PHP - Extra Character Being Added To Output

this is my first post so I hope someone can help find a solution to this problem. I created this website in wordpress www.porthopehealthcentre.com
It displayed correct in firefox but not ie.

There was an extra closing </div> tag in my header php. I deleted this and now it displays correct in ie but not firefox.

Can I somehow link to two different header files one for ie and one for firefox? if so how do I do this?

Or is there an easier solution to this. I would really appreciate someones help as this is the final thing that needs adjusting to finish the job.

For some reason this only allows one SQL to be added...

// SQL Connection
$username="monstert_admin"; $password="admin"; $database="monstert_admin";
$connection = mysql_connect("localhost", $username, $password) 
or die("Connection Failure to Database");
// Select Database
mysql_select_db($database, $connection) or die ($database . "No Database" . $username);

//Select everything from the the table
$MyQuery = "SELECT * FROM photos";
$retrieve = mysql_query($MyQuery) or die(mysql_error());
if(mysql_num_rows($retrieve) != 0):
$row = mysql_fetch_assoc($retrieve);
else:
echo '';
endif;

if(isset($_POST['Submit']) && !$errors)
{
$url = $newname;

   include('img.php');
   $image = new SimpleImage();
   $image->load($url);
   $image->resize(500,315);
   $image->save($newname);

mysql_query("INSERT INTO photos (url) VALUES ('$url')");

echo "File Uploaded Successfully as <i> ";
echo $newname;
echo "</i>";
}

What would the issue be? I only have two columns - ID and url

Thanks in advance!

Hi,
Im building a management web application that can contain sensitive information for people, allow for cheques to be printed, amoung other things. Im wondering what are some extra security features that could be added as some users may not want to have the web application available outside their business. I would preffer doing this without having to run the server locatlly on thier machine. i was thinking something like only allowing certain ip address's to access the sites login.

Anyone have any other/better ideas?

I have a membership site that a user creates a username and password at registration. The user logs in and all that works. The usersname is located in the database under users. Each page is protected and you must login to access it. Here is the code for that

checkLogin('2');

$getuser = getUserRecords($_SESSION['user_id']);

If the user login is correct they have access to the page. This all works fine as I said. On this page is a form that gets filled out. All the data except the username is added to the database for the contents of this form. I need to have the username added to the database to track who the data belongs to. Here is the code I have for this, can some tell me where I messed up.   The line under the the code <body> pulls the username and the echo command prints the username on the page. I repeated this code under the if ($_SERVER['REQUEST_METHOD'] == "POST") code and it also prints the username.

<?php

// this is processed when the form is submitted
// back on to this page (POST METHOD)
    if ($_SERVER['REQUEST_METHOD'] == "POST") 
    {		$usernow = $getuser[0]['username'];
    		$userid = $usernow; 
    		echo "$userid";
    		
        # escape data and set variables
        
        $userid = addslashes($_POST["userid"]);        
        $date = addslashes($_POST["date"]);
        $temperature = addslashes($_POST["temperature"]);
        $ph = addslashes($_POST["ph"]);
        $ammonia = addslashes($_POST["ammonia"]);
        $nitrite = addslashes($_POST["nitrite"]);
        $nitrate = addslashes($_POST["nitrate"]);
        $phosphate = addslashes($_POST["phosphate"]);
        $gh = addslashes($_POST["gh"]);
        $kh = addslashes($_POST["kh"]);
        $iron = addslashes($_POST["iron"]);
        $potassium = addslashes($_POST["potassium"]);       
        $notes = addslashes($_POST["notes"]);    
        

//  # setup SQL statement
				$sql  = " INSERT INTO water_parameters ";
				$sql .= " (id, userid, date, temperature, ph, ammonia, nitrite, nitrate, phosphate, gh, kh, iron, potassium, notes) VALUES ";
				$sql .= " ('', '$userid', '$date', '$temperature', '$ph', '$ammonia', '$nitrite', '$nitrate', '$phosphate', '$gh', '$kh', '$iron', '$potassium', '$notes') ";

//  #execute SQL statement
    		$result = mysql_query($sql);
			
//   # check for error
    if (mysql_error()) { print "Database ERROR: " . mysql_error(); }

		print "<h3><font color=red>New Water Parameters Were Added</font></h3>";
} 
?>

The script below used to work fine but the HTTP_REFERER was unreliable so i added a re-direct if the HTTP_REFERER was unavailable and now nothing is being added to the MySQL BD, the script runs ok ie it sends the user back to where they come from, any ideas what could be wrong? 



