|
PHP - Whats The Reason For Using Get_magic_quotes_gpc?
for the below code, what does the get_magic_quotes_gpc part mean?... in simple terms
Code: [Select] $photoname = $_FILES['photo']['name']; if(!get_magic_quotes_gpc()) { $photoname = addslashes($photoname); } Similar TutorialsHey I have a script that builds an array but for some reason there is a loose integer in the variable which is confusing me and i think its the cause of my syntax errors in javascript. But i got no idea where it is coming from =/ Here is the function i use: Code: [Select] <?php function img($id) { $img = array(); $img['tiles'] = $this->db->getAll("SELECT DISTINCT t.id, CONCAT('data/tiles/',filename) AS f FROM `map_tiles` AS mt INNER JOIN `tiles` AS t ON (mt.tile=t.id) WHERE mt.map_id={$this->db->qstr($id)}"); echo print_r($img); die; //exit(json_encode($img)); // turned off for testing ?> The echo returns this: Code: [Select] Array ( [tiles] => Array ( [0] => Array ( [id] => 10 [f] => data/tiles/floor.png ) ) ) 1 <----- why does this appear? And could this cause a syntax error if sent back for JS processing? As you can see there is 1 showing at the end but i don't see why =/ Any ideas if thats suppose to happen ? I have this code below in a while loop, that gets looped through about 10 times and is simply resizing a slightly larger image to fit within a 50px max square. There is other code on my page, but I've narrowed the slowness down to this specific bit of code (i.e. if I take this snippet out, the page loads instantly). With this snippet, the page takes between 5 and 10 seconds to load, which seems absurd for 10 images. FYI, the original images are no larger than 200 px on either side, so it's not like it's looping through large image files. Anyone know why this might be taking so long? Should I be doing it differently somehow? Code: [Select] list($width,$height) = getimagesize($myimage); if ($width > $height) { $datasofar .= "width=50 /></span>"; } elseif ($height > $width) { $datasofar .= "height=50 /></span>"; } else { //height and width must be equal so just set width = 50, but could just as easily set height to 50 $datasofar .= "width=50 /></span>"; } Here are the two if statements: if (!($start <= 0)){ $prev_button = "<a href='forum.php?category_id=$category_id&start=$prev'>Prev</a>"; } if (!($start >= $record_num - $per_page)){ $next_button = "<a href='forum.php?category_id=$category_id&start=$next'>Next</a>"; } But they are not properly working. This is part of a pagination script for the next and previous buttons. I normally don't have a problem with concenation, but for some reason I can't get it work in this case. I have two form variables: firstname_ord and lastname_ord. I have tried concenating them several ways, and get nothing afterwards. attempt 1: $lastname = "firstname_ord" . " " . "lastname_ord"; attempt 2: $firstname = "firstname_ord"; $lastname = "lastname_ord"; $fullname = $firstname . " " . $lastname; attempt 3: $fullname = "firstname_ord"; $fullname = $fullname. " " . "lastname_ord"; attempt 4: $fullname = "firstname_ord"; $fullname .="lastname_ord"; attempt 5: $fullname = (string)"firstname_ord"; $fullname .= " "; $fullname .=(string)"lastname_ord"; I've noticed some people don't use { } when they right statements, when I first started learning PHP a couple years ago, I thought you HAD to put the curly brackets, but apparently not, how does this work and why don't some people use them in their scripts? Used to be a good option, but don't know anymore as password_hash() is now available.
Agree?
I understand that I shouldn't ever manually salt and disable the functions salting. That being said, is there any reason to add a bit extra to the user's password (such as an internal ID and some random constant)?
