  
          else if(
    $days <= 7)  
          {  
         if(
    $days==1)  
               {  
           return 
    "yesterday";  
         }  
               else  
               {  
           return 
    "$days days ago";  
         }  
       }  
          else if(
    $weeks <= 4.3//4.3 == 52/12  
          
    {  
         if(
    $weeks==1)  
               {  
           return 
    "a week ago";  
         }  
               else  
               {  
           return 
    "$weeks weeks ago";  
         }  
       }  
           else if(
    $months <=12)  
          {  
         if(
    $months==1)  
               {  
           return 
    "a month ago";  
         }  
               else  
               {  
           return 
    "$months months ago";  
         }  
       }  
          else  
          {  
         if(
    $years==1)  
               {  
           return 
    "one year ago";  
         }  
               else  
               {  
           return 
    "$years years ago";  
         }  
       }  
     }  
     
  13. Terror

    Terror New Member

    Okay, that's a different function wich is already using strtotime

    Since you are using a valid datetime format in your database you should be able to send the time directly to the function

    replace

    PHP:
    $GetDataAgo get_time_ago($GetDataLog);
    with

    PHP:
    $GetDataAgo get_time_ago($history_fetch['Buyed']);
     
    Ch4ch4rR4t0 likes this.
  14. Ch4ch4rR4t0

    Ch4ch4rR4t0 Member

Share This Page