<?php
require("../include/mysqldb.php");
$uinwish = $_GET['uinwish'];
$wishrefer = $_SERVER['HTTP_REFERER'];
$wishdate  = mktime(0, 0, 0, date("m"), date("d")+3, date("Y"));
$rand_wish_cookie = $_COOKIE["wishtracking"];

$con = mysql_connect("$dbhost","$dbuser","$dbpass");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("$dbame", $con);

//DB Stuff start code below

//check if the uin and cookie have already been stored together.
$sql = "select * from Wish_list_guest where usercookie='$rand_wish_cookie' and uinwish='$uinwish'";
$result = mysql_query($sql);


$row = mysql_fetch_row($result);
if (mysql_num_rows($result)!= 1) {

$issetvar = "1";

if (!isset ($wishrefer)){

$host  = $_SERVER['HTTP_HOST'];
$extra = 'profile.php?uin=';
header("Location: http://$host/$extra$uinwish");
exit;
}

if (isset ($wishrefer)){

header("Location: $wishrefer");
exit;
}
}

if ($issetvar = 1) {

mysql_query("INSERT INTO Wish_list_guest (usercookie, date_delete, uinwish, referwish)
VALUES ('$rand_wish_cookie', '$wishdate', '$uinwish', '$wishrefer')");

mysql_close($con);


if (!isset ($wishrefer)){

$host  = $_SERVER['HTTP_HOST'];
$extra = 'profile.php?uin=';
header("Location: http://$host/$extra$uinwish");
exit;
}

if (isset ($wishrefer)){

header("Location: $wishrefer");
exit;
}
}


?>

So I ran into the most bizarre problem ever on my live server. For some odd reason something, somewhere is adding an extra character after every " mark I have. Now I am using zend framework but this can not be an issue involving them since everything works perfectly on my localhost. I am using 1and1 to host my application but for the love of me I can not narrow this down any more.

Ex of my problem, I type this into my text box: "This is a sentence" and it proceeds to saving this: \"This is a sentence\" 

Something is happening right after I submit my form because if I add the code directly in my database, it displays everything fine. Has any one ever ran into this problem before?

I got two values from a form in a page by POST method. Now I want to add this values to a text file. The code of form1.htm is like this:
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
<form action="write1.php" method="post">
<fieldset>
<legend>Log In...</legend>
<input type="text" name="uname" /><br>
<input type="text" name="pass" /><br><br>
<input type="submit" name="button" value="Log In" />
</fieldset>
</form>
</body>
</html>

And the code of write1.php is like this:
<?php

function arr_func()
{
$name = $_POST['uname'];
    $pass = $_POST['pass'];
//trying to catch values in an array
    $arr[] = array("name"=>"$name", "pass"=>"$pass");
foreach ($arr as $val_arr)
{
foreach ($val_arr as $key=>$val)
{
echo "$key - $val<br>";
}
echo '<br>';
}
}

$arr1 = arr_func();
//values are printed, no problem
echo $arr1;
//trying to change the array into string, is it wrong approach?
$var1 = strval($arr1);

// set file to write
$file = 'student/dump.txt'; 
// open file 
$fh = fopen($file, 'w') or die('Could not open file!'); 
// write that variable into file 
fwrite($fh, "$var1\n") or die('Could not write to file'); 
// close file 
fclose($fh); 


?>

After log in in form1 I get two values of $name and $pass in write1.php but no values being added to the file mentioned in the path.

I'm trying to make it so i can show the friends i added, or users that added a friend


<table border=2 width="250" height="125"><tr>
<?php
$userfinal = get_username($_SESSION['user_id']);
$Members = mysql_query("SELECT * FROM friends WHERE username='$userfinal' AND friendname");
$numRowsMembers = mysql_num_rows($Members);

for($count = 1; $count <= $numRowsMembers; $count++)
{
    $name = mysql_fetch_array($Members);


?>
<td width="150" height="125">
<a href="view_profile.php?username=<? echo $name['friendname']?>"><img src="<? echo $name['main_P']?>" width="100" height="100"/>
<? echo $name['friendname']?></a>

<?
if (isset($name['date']) && (time() - $name['date'] > 300)) {

echo 'offline =[';
} else {

echo "<font color=green>[Online Now!]</font>";
}
$name['date'] = time(); // update last activity time stamp
?>

</td>




<? } ?>
</tr></table>



database


id  friendname  username
12  kristybellexo  zhshero
13  demo  zhshero
14  zhshero  zhshero

I hope that subject made sense!

