[harman.punj]

Hi guys, this is my first website hosted on 000webhost.com whom I would like to thank for great hosting services.

My website : PassGen.org

Please visit and suggestions and comments most welcomed!

[purcellj]

Not bad actually, would recommend that for the widget you use a similar method to this:

http://passgen.org/widget-code.php?ClientID=[CLIENTID]&Host=[HOST]

Then put into widget-code.php

Code:

mysql_connect($MySQLHost, $MySQLUser, $MySQLPass);
//blah blah blah (Connect to MySQL DB and then do following...)
$IsClient = mysql_query("SELECT * FROM Clients WHERE ClientID='$_GET[ClientID]' AND Host='$_GET[Host]'");
if(mysql_numrows($IsClient) == "0") {
   echo "You are <b>not</b> a valid client!";
}
else {
   echo "THE WIDGET CODE";
}

Just a suggestion :P

[kuroneko]

Quote:

Originally Posted by purcellj

Not bad actually, would recommend that for the widget you use a similar method to this:

http://passgen.org/widget-code.php?ClientID=[CLIENTID]&Host=[HOST]

Then put into widget-code.php

Code:

mysql_connect($MySQLHost, $MySQLUser, $MySQLPass);
//blah blah blah (Connect to MySQL DB and then do following...)
$IsClient = mysql_query("SELECT * FROM Clients WHERE ClientID='$_GET[ClientID]' AND Host='$_GET[Host]'");
if(mysql_numrows($IsClient) == "0") {
   echo "You are <b>not</b> a valid client!";
}
else {
   echo "THE WIDGET CODE";
}

Just a suggestion :P

Code is very much open for SQL injection.

[harman.punj]

Hi thanks for the suggestion! But I fear SQL injection as my 6 months work on a wordpress website got hacked due to it, so Im using no SQL this time for the widget. Its like keeping website fast and responsive.

[funnyatic]

Very Funny Thumbs Up