|
PHP - Small Insert Errors...
Hi, I"m trying to create insert images files name into the database and save images in folder, however, after i created databse connection, and excuted it... I'm getting error message said
Parse error: syntax error, unexpected $end in C:\xampp\htdocs\ourdeaf\uploadimages\upload.php on line 76 That line 76 is at end of code after </html>, what went wrong! Code: [Select] <form action="<? echo $_SERVER['PHP_SELF']; ?>" method="post" ENCTYPE="multipart/form-data"> Upload:<br><br> <input type="file" name="image"><br><br> <input type="hidden" name="uploaded" value="1"> <input type="submit" value="Upload"> </form> <? }else{ //if the form hasn't been submitted then: //from here onwards, we are copying the file to the directory you made earlier, so it can then be moved //into the database. The image is named after the persons IP address until it gets moved into the database //get users IP $ip=$REMOTE_ADDR; //don't continue if an image hasn't been uploaded if (!empty($image)){ //copy the image to directory copy($image, "./temporary/".$ip.""); //open the copied image, ready to encode into text to go into the database $filename1 = "./temporary/".$REMOTE_ADDR; $fp1 = fopen($filename1, "r"); //record the image contents into a variable $contents1 = fread($fp1, filesize($filename1)); //close the file fclose($fp1); //encode the image into text $encoded = chunk_split(base64_encode($contents1)); //insert information into the database mysql_query("INSERT INTO images (img,data)"."VALUES ('NULL', '$encoded')"); //delete the temporary file we made unlink($filename1); } //end } ?> Similar TutorialsHey all, I have a CRUD php project I am working on. I have insert working reading and deleteing. The only one I have left is update. My page submits the form but when the btn is clicked my page refreshes and does not update in the db. All the controls are cleared. Im assuming I’m missing something simple or just have a small mistake that is running past me,
<?php
error_reporting(E_ALL & ~E_NOTICE);
// include config for Database
require_once "php/config.php";
// Declare the variables that will be used.
$name = $language = $datenow = "";
$nameerror = $langerror = $dateerror = "";
// Process form data when its submitted
if(isset($_POST["id"]) && !empty($_POST["id"])) {
// Get hidden input value.
$id = $_POST["id"];
$input_name = trim($_POST["name"]);
if(empty($input_name)) {
$nameerror = "Name is required. ";
} elseif (!filter_var($input_name, FILTER_VALIDATE_REGEXP,
array("options"=>array("regexp"=>"/^[a-zA-Z\s]+$/")))) {
$nameerror = "Please enter a valid name. ";
} else {
//$namesafe = mysqli_real_escape_string($connection, $input_name);
$name = $input_name;
}
// Validate language entered
$input_lang = trim($_POST["language"]);
if(empty($input_lang)) {
$langerror = "Please enter a language. ";
} else {
$language = $input_lang;
}
// Get current Date and Time
$currentDate = date("Y-m-d H:i:s");
// OR
$datetimeobj = new DateTime();
$datetimeobj->format("Y-m-d H:i:s");
//if(empty($nameerror) && empty($langerror) && empty($dateerror)) {
if($name != "" && $language != "") {
$sql = "UPDATE users SET name=:name, language=:language, " .
"date=:date WHERE id=:id";
error_log($sql);
if($stmt = $pdoConnect->prepare($sql)) {
$stmt->bindParam(":name", $param_name);
$stmt->bindParam(":language", $param_lang);
$stmt->bindParam(":date", $param_date);
$stmt->bindParam(":id", $param_id);
$para_name = $name;
$param_lang = $lang;
$param_date = $date;
$param_id = $id;
if($stmt->execute()) {
header("location: index.php");
exit();
} else {
echo "Something went wrong, try again later.";
}
}
} else {
$errormsg = '<div > 'All fields are required to continue</div>';
}
unset($stmt);
unset($pdoConnect);
} else {
if(isset($_GET["id"]) && !empty(trim($_GET["id"]))) {
$id = trim($_GET["id"]);
$sql = "SELECT * FROM users WHERE id = :id";
if($stmt = $pdoConnect->prepare($sql)) {
$stmt->bindParam(":id", $param_id);
$param_id = $id;
if($stmt->execute()) {
if($stmt->rowCount() == 1) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
//$id = $row["id"];
$name = $row["name"];
$language = $row["language"];
$userdate = $row["date"];
} else {
header("location: error.php");
exit();
}
} else {
echo "Something went wrong with UPDATE, try again later.";
}
}
// Close $stmt statement
unset($stmt);
// Close connection
unset($pdoConnect);
} else {
// URL doesn't contain valid 'id' parameter.