I have a page where I want to generate page-specific keywords automatically. Actually I have some general keywords stored in a text file and then I add the page-specific ones after those. The problem is, however, solely caused by the keywords I pull from my text file. A "1" is added to my list of keywords. Consider a news page like so:

news.php
// ...
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="keywords" content="<?php require('php/generateKeywordList.php'); ?>" />
</head>
// ...

And then generateKeywordList.php
// I have omitted the part with the page-specific keywords, because it is not what causes the problem (commented it all out)
set_include_path('/mypath/');
$str = require_once('includes/websiteKeywords.txt');
echo $str; // For some reason, the number 1 is added at the end of this string


websiteKeywords.txt (it doesn't matter what I put in there)
Code: [Select]
these, are, my, keywords, for, my, website
In my meta tag, the above would be displayed as:
Code: [Select]
these, are, my, keywords, for, my, website1
I then tried to make a simple php page like this

$keywords = require('includes/websiteKeywords.txt');
echo $keywords;

... and it worked. At the moment I have absolutely no idea where the number 1 comes from.

So, basically if I include the keywords directly from the text file into my meta tag, it displays fine. If I make a simple php page where I echo out the keywords from the text file, it displays fine. But if I include my php script, which echos the keywords, into my meta tag, the number 1 is added at the end of the string.

Am I completely missing something here or is this extremely strange?


Thanks for any help!

I have a form that has this:

Code: [Select]
<input type="text" name="notes_date" size="10" value="<?php echo date("m/d/Y");?>" />
I enter into the database after processing the variable like this:
Code: [Select]
$notes_date=date ("Y-m-d H:i:s", strtotime($_POST['notes_date']));
However, it gets stored at 2012-03-15 00:00:00

How do I fix this so that the current time gets stored instead of 00:00:00?

i have a log file which gets new data time by time. is there any way i can read only new added entries (block) in the file? instead of start reading file from start to the end of file. this file size will be in GBs soon. Thanks. currently i am using file() to read the file. following is the example of new added block in file.   ----SMS_START---- recv_time:2014-10-09 18:32:39
Span: 1
From-Number: +1347XXXXXXX
Timestamp: 14/10/09 18:32:16 96
Type: PDU
SMS-SMSC-Number: +12404492163
Content: Thanks,   ----SMS_END----

Hey guy

<?php
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("Examination", $con);

$sql="INSERT INTO Test (Tes_Name, Tes_Description)
VALUES
('$_POST[Tes_Name]','$_POST[Tes_Description]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";

mysql_close($con)
?> 

This is my code and I can enter Tes_Name on to mysql but nothing is shown for Tes_Description.

The form is

Code: [Select]
<html>

    <body>

<h3>Test</h3>

<table border="0">
<form method="POST" action="try2.php">
<tr><td>Tes_Name</td><td>:</td><td><input type="text" name="Tes_Name" size="20"></td></tr>
<tr><td>Tes_Description</td><td>:</td><td><input type="Tes_Description" name="password" size="20"></td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td><td><input type="submit" value="Submit"></td></tr>
</form>
</table>

</body>
</html>

Hello:

I am working with a script that I am using to make a player roster - the user can add a photo, player title, number, years played, and a bio.

The data comes from a submit form, then goes to the code below to process everything.

It works fine if a photo is added, but if a photo is not added, the script does not work.

Any idea why, and how I can fix it?

Code: [Select]
<?php
// initialization
$result_final = "";
$counter = 0;

// List of our known photo types
$known_photo_types = array( 
'image/pjpeg' => 'jpg',
'image/jpeg' => 'jpg',
'image/gif' => 'gif',
'image/bmp' => 'bmp',
'image/x-png' => 'png'
);

// GD Function List
$gd_function_suffix = array( 
'image/pjpeg' => 'JPEG',
'image/jpeg' => 'JPEG',
'image/gif' => 'GIF',
'image/bmp' => 'WBMP',
'image/x-png' => 'PNG'
);

$photos_uploaded = $_FILES['photo_filename'];

$player_title = $_POST['player_title'];

$player_number = $_POST['player_number'];

$years_played = $_POST['years_played'];

