|
PHP - Is This How Sanitising Code Works?
Hi,
I'm having a first attempt at sanitising code, but I'm not actually sure what I'm doing and how I know if it works. This is the code I have inserted, if I enter "description=re#d%widget" the description query ends so it displays everything 'red'. Not just everything 'red widget'. Code: [Select] $description = mysql_real_escape_string($description); $description = stripslashes($description); $description = htmlentities($description); return $var; $price = mysql_real_escape_string($price); $price = stripslashes($price); $price = htmlentities($price); return $var; Code: [Select] <?php ini_set('display_errors', 1); error_reporting(-1); $query = "SELECT * FROM productfeed"; if(isset($_GET['description']) && !empty($_GET['description'])) { $description = $_GET['description']; $query .= " WHERE description like '%$description%'"; } if(isset($_GET['price']) && !empty($_GET['price'])) { $price = explode('-', $_GET['price']); $lowPrice = (int)$price[0]; $highPrice = (int)$price[1]; $query .= " AND price BETWEEN $lowPrice AND $highPrice"; } $result = mysql_query($query); while($row = mysql_fetch_assoc($result)) { $id = $row['id']; $image = $row['awImage']; $link = $row['link']; $description = $row['description']; $fulldescription = $row['fulldescription']; $price = $row['price']; echo "<div class='productdisplayshell'> <div class='productdisplayoutline'> <div class='productborder'><center> <a href='$link' target='_blank'><img src='$image' width=\"95%\" /></a> </center> </div></div> <div class='productdescriptionoutline'> <div class='productdescriptionbox'> <a href='$link' target='_blank' >$description</a> </div> <div class='productfulldescriptionbox'>$fulldescription</div> </div> <div class='productpriceoutline'> <div class='productpricebox'> <center>&#163; $price</center> </div> <div class='productbuybutton'> <center><a href='$link' target='_blank' ><img src=/images/buybutton.png /></a></center> </div> </div> </div>"; } if ($_GET['description'] == $description ) { echo 'Sorry, this product is not available. Please visit our <a href="http://www.domain.co.uk">Homepage</a>.'; } ?> <?php function sanitizeString($description) { $description = mysql_real_escape_string($description); $description = stripslashes($description); $description = htmlentities($description); return $var; $price = mysql_real_escape_string($price); $price = stripslashes($price); $price = htmlentities($price); return $var; } ?> Similar TutorialsGreetings to all!
Newbie here, I just signed up this morning. I have an issue with a code I have been using for several years with multiple files/directories. Until recently all of the files have worked flawlessly. Now I have one file in a directory that does not display the text I which I am attempting to call up and it was working until recently.
Every file with the same code as the errant one work flawlessly except for the errant one, and I have 11 files to be displayed on my website at https://TheLoveOfGod.org They are all listed under the Devotionals menu button except for one which is displayed on the home page. I have absolutely no training in web design, I am self taught. I began by hand typing html coding over 30 years ago and am now using Word Press with Elementor . I do not understand why this is happening. Can any of you offer assistance to resolve this. I thank you in advance for your assistance.