header("location: error.php");
exit();
}
}
?>
When submitting the form, the records are sometimes inserted and sometimes not. I receive no errors stating what the problem is. Code: [Select] <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO customer_tbl (customer_first_name, customer_last_name, customer_company, customer_ac, customer_phone, customer_fax_ac, customer_fax_phone, customer_email) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['customer_first_name'], "text"), GetSQLValueString($_POST['customer_last_name'], "text"), GetSQLValueString($_POST['customer_company'], "text"), GetSQLValueString($_POST['customer_ac'], "text"), GetSQLValueString($_POST['customer_phone'], "text"), GetSQLValueString($_POST['customer_fax_ac'], "text"), GetSQLValueString($_POST['customer_fax_phone'], "text"), GetSQLValueString($_POST['customer_email'], "text")); $customer_id = false; if(mysql_query($insertSQL, $connCid)) $customer_id = mysql_insert_id(); else echo "There was an error."; } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO quote_request_tbl (customer_id, quote_trans_date, quote_from_company, quote_from_address, quote_from_city, quote_from_state, quote_from_zip, quote_to_company, quote_to_address, quote_to_city, quote_to_state, quote_to_zip, quote_comments) VALUES ('$customer_id', %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['quote_trans_date'], "text"), GetSQLValueString($_POST['quote_from_company'], "text"), GetSQLValueString($_POST['quote_from_address'], "text"), GetSQLValueString($_POST['quote_from_city'], "text"), GetSQLValueString($_POST['quote_from_state'], "text"), GetSQLValueString($_POST['quote_from_zip'], "text"), GetSQLValueString($_POST['quote_to_company'], "text"), GetSQLValueString($_POST['quote_to_address'], "text"), GetSQLValueString($_POST['quote_to_city'], "text"), GetSQLValueString($_POST['quote_to_state'], "text"), GetSQLValueString($_POST['quote_to_zip'], "text"), GetSQLValueString($_POST['quote_comments'], "text")); $quote_id = false; if(mysql_query($insertSQL, $connCid)) $quote_id = mysql_insert_id(); else echo "There was an error."; } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1") && (isset($quote_id))) { $insertSQL = sprintf("INSERT INTO building_tbl (quote_id, building_quantity, building_width, building_length, building_height, building_overhang, slope_id, building_type_id, manufacture_id, foundation_id) VALUES ('$quote_id', %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['building_quantity1'], "int"), GetSQLValueString($_POST['building_width1'], "int"), GetSQLValueString($_POST['building_length1'], "int"), GetSQLValueString($_POST['building_height1'], "int"), GetSQLValueString($_POST['building_overhang1'], "int"), GetSQLValueString($_POST['slope_id1'], "int"), GetSQLValueString($_POST['building_type_id1'], "int"), GetSQLValueString($_POST['manufacture_id1'], "int"), GetSQLValueString($_POST['foundation_id1'], "int"); mysql_select_db($database_connCid, $connCid); $Result1 = mysql_query($insertSQL, $connCid) or die(mysql_error()); header('Location: index.php?view=article&id=7'); } mysql_select_db($database_connCid, $connCid); $query_rsSlope = "SELECT * FROM slope_tbl ORDER BY slope_id ASC"; $rsSlope = mysql_query($query_rsSlope, $connCid) or die(mysql_error()); $row_rsSlope = mysql_fetch_assoc($rsSlope); $totalRows_rsSlope = mysql_num_rows($rsSlope); $query_rsSlope = "SELECT * FROM slope_tbl ORDER BY slope_id ASC"; $rsSlope = mysql_query($query_rsSlope, $connCid) or die(mysql_error()); $row_rsSlope = mysql_fetch_assoc($rsSlope); $totalRows_rsSlope = mysql_num_rows($rsSlope); mysql_select_db($database_connCid, $connCid); $query_rsBuildingType = "SELECT * FROM building_type_tbl ORDER BY building_type_id ASC"; $rsBuildingType = mysql_query($query_rsBuildingType, $connCid) or die(mysql_error()); $row_rsBuildingType = mysql_fetch_assoc($rsBuildingType); $totalRows_rsBuildingType = mysql_num_rows($rsBuildingType); mysql_select_db($database_connCid, $connCid); $query_rsManufacture = "SELECT * FROM manufacture_tbl ORDER BY manufacture_name ASC"; $rsManufacture = mysql_query($query_rsManufacture, $connCid) or die(mysql_error()); $row_rsManufacture = mysql_fetch_assoc($rsManufacture); $totalRows_rsManufacture = mysql_num_rows($rsManufacture); mysql_select_db($database_connCid, $connCid); $query_rsFoundation = "SELECT * FROM foundation_tbl ORDER BY foundation_name ASC"; $rsFoundation = mysql_query($query_rsFoundation, $connCid) or die(mysql_error()); $row_rsFoundation = mysql_fetch_assoc($rsFoundation); $totalRows_rsFoundation = mysql_num_rows($rsFoundation); ?