$photo_caption = $_POST['photo_caption'];

while( $counter <= count($photos_uploaded) )
{
if($photos_uploaded['size'][$counter] > 0)
{
if(!array_key_exists($photos_uploaded['type'][$counter], $known_photo_types))
{
$result_final .= "File ".($counter+1)." is not a photo<br />";
}

else
{
//mysql_query( "INSERT INTO gallery_photos(`photo_filename`,`player_title`,`player_number`,`years_played`, `photo_caption`, `photo_category`) VALUES('0', '".addslashes($photo_caption[$counter])."', '".addslashes($_POST['category'])."')" );


mysql_query( "INSERT INTO gallery_photos(`photo_filename`,`player_title`,`player_number`,`years_played`, `photo_caption`, `photo_category`) VALUES('0', '".addslashes($player_title[$counter])."', '".addslashes($player_number[$counter])."' , '".addslashes($years_played[$counter])."', '".addslashes($photo_caption[$counter])."', '".addslashes($_POST['category'])."')" );


$new_id = mysql_insert_id();
$filetype = $photos_uploaded['type'][$counter];
$extention = $known_photo_types[$filetype];
$filename = $new_id.".".$extention;

mysql_query( "UPDATE gallery_photos SET photo_filename='".addslashes($filename)."' WHERE photo_id='".addslashes($new_id)."'" );

// Store the orignal file
copy($photos_uploaded['tmp_name'][$counter], $images_dir."/".$filename);

// Let's get the Thumbnail size
$size = GetImageSize( $images_dir."/".$filename );
if($size[0] > $size[1])


//{
//$thumbnail_width = 100;
//$thumbnail_height = (int)(100 * $size[1] / $size[0]);
//}
//else
//{
//$thumbnail_width = (int)(100 * $size[0] / $size[1]);
//$thumbnail_height = 100;
//}



{
//$thumbnail_width = 690;
//$thumbnail_height = (int)(500 * $size[1] / $size[0]);



$old_width = $size[0];
$old_height = $size[1];

$thumbnail_width = 690;
$thumbnail_height = ($old_height * $thumbnail_width / $old_width);





}
else
{
$thumbnail_width = (int)(690 * $size[0] / $size[1]);
$thumbnail_height = 500;
}



// Build Thumbnail with GD 1.x.x, you can use the other described methods too
$function_suffix = $gd_function_suffix[$filetype];
$function_to_read = "ImageCreateFrom".$function_suffix;
$function_to_write = "Image".$function_suffix;

// Read the source file
$source_handle = $function_to_read ( $images_dir."/".$filename ); 

if($source_handle)
{
// Let's create an blank image for the thumbnail
      //$destination_handle = ImageCreate ( $thumbnail_width, $thumbnail_height );
     
    $destination_handle = imagecreatetruecolor( $thumbnail_width, $thumbnail_height ); 
     
     

// Now we resize it

       ImageCopyResized( $destination_handle, $source_handle, 0, 0, 0, 0, $thumbnail_width, $thumbnail_height, $size[0], $size[1] );


}

// Let's save the thumbnail
$function_to_write( $destination_handle, $images_dir."/tb_".$filename );
ImageDestroy($destination_handle );
//

$result_final .= "<img src='".$images_dir. "/tb_".$filename."' style='margin-right: 20px; width: 100px;' />";


}
}
$counter++;
}

// Print Result
echo <<<__HTML_END

$result_final

__HTML_END;
?>


Thanks!

I have a code that works but it wont add the data to my database. It says the data has been added but the actual data is not actually added.

I have checked through this code to see any errors but I cant find any. Can someone help me

Code: [Select]
$sqll= takeanexam($_SESSION['username1'], $_SESSION['ssubject'], $_SESSION['smodule']);
 
     // mysql_data_seek(sqll, 0);
 
     while($info = mysql_fetch_array( $sqll )) {
    $questionId = $info['Que_ID'];
$choice = array();
        for ($i =1; $i < 5; $i++) {
   
if (empty($_POST['choice'][$questionId][$i])) {
 
$choice[$i] = 0;
   
} else {
 
$choice[$i] = 1;
 
}
 
}

$username= $_SESSION['username1'];
 
       mysql_query("INSERT INTO answer (Ans_Answer1, Ans_Answer2, Ans_Answer3, Ans_Answer4, Que_ID, Use_ID)
   VALUES ({$choice[1]}, {$choice[2]}, {$choice[3]}, {$choice[4]}, $questionId, $username)");
}

I am trying to use the following query with sorting:
$query = mysql_query("SELECT * FROM Table WHERE Date LIKE '$PeriodSelected' ORDER BY Date DESC"); 
$PeriodSelected is basically supposed to get me all results from month selected and it works fine. Now I am trying to add sorting to this query and although I get no errors it does not matter if I use ASC or DESC my results are sorted in the same way. Not sure what I am doing wrong.