I spent the last hour or so typing this code up, and for some reason I am getting a query error. I have reviewed & revised the code up and down for the past half hour and can't seem to figure out the problem. Can someone look after this for me and tell me what I could be doing wrong? Yes, I know my code is a bit sloppy and may use bad practice techniques, but it works for me. Its a survey that I coded so I could collect data and place it on CPA ad listings. So I need this so work at some point soon. My code: <?php $user = $_POST['user']; $email = $_POST['email']; $password = $_POST['pass']; $paypal = $_POST['paypal']; $q1 = $_POST['q1[favsite]']; $q2 = $_POST['q2[isp]']; $q21 = $_POST['q2.1[bill]']; $email_services = $_POST['email_services']; $ebay = $_POST['ebay']; $amazon = $_POST['amazon']; $q6 = $_POST['q6[purchase]']; $q7 = $_POST['q7[social]']; $q8 = $_POST['q8[bookmarks]']; $q9 = $_POST['q9[search]']; $q10 = $_POST['q10[homepage]']; $q11 = $_POST['q11[5topsites]']; $q12 = $_POST['q12[state]']; if ($_POST['fin'] == "complete") { $dbc = mysqli_connect('localhost', 'root', 'password', 'database') or die('Could not connect'); $query = "INSERT INTO user_data (id, user, email, password, paypal, q1[favsite], q2[isp], q21[bill], email_services, ebay, amazon, q6[purchase], q7[social], q8[bookmarks], q9[search], q10[homepage], q11[5topsites], q12[state]) VALUES ('$user', '$email', '$password', '$paypal', '$q1', '$q2', '$q21', '$email_services', '$ebay', '$amazon', '$q6', '$q7', '$q8', '$q9', '$q10', '$q11', '$q12')"; mysqli_query($dbc,$query) or die('Error querying database'); include_once("../phpmailer/class.phpmailer.php"); $mail = new PHPMailer; $mail->ClearAddresses(); $mail->AddAddress('', ''); $mail->From = ''; $mail->FromName = ''; $mail->Subject = 'Thanks for finishing the survey!'; $mail->Body = "Hello, $user. This is a reminder that you have finished the survey and your credit is currently being processed. Please login to your account at ../../ to view the status of your credit & cash out. "; if ($mail->Send()) { echo "<center>Mail Sent.</center>"; } else { echo $mail->ErrorInfo; } echo "<center><h2>Thanks for completing the survey! Please <a href='login.php'>login</a> to your account to view the status of your credit & cash out.</h2></center>"; } ?> It has nothing to do with PHPMailer, I of course edited the variables just now so all my info wouldnt be public, but everything is fine untill you press submit & I get the or die() error message "Error querying database". What the hell did I do wrong? Is it possible that I cant name variables in the format I used with most of them ($var1 = $_POST['var[desc]']; ? Hi Friends,
I wanted to know what is new in PHP version 5.6.0. How is it different from its previous versions? How will benefit the security of PHP websites?
Thanks in advance.
So im using textwrangler and usually when you click on the '{' or '}' it will highlight everything inbetween them, well on the top one on line 7 it does not, and i tried messing around with it to try to get it to work cause i keep getting an error on line 8 that says "Parse error: syntax error, unexpected '{' in /home/truckste/public_html/create_topic_parse.php on line 8" Code: [Select] <?php if($username){ header("Location: index.php"); exit(); } if(isset($_POST['topic_submit'])){ if (($_POST['topic_title'] == "" && ($_POST['topic_content'] == "")){ echo "You Did Not Fill In Both Fields. Please Return To The Previous Page."; exit(); } else{ requre('scripts/connect.php'); $cid = $_POST['cid']; $title = $_POST['topic_title']; $content= $_POST['topic_content']; $creator = $_POST['uid']; $sql = "INSERT INTO topics (category_id, topic_title, topic_creator, topic_date, topic_reply_date) VALUES ('".$cid."', '".$title."', '".$creator."', now(), now())"; $res = mysql_query($sql) or die(mysql_error()); $new_topic_id = mysql_insert_id(); $sql2 = "INSERT INTO posts (category_id, topics_id, post_creator, post_content, post_date) VALUES ('".$cid."', '".$new_topic_id."', '".$creator."', '".