Edited September 25, 2020 by namednad more explanation I have some code that works fine on my dev server but does not work on my production server. Dev server has PHP version 5.2.5 and production server has PHP version 5.1.6. This is the part of the code that isn't working on the prod. server: $xmlDoc=new DOMDocument(); $xmlDoc->loadXML($tmpDoc); $x=$xmlDoc->getElementsByTagName('link'); //get the q parameter from URL $q=$_GET["q"]; //lookup all links from the xml file if length of q>0 if (strlen($q)>0) { $hint=""; for($i=0; $i<($x->length); $i++) { $y=$x->item($i)->getElementsByTagName('title'); $z=$x->item($i)->getElementsByTagName('url'); if ($y->item(0)->nodeType==1) { //find a link matching the search text if (stristr($y->item(0)->childNodes->item(0)->nodeValue,$q)) { if ($hint=="") { $hint="<tr><td><a href='" . $z->item(0)->childNodes->item(0)->nodeValue . "' target='_blank'>" . $y->item(0)->childNodes->item(0)->nodeValue . "</td></tr>"; } else { $hint=$hint . "<tr><td><a href='" . $z->item(0)->childNodes->item(0)->nodeValue . "' target='_blank'>" . $y->item(0)->childNodes->item(0)->nodeValue . "</a></td></tr>"; } } } } } $tmpDoc is a variable that holds database information in xml form. It basically looks like this: $tmpDoc = $tmpDoc . "<link><title>" . $row['CustomerName'] . "****" . $row['Rep'] . "****" . $row['InstallDate'] . "****" . $row['PaidDate'] . "</title><url>accountPage.php?AccNum=" . $row['AccountNum'] . "</url></link>"; ...that is inside a while loop that loops through the rows returned by a query. Basically, as I said, the whole thing works fine on my dev server but on the production server it never makes it into the for loop so I guess the condition $i<($x->length) isn't being met. I'm at a bit of a loss here. Is there anything like the PHP version or Apache version that may cause the "->" operator to not work? The prod PHP version isn't that much older than my dev PHP version so I doubt that's the issue but it's about all I can think of. Thanks! Hi all,
Having an issue with some of my php code. The goal is to have two drop-down menus, one that pulls from "ahevents_scenarios". The second pulls the "sides" involved, however it does not go into dropdown. The other issue is that even though there are only 3 sides specified, all 5 show up on the webpage. This is in Joomla.
Here is my code...I think I've looked over this way too much and just can't find my errors anymore.
<?php
if (! $my->id) {
// shouldn't even get here since menu is viewable only through logged in status
print "<b>Sorry, you must be registered and logged into this site to continue</b>\n";
}
else {
// include standard functions and db info
require_once($_SERVER['DOCUMENT_ROOT'] . "/inc/admin_functions.php");
require_once($_SERVER['DOCUMENT_ROOT'] . "/inc/db_admin_functions.php");
// which scenario we doing? -- replace with table lookup in future
opendb('ahevents_scenarios');
if(!isset($_POST['action'])) { // display form
$sqlstr2 = "select id, name from scenarios order by name";
$result2 = mysql_query($sqlstr2) or die("Error: ".mysql_error()."<br>Query: $sqlstr2");
// display form
?>
<form name="edit_reg" method="post" action="<? echo $_SERVER[ 'REQUEST_URI' ]; ?>"
<table>
<tr>
<td>Select Scenario: </td>
<td>
<select name="id">
<? while ( $row = mysql_fetch_array($result2)) {
printf("<option value=\"%s\">%s</option>\n",$row['id'], $row['name']);
}
?>
</td></tr>
<tr>
<td>Which Side?</td>
<td><select name="side">
<option value="side_1">side_1</option>
<option value="side_2" >side_2</option>
<option value="side_3" >side_3</option>
<option value="all" selected>All</option>
</select>
</td></tr>
</table>
<p>
<input type="submit" name="action" value="Get Registrants">
<input type="reset" value="Reset">
<input type="button" name="" value="Back" onClick="history.back()">
</form>
The goal is to download the registrants into a .csv file, which it does, however due to not being able to select a "side", the .csv is blank with only headers, no content.