> I belve the problem is in this part of the code: if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1") && (isset($quote_id))) Many thanks in advance. I have a problem where I am getting these errors after a form has been submitted from join.html Here are the errors: Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'scswccla'@'localhost' (using password: NO) in /home/scswccla/public_html/insert.php on line 9 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/scswccla/public_html/insert.php on line 9 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'scswccla'@'localhost' (using password: NO) in /home/scswccla/public_html/insert.php on line 9 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/scswccla/public_html/insert.php on line 9 Here is the insert.php file http://pastebin.com/EVtgidQC And the join.html file - http://pastebin.com/hqDtGLe5 How would I fix those errors - I got the code from http://forum.hey0.net/showthread.php?tid=2509 The form is at scswc.com/join.html if you want to look at it. I really want to get this working so if you need any more info to help fix it just ask thanks! I have a form with a series of text boxes where the User enters specific data, be it text, numeric, or date/time. It is not mandatory to fill in every box, but when I submit the form to be put into a mysql table, I get errors such as "Incorrect time value: '' for column 'starttime' at row 1" "Incorrect decimal value: '' for column 'workkj' at row 1" How can I setup the mysql table to accept blank answers? Or is there something I need to do in php to fix this? Sorry if this is simple... I'm still learning. Thanks for the help! I cannot get this INSERT to work. Not records are being added to the sys_city_dev table. No query errors are being thrown. I am simply trying to add ALL records from all_illinois to sys_city_dev and Mid should have be add as 11 in all inserts. city_name of course will be field city_name from all_illinois. Here is my code: $query = "SELECT * FROM all_illinois"; if ($results = mysqli_query($cxn, $query)) { $row_cnt = mysqli_num_rows($results); echo $row_cnt . " Total Records in Query.<br /><br />"; if (mysqli_num_rows($results)) { while ($rows = mysqli_fetch_array($results)) { echo $rows['city_name'] . "<br />"; $mid_id = '11'; $insert_city_query = "INSERT INTO sys_city_dev (ID, Mid, cityName, forder, disdplay, cid) VALUES (' ','" . $mid_id . "','" . $rows['city_name'] . "', '', '','')"; if (!$insert_city_query) exit(mysql_error()); } } } Here is my insert table structure and 5 records dump: -- -- Table structure for table `sys_city_dev` -- CREATE TABLE IF NOT EXISTS `sys_city_dev` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `Mid` int(11) NOT NULL DEFAULT '0', `cityName` varchar(30) NOT NULL DEFAULT '', `forder` int(4) NOT NULL DEFAULT '0', `disdplay` int(4) NOT NULL DEFAULT '0', `cid` int(11) NOT NULL DEFAULT '0', PRIMARY KEY (`ID`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=113970 ; -- -- Dumping data for table `sys_city_dev` -- INSERT INTO `sys_city_dev` (`ID`, `Mid`, `cityName`, `forder`, `disdplay`, `cid`) VALUES (84010, 1, 'Dothan', 0, 0, 0), (84011, 1, 'Alabaster', 0, 0, 0), (84012, 1, 'Birmingham', 0, 0, 0), (84013, 2, 'Flagstaff', 0, 0, 0), (84014, 1, 'Auburn', 0, 0, 0); And the all_illinois dump w/ 5 records: -- -- Table structure for table `all_illinois` -- CREATE TABLE IF NOT EXISTS `all_illinois` ( `state_id` varchar(255) NOT