$content."', now())"; $res2 = mysql_query($sql2) or die(mysql_error()); $sql3 = "UPDATE categories SET last_post_date=now(), last_user_posted'".$creator."', WHERE id='".$cid."' LIMIT 1"; if (($res) && (res2) && (res3)){ header("Location: view_topic.php?cid".$cid."$tid=".$new_topic_id) } else{ echo "There Was A Problem Creating Your Topic. Please Try Again."; } } ?> Hi again, Here is the code $string .= (substr($string,-1) == '-') ? '' : '-'; I know what this code does but to increase my knowledge could some one tell me what is the question mark symbol for ( ? ) and what is the colon doing. As I have seen the ? in a lot of scripts but have no clue what it does and what its used for cheers! Cant Figure Out Whats Wrong With it.. Code: Code: [Select] <?php if(isset($_SESSION['user'])) { $bb = mysql_query("SELECT * FROM main WHERE id=". $_SESSION['id']) or die ("An error has occured: " . mysql_error()); while($n=mysql_fetch_array($bb)) { ?> <div class='cs_article'> <div class='left'> <h2>User Control Panel</h2> <p><a href="usercp.php">User CP</a><?php if($n['rights'] == 1) { echo ", <a href="modcp.php">Mod CP</a>"; }?> <?php if($n['rights'] == 2) { echo ", <a href="aa/">Admin CP</a>"; }?> <div class='button'><a href='usercp.php'>Read more</a></div> </div> <div class='right'> <h1>User CP</h1> </div> </div> <?php }} ?> What its doing: Mod-Justin Compared to Mod-Justin Good evening my PHP experts!!! OK so heres the problem...I have been at this for about 2 DAYS now and for the life of me I just don't understand what I could possibly be doing wrong. I have 3 of 4 variables outputting correctly but without my id being pulled from the URL NOTHING will get written to my database. I have ran some tests and I came to learn that my $_POST['id']; function is not working properly for some strange reason. As always, any help would be greatly appreciated. Please see below PHP code. I also have posted the HTML code for your reference purposes...thanks in advance. Please helpppp!!!! Code: [Select] <?php session_start(); $id = ''; if (isset($_POST['password'])) { include_once "scripts/connect_to_mysql.php"; $id = $_POST['id']; $id = mysql_real_escape_string($id ); $id = eregi_replace("`", "", $id); $cust_password = $_POST['password']; $hashedPass = md5($cust_password); $sql = mysql_query("UPDATE customers SET password='$hashedPass' WHERE id='$id'"); $update_success = 'You have successfully updated your Password. Please click <a href="customer_login.php">HERE</a> to log into your account.'; //Output to test whether or not my variables have anything in them. //$update_success, $hashedPass, $cust_password all Output just fine. $id displays nothing at all. echo $update_success; echo $hashedPass; echo $cust_password; echo $id; exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link rel="stylesheet" type="text/css" href="style.css"/> <script type="text/javascript"> <!-- Form Validation --> function validate_form ( ) { valid = true; if ( document.form.password.value == "" ) { alert ( "Password field must not be blank." ); valid = false; } return valid; } <!-- Form Validation --> </script> </head> <body> <div id="pg_container"> <!--HEADER SECTION--> <div id="header"> <div id="header_logo"></div> <div id="header_right">Welcome to Built 2 Manage.</div> </div> <!--HEADER SECTION--> <!--PAGE CONTAINER--> <div id="pgbdy_container"> <form action="cust_acc_conf.php" method="post" id="form" name="form" enctype="multipart/form-data" onsubmit="return validate_form ( );"> <div id="login_header"> <p> Please log into your account below. </p> </div> <div id="cust_choose_pass_form"> <div id="cust_choose_pass_text"> <p> Password: </p> </div> <div id="cust_choose_pass_field"> <p> <input name="password" type="text" id="password" /><br /><br /> <input name="submit_password" type="submit" id="submit_password" value="Submit Password" /><br /> </p> </div> </div> </form> </div> <!