Thanks for your time
Rob
Dear php freaks, In my test file the following code works perfectly: Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <script language="javascript" type="text/javascript"> function dropdownlist(listindex) { document.formname.subcategory.options.length = 0; switch (listindex) { case "1" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); break; case "2" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); document.formname.subcategory.options[3]=new Option("2","2"); break; case "3" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); document.formname.subcategory.options[3]=new Option("2","2"); document.formname.subcategory.options[4]=new Option("3","3"); break; case "4" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); document.formname.subcategory.options[3]=new Option("2","2"); document.formname.subcategory.options[4]=new Option("3","3"); document.formname.subcategory.options[5]=new Option("4","4"); break; case "5" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); document.formname.subcategory.options[3]=new Option("2","2"); document.formname.subcategory.options[4]=new Option("3","3"); document.formname.subcategory.options[5]=new Option("4","4"); document.formname.subcategory.options[6]=new Option("5","5"); break; case "6" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); document.formname.subcategory.options[3]=new Option("2","2"); document.formname.subcategory.options[4]=new Option("3","3"); document.formname.subcategory.options[5]=new Option("4","4"); document.formname.subcategory.options[6]=new Option("5","5"); document.formname.subcategory.options[7]=new Option("6","6"); break; case "7" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); document.formname.subcategory.options[3]=new Option("2","2"); document.formname.subcategory.options[4]=new Option("3","3"); document.formname.subcategory.options[5]=new Option("4","4"); document.formname.subcategory.options[6]=new Option("5","5"); document.formname.subcategory.options[7]=new Option("6","6"); document.formname.subcategory.options[8]=new Option("7","7"); break; case "8" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); document.formname.subcategory.options[3]=new Option("2","2"); document.formname.subcategory.options[4]=new Option("3","3"); document.formname.subcategory.options[5]=new Option("4","4"); document.formname.subcategory.options[6]=new Option("5","5"); document.formname.subcategory.options[7]=new Option("6","6"); document.formname.subcategory.options[8]=new Option("7","7"); document.formname.subcategory.options[9]=new Option("8","8"); break; case "9" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); document.formname.subcategory.options[3]=new Option("2","2"); document.formname.subcategory.options[4]=new Option("3","3"); document.formname.subcategory.options[5]=new Option("4","4"); document.formname.subcategory.options[6]=new Option("5","5"); document.formname.subcategory.options[7]=new Option("6","6"); document.formname.subcategory.options[8]=new Option("7","7"); document.formname.subcategory.options[9]=new Option("8","8"); document.formname.subcategory.options[10]=new Option("9","9"); break; case "10" : document.formname.subcategory.options[0]=new Option("Select kinderen thuis",""); document.formname.subcategory.options[1]=new Option("0","0"); document.formname.subcategory.options[2]=new Option("1","1"); document.formname.subcategory.options[3]=new Option("2","2"); document.formname.subcategory.options[4]=new Option("3","3"); document.formname.subcategory.options[5]=new Option("4","4"); document.formname.subcategory.options[6]=new Option("5","5"); document.formname.subcategory.options[7]=new Option("6","6"); document.formname.subcategory.options[8]=new Option("7","7"); document.formname.subcategory.options[9]=new Option("8","8"); document.formname.subcategory.options[10]=new Option("9","9"); document.formname.subcategory.options[11]=new Option("10","10"); break; } return true; } </script> </head> <title>Dynamic Drop Down List</title> <body> <form id="formname" name="formname" method="post" action="submitform.asp" > <table width="50%" border="0" cellspacing="0" cellpadding="5"> <tr> <td width="41%" align="right" valign="middle">Aantal kinderen :</td> <td width="59%" align="left" valign="middle"><select name="category" id="category" onchange="javascript: dropdownlist(this.options[this.selectedIndex].value);"> <option value="">------</option> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5</option> <option value="6">6</option> <option value="7">7</option> <option value="8">8</option> <option value="9">9</option> <option value="10">10</option> </select></td> </tr> <tr> <td align="right" valign="middle">Waarvan thuiswonend : </td> <td align="left" valign="middle"><script type="text/javascript" language="JavaScript"> document.write('<select name="subcategory"><option value="">-----</option></select>') </script> <noscript><select name="subcategory" id="subcategory" > <option value="">Select Sub-Category</option> </select> </noscript></td> </tr> </table> </form> </body> </html> When i want to implement it in my signup page, it doesnt do anything. I've checked it a thousand times, i double checked that also the -formname of my signup page is 'formname' -the element name stays 'subcategory' I really need this to be implemented. Where can be the problem? What should i look for? Hi, I have some code which works but when I created a function and call this same code it doesn't. The error I get is as follows: Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /home/fhlinux010/l/languageschoolsuk.com/user/htdocs/admin/email.php on line 42 Error retrieving schools The code function CreateSchoolCheckboxes() { echo '<div style="height:400px;width:400px;font:16px/26px Georgia, Garamond, Serif;overflow:scroll;">'; $querySchools