NULL, `city_name` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `all_illinois` -- INSERT INTO `all_illinois` (`state_id`, `city_name`) VALUES ('135', 'Abingdon'), ('135', 'Adair'), ('135', 'Addieville'), ('135', 'Addison'), ('135', 'Adrian'); How do I display the actual errors in IIS 7.5? If I miss a semicolon, I get: "HTTP Error 500.0 - Internal Server Error" absolutely useless. In prior versions, I could see the line and get to the PHP error. How do I display PHP errors? I've added: set_ini('display_errors', '1'); but it doesn't help. I'm missing something here. I have a form, and when the submit is pressed, the relevant post data inserts into table one, then I want the last insert id to insert along with other form data into a second table. The first table's still inserting fine, but I can't get that second one to do anything. It leapfrogs over the query and doesn't give an error. EDIT: I forgot to add an error: I get: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'usage, why VALUES ('14', '', '123', '','1234', '', '')' at line 1 query:INSERT INTO tbl_donar (donar_fname, donar_name, donar_address, donar_address2, donar_city, donar_state, donar_zip, donar_email, donar_phone, donar_fax, donar_company) VALUES ('test 14', 'asdfa', 'asdf', 'adf','asdf', '', '', '', '123', '', '') Code: [Select] if (empty($errors)) { require_once ('dbconnectionfile.php'); $query = "INSERT INTO tbl_donar (donar_fname, donar_name, donar_address, donar_address2, donar_city, donar_state, donar_zip, donar_email, donar_phone, donar_fax, donar_company) VALUES ('$description12', '$sn', '$description4', '$cne','$description5', '$description6', '$description7', '$description8', '$description9', '$description10', '$description11')"; $result = @mysql_query ($query); if ($result) { $who_donated=mysql_insert_id(); $query2 = "INSERT INTO tbl_donation (donor_id, donor_expyear, donor_cvv, donor_cardtype, donor_authorization, amount, usage, why) VALUES ('$who_donated', '$donate2', '$donate3', '$donate4','$donate5', '$donate6', '$donate7')"; $result2 = @mysql_query ($query2); if ($result2) {echo "Info was added to both tables! yay!";} echo "table one filled. Table two was not."; echo $who_donated; //header ("Location: http://www.twigzy.com/add_plant.php?var1=$plant_id"); exit(); } else { echo 'system error. No donation added'; Can anyone tell me why this is not INSERTing? My array data is coming out just fine.. I've tried everything I can think of and cannot get anything to insert.. Ahhhh! <?php $query = "SELECT RegionID, City FROM geo_cities WHERE RegionID='135'"; $results = mysqli_query($cxn, $query); $row_cnt = mysqli_num_rows($results); echo $row_cnt . " Total Records in Query.<br /><br />"; if (mysqli_num_rows($results)) { while ($row = mysqli_fetch_array($results)) { $insert_city_query = "INSERT INTO all_illinois SET state_id=$row[RegionID], city_name=$row[City] WHERE id = null" or mysqli_error(); $insert = mysqli_query($cxn, $insert_city_query); if (!$insert) { echo "INSERT is NOT working!"; exit(); } echo $row['City'] . "<br />"; echo "<pre>"; echo print_r($row); echo "</pre>"; } //while ($rows = mysqli_fetch_array($results)) } //if (mysqli_num_rows($results)) else { echo "No results to get!"; } ?> Here is my all_illinois INSERT table structu CREATE TABLE IF NOT EXISTS `all_illinois` ( `state_id` varchar(255) NOT NULL, `city_name` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Here is my source table geo_cities structu CREATE TABLE IF NOT EXISTS `1` ( `CityId` varchar(255) NOT NULL, `CountryID` varchar(255) NOT NULL, `RegionID` varchar(255) NOT NULL, `City` varchar(255) NOT NULL, `Latitude` varchar(255) NOT NULL, `Longitude` varchar(255) NOT NULL, `TimeZone` varchar(255) NOT NULL, `DmaId` varchar(255) NOT NULL, `Code` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Hello, I'm having a bit of a problem here, all help to this issues would be much appreciated I am trying to use text boxes to insert numbers into the database based on what is inputed. If I have a string, like this for example: $variable = 09385493; And I want to insert it into the database like this: mysql_query("INSERT INTO integers(number) VALUES ('$variable')"); When checking the integers table in my database, looking at the number field, the $variable that was inserted is outputted as 9385493 Notice the number zero was taken out of the front of the number. If the number is double 0's (009385493), both of those zero's would disappear, too. Thanks Hey guys i have a contact form for my site working fine but when i receive the emails i get some unwanted texts after the email section. here they r : name1: ryan number: 343244 message1: hey email: ss@yahoo.com clearField: [type Function] label1: NAME label2: E-MAIL label3: PHONE label5: MESSAGE countField: 5 arrayLabel: undefined,NAME,E-MAIL,PHONE,undefined,MESSAGE i: 6 txtField: _level0.topmenu.page.pages.contactform.txtField5 _request: contact/email.php the script Code: [Select] <?php /***************************************************\ * PHP 4.1.0+ version of email script. For more * information on the mail() function for PHP, see * http://www.php.net/manual/en/function.mail.php \***************************************************/ // First, set up some variables to serve you in // getting an email. This includes the email this is // sent to (yours) and what the subject of this email // should be. It's a good idea to choose your own // subject instead of allowing the user to. This will // help prevent spam filters from snatching this email // out from under your nose when something unusual is put. $sendTo = "hey@email.com"; $subject = "helloy"; // variables are sent to this PHP page through // the POST method. $_POST is a global associative array // of variables passed through this method. From that, we // can get the values sent to this page from Flash and // assign them to appropriate variables which can be used // in the PHP mail() function. // header information not including sendTo and Subject // these all go in one variable. First, include From: $headers = "From: " . $_POST["firstName"] ." ". $_POST["lastname"] . "<" . $_POST["email"] .">\r\n"; // next include a replyto $headers .= "Reply-To: " . $_POST["email"] . "\r\n"; // often email servers won't allow emails to be sent to // domains other than their own. The return path here will // often lift that restriction so, for instance, you could send // email to a hotmail account. (hosting provider settings may vary) // technically bounced email is supposed to go to the return-path email $headers .= "Return-path: " . $_POST["email"]; // now we can add the content of the message to a body variable $message = $_POST['message']; $message = ""; foreach($_POST as $key=>$value) { $message .= $key.": ".$value."\n\r"; } // once the variables have been defined, they can be included // in the mail function call which will send you an email mail($sendTo, $subject, $message, $headers); ?> can some1 suggest me something iam a complete noob ! I'm trying to find the write coding to pull the First and Second words from the 2nd line and the entire 3rd line from this file and have them as $subject1 and $subject2 And I have no php background. http://www.weatherserver.net/text/CWTO/WOCN11.txt so $subject1 = WOCN11 CWTO and $subject2 = SPECIAL WEATHER STATEMENT the problem im getting is with this line in the bootstrap Code: [Select] $this->view->head_title('test'); the view property is only initiated in the league_controller and $this->view doesnt exsist within the bootstap but i call the bootstrap header in the league controller and it wont let me execute the head title...if anyone can help me on why or how i can over come this please....thank you (code below) bootstrap Code: [Select] public static function header() { $this->view->head_title('test'); } leaugue_controller method Code: [Select] public function league($game_name, $league_name) { Bootstrap::header(); $rows = $this->leagues->fetch_league($game_name, $league_name); $this->view->head_title()->set_separator()->prepend('hello'); $this->view->rows = $rows; Bootstrap::footer(); } This topic has been moved to PHP Freelancing. http://www.phpfreaks.com/forums/index.php?topic=348574.0 i am using a php mail scriot which is perfectly sending emails... Code: [Select] <?php require("class.phpmailer.php"); // path to the PHPMailer class $to=$_POST['email']; $msg='<html> <body><h1>My HTML Message</h1> <p>This is text</p> </body> </html>'; $sub=$_POST['sub']; $mail = new PHPMailer(); $mail->IsSMTP(); // telling the class to use SMTP $mail->Mailer = "smtp"; $mail->Host = "mail.mydomain.com"; //$mail->Port = 587; $mail->SMTPAuth = true; // turn on SMTP authentication $mail->Username = "user@mydomain.com"; // SMTP username $mail->Password = "password"; // SMTP password $file = './abc.txt'; // attachment $mail->addAttachment('./attachment.jpeg'); $mail->From = "USER"; $mail->AddAddress("$to"); $mail->Subject = "$sub"; $mail->Body = "$msg"; $mail->WordWrap = 50; if(!$mail->Send()) { echo 'Message was not sent.'; echo 'Mailer error: ' . $mail->ErrorInfo; } else { echo 'Message has been sent.'; } } ?> Every thing is working fine.. But when i paste any html thing in the $msg variable i got just the source code... Any assistance will be very helpfull... -pranshu.a.11@gmail.com Hey guys, I've kind of taken over a project from a friend. It's a leaderboard for posting splits for drivers. The splits get posted to a leaderboard.xsl (which is working fine). The update.php page is designed to update a leaderboard.xml file, this way anyone can login and update new splits for each weeks race. (more info can be found here if you are curious). I found a small bug in the leaderboard.xsl file. It is meant for displaying the drivers splits, calculating the difference between drivers, what division they are, car they used and includes a 'Controller' column. This is where the bug is. Normally, it will display if that driver uses a gamepad or a steering wheel. If it's a one lap aka 'hotlap' race, the Controller column shows either a 'wheel' or 'controller' as it should. However, if it's a multi-lap race (2+ laps), then the Controller column automatically defaults to the <xsl:otherwise> option of a "?". Here is an example of the Controller column working properly for each driver: Here is what it does when there are two (or more) sets of splits for each driver on the leaderboard: The code makes the post over the character length, you can view the code here. Any assistance/help would be great appreciated as I'll be done with the project then Jerome let say i have this <a href="myuploadfolder/picture1.jpg">Picture</a> and when user click on the link, they can see in which folder their picture were kept...is this dangerous?? if yes then how to hide it?? thanks in advance I have made a php cart : check it out on http://fhcs.be/cart-demo4/ My question is: when I order something by clicking on the "voeg toe" button, I'm redirected to the shopping cart. But I don't want to be redirected to the shopping cart, I want to stay on de menu list. What is an easy way to fix this? thanks people index.php Code: [Select] <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>PHP Shopping Cart Demo · Bookshop</title> <link rel="stylesheet" href="css/styles.css" /> </head> <body> <div id="shoppingcart"> <h1>Welkom, plaats uw order</h1> </div> <div id="booklist"> <h1>Warme dranken</h1> <?php $sql = 'SELECT * FROM products WHERE cat=2'; $result1 = $db->query($sql); $output1[] = '<ul>'; while ($row = $result1->fetch()) { $output1[] = '<li>'.$row['name'].': €'.$row['price'].'<br /><a href="cart.php?action=add&id='.$row['id'].'">Voeg Toe</a></li>'; } $output1[] = '</ul>'; echo join('',$output1); ?> <h1>Cocktails</h1> <?php $sql = 'SELECT * FROM products WHERE cat=3'; $result2 = $db->query($sql); $output2[] = '<ul>'; while ($row = $result2->fetch()) { $output2[] = '<li>'.$row['name'].': €'.$row['price'].'<br /><a href="cart.php?action=add&id='.$row['id'].'">Voeg Toe</a></li>'; } $output2[] = '</ul>'; echo join('',$output2); ?