--PAGE CONTAINER--> <div id="footer"></div> </div> </body> </html> hi all me again i have this bit of code mysql_connect($db_hostname,$db_username,$db_password); @mysql_select_db($db_database) or die( "Unable to select database"); $whereClauses = array(); if(isset($_GET['bi'])) { $whereClauses[] = "bi=1"; } if(isset($_GET['print'])) { $whereClauses[] = "print=1"; } if(isset($_GET['online'])) { $whereClauses[] = "online=1"; } $query = "SELECT * FROM `project` ORDER BY `project`.`position` ASC "; if(count($whereClauses)) { $query .= " WHERE " . implode(" AND ", $whereClauses); } with this error msg There was a problem with the SQL query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE online=1' at line 3 I get this kinda error a lot as im still learning is there any way to better find out whats going wrong i use error_reporting(E_ALL); ini_set('display_errors', '1'); at the start of my scripts but it dont tell me a lot. i can work out it some thing to do with the $whereClauses as the page displays ok on show all. Im bit stumped here not even sure what to call the prob is it sql query error or php array problem thanks for any help Ive created a process which automatically creates a form for all of the "courses" that are listed in a database. This table shows the name, the course code, the current program the course is under and an option to delete the course. I have created a drop down menu for the user to select any of the current programs to switch the course into. My problem is I have X amount of select fields and radio buttons and I dont know how to tell which one has been changed below is my code, appreciate the help!: case "ep": if (isset ($_GET['id'])){ $id = $_GET['id']; echo "Below lists all of the current courses under this program. Once you have made all of the changes click the submit button at the bottom of the page. <br><br><br>"; $query = "SELECT * FROM courses WHERE cid = $id"; $result = mysql_query($query) or die (mysql_error()); echo "<form action=\"course_process.php\" method=\"post\">"; echo "<table><tr><td><strong>Course Name</strong></td><td><strong>Course Code</strong></td><td><strong>Change Course Program</strong></td><td><strong>Delete</strong></td></tr>"; $i = 0; while ($row = mysql_fetch_assoc($result)){ $r = $row['id']; $query2 = "SELECT * from catagories"; $result2 = mysql_query($query2) or die (mysql_error()); echo "<tr><td> ". $row['name']. " </td><td> ".$row['code']." </td><td><select name=\"".$row['id']."\">"; while ($row2 = mysql_fetch_assoc($result2)){ echo "<option value=".$row2['id'].">".$row2['name']. "</option>"; } echo "</select></td><td><input name=\"".$row['id']."\" type=\"radio\" value=\"Click to delete\" /></td></tr>"; } echo "<tr><td></td><td></td><td></td><td><input name=\"submit\" type=\"submit\" value=\"Commit Changes\" /> </td></tr></table></form>"; }else{ echo "Invalid action request. ERROR CODE 1"; } break; can you tell me whats wrong with this? Code: [Select] <?php $age= 60; if( isset($_SESSION['logedin']) ) { $q = mysql_query('SELECT id=`$id`, DATE_FORMAT(`last_activity`,"%a, %b %e %T") as `last_activity`,UNIX_TIMESTAMP(`last_activity`) as `last_activity_stamp`FROM `mymembers`WHERE `$logOptions_id` <> "'.($_SESSION['logedin']).'"'); $isonlinecheck = mysql_query($q); if ($isonlinecheck ="last_activity_stamp + $age "< time()){ $isonline = "is <font color='green'>online!</font>";} else { $isonline = "is<font color='red'> offline!</font>"; } } ?> Code: [Select] $correct_numbers = 0; $correct = 0; $numbers_chosen = @explode("|",$ticket['numbers_chosed']); $your_numbers = array(); $array1 = array_count_values($numbers_chosen); $array2 = array_count_values($winning_numbers); foreach($array1 as $number1 => $count1) { foreach($array2 as $number2 => $count2) { if($number2 == $number1 and $count2==$count1) $correct_numbers += $count2; } } $use = 0; $numbers = @implode("|",$winning_numbers); echo $correct_numbers; echo "<br>"; echo $lottery['balls']; I have no idea wthell this does Code: [Select] $correct_numbers += $count2; What's that += suppose to mean? I know the $correct_numbers is supposed to be a matching array count from the for eachs right? $ticket['numbers_chosed'] is Code: [Select] 8|18|3 Its a page 'Downloads'. Works great at localhost but doesnt show up @ web hosting. Code: [Select] <?php define('IN_PHPBB', true); $page = !isset($_GET["page"]) ? "None" : $_GET['page']; $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; $phpEx = substr(strrchr(__FILE__, '.'), 1); include($phpbb_root_path . 