> </div> </body> cart.php Code: [Select] <?php // Include MySQL class require_once('inc/mysql.class.php'); // Include database connection require_once('inc/global.inc.php'); // Include functions require_once('inc/functions.inc.php'); // Start the session session_start(); // Process actions $cart = $_SESSION['cart']; $action = $_GET['action']; switch ($action) { case 'add': if ($cart) { $cart .= ','.$_GET['id']; } else { $cart = $_GET['id']; } break; case 'delete': if ($cart) { $items = explode(',',$cart); $newcart = ''; foreach ($items as $item) { if ($_GET['id'] != $item) { if ($newcart != '') { $newcart .= ','.$item; } else { $newcart = $item; } } } $cart = $newcart; } break; case 'update': if ($cart) { $newcart = ''; foreach ($_POST as $key=>$value) { if (stristr($key,'qty')) { $id = str_replace('qty','',$key); $items = ($newcart != '') ? explode(',',$newcart) : explode(',',$cart); $newcart = ''; foreach ($items as $item) { if ($id != $item) { if ($newcart != '') { $newcart .= ','.$item; } else { $newcart = $item; } } } for ($i=1;$i<=$value;$i++) { if ($newcart != '') { $newcart .= ','.$id; } else { $newcart = $id; } } } } } $cart = $newcart; break; } $_SESSION['cart'] = $cart; ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>PHP Shopping Cart Demo · Cart</title> <link rel="stylesheet" href="css/styles.css" /> </head> <body> <div id="shoppingcart"> <h1>Uw bestelling</h1> <?php echo writeShoppingCart(); ?> </div> <div id="contents"> <h2>Gelieve na te kijken voordat u bestelt</h2> <?php echo showCart(); ?> <p><a href="index.php">Terug naar lijst</a></p> <form action="mail.php" method="post"> <input type="submit" name="sendemail" value="Bestel" /> <input type="hidden" name="cart" value="<?= $cart; ?>" /> </form> </div> </body> </html> Okay, I am writing a new form validation script that also keeps the data so it can re-populate the fields the user already filled out if there is an error on the page so they do not have to fill it out again. Here is an example of the code I am using in the HTML part of the form input elements. <input name="name" type="text" id="name" value="<?php=$fields['name']?>"> Now, the problem I am getting is the <?php=$fields['name']?> code is being physically displayed within the form field at all times. How would I go about having it not display this line of code in the field? Thanks!! Hi, my name is Michael Vallier and I am the director of Killer Film Fest. This year I have incorporated some new features and need some php help. If you are able to help with either or both problems, please let me know. Thanks in advance. 1. I am using a forum and I need help customizing it. I have no idea what I am doing. I have changed a few things, but don't know enough to do what I want. I don't need anything crazy, just to fit the look of our website. The forum is not open yet but you can see it he http://www.killerfilmfest.com/forum/ 2. I found a add-on to my website which is a file manager. People can create an account and upload files to my FTP server. I want to use this for filmmakers to upload their films if they choose to do it this way. There is a 10mb limit and it is possible to make it unlimited. I contacted the creator of the application and he led me to a wiki page with the directions. It looked real simple and I tried to do this but without any luck. So if there is anyone out there who can help, that would be great. Thanks -Michael Vallier- I have a search button to help user searching text they are looking. and i use $_GET to pass the value and get it into my query so it simply like this when value was passed into the URL page.php?search=text the problem is that when i try to modify a bit like this page.php?search=">test although i don't get any problem with the query (ERROR) as i've replaced all special characters with blank string, but i always have this test" /> text appear on my page.. what should i do to avoid this?? if they can do whatever they want, it means there is a space for attacker to inject bad codes thanks in advance |
|||||||