'common.' . $phpEx); // Start session management $user->session_begin(); $auth->acl($user->data); $user->setup(); page_header('Downloads'); if(strcmp($page,"org") == 0) { $template->set_filenames(array('body' => 'download/org.html',)); } else if(strcmp($page,"audi") == 0) { $template->set_filenames(array('body' => 'download/audi.html',)); } else if(strcmp($page,"bmw") == 0) { $template->set_filenames(array('body' => 'download/bmw.html',)); } else if(strcmp($page,"vw") == 0) { $template->set_filenames(array('body' => 'download/vw.html',)); } else if(strcmp($page,"nissan") == 0) { $template->set_filenames(array('body' => 'download/nissan.html',)); } else if(strcmp($page,"opel") == 0) { $template->set_filenames(array('body' => 'download/opel.html',)); } else if(strcmp($page,"ford") == 0) { $template->set_filenames(array('body' => 'download/ford.html',)); } else if(strcmp($page,"chevrolet") == 0) { $template->set_filenames(array('body' => 'download/chevrolet.html',)); } else if(strcmp($page,"other") == 0) { $template->set_filenames(array('body' => 'download/other.html',)); } else { $template->set_filenames(array('body' => 'download/org.html',)); } make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx")); page_footer(); ?> and the html: Code: [Select] <table class="tablebg" cellspacing="1" width="100%"> <tr> <th>BMW</th> </tr> <tr class="row1"> <td align="center" style="padding:5px 5px 5px 5px;"> <center> <hr width="60%" size="3" /> <table width="70%"> <tr> <td width="10%"><a href="http://www.upload.ee/image/1626514/325i_2.jpg" target = "_blank"> <img src="http://www.upload.ee/thumb/1626514/325i_2.jpg" border="0"/></a> <a href="http://www.upload.ee/image/1626518/325i_3.jpg"> <img src="http://www.upload.ee/thumb/1626518/325i_3.jpg" border="0"/></a> <td width="0%"><a href="http://www.upload.ee/image/1626519/325i_1.jpg" target = "_blank"> <img src="http://www.upload.ee/thumb/1626519/325i_1.jpg" border="0"/></a> <a href="http://www.upload.ee/image/1626521/325i_4.jpg" target = "_blank"> <img src="http://www.upload.ee/thumb/1626521/325i_4.jpg" border="0"/></a></td></td> <td><b><font color="white">Name:</font></b> 1996 BMW 325i e36 Convertible</br> <b><font color="white">Original Author:</font></b> ikey07</br> <b><font color="white">Size:</font></b> 3.89MB</br></br> <b><font color="white">Description:</font></b></br> Tunable in WAA</br> 2 Body kits included</br> 1. BMW M e36 series + Hood Vents</br> 2. BMW M e46 series + Masked Lights</br> New 2 M series wheels e36/e46</br> Realistic heavy damaged model</br> Model accuracy as real car 96%</br> Openable petrolcap</br> If you replace this car as BF Injection, the front fan is working ( spining )</br></br> <a href="http://ikey07.c-rp.net/viewtopic.php?f=6&t=2"><b><font color="white">Comments</font></b></a></br> </br> <ul id="nav"> <a class="downl" href="http://ikey07.c-rp.net/download/1996_BMW_325i_e36.rar" title="Download"><span>{L_DOWN}</span></a> </div> </br> </td> </tr> </table> <hr width="60%" size="3" /> </center> </td> </tr> </table> <br /> I can't honestly see whats wrong with this code, it's print'ing correct with the print_r. Code: [Select] Array ( [value1] => 2 [option] => - [value2] => 1 ) however i can't actually echo out the value1,value2 or option? It says the vars are empty yet it can still print_r the values so i know there not empty Code: [Select] <?php if(isset($_POST["submit"])){ $value1=$_POST["value1"]; $value2=$_POST["value2"]; $option=$_POST["option"]; } print_r($_POST); echo"$value1"; ?> <form action="index.php" name="submit" method="post"> <input type="text" name="value1"> <select name="option"> <option>+</option> <option>-</option> <option>*</option> <option>/</option> </select> <input type="text" name="value2"> <input type="submit" value="submit"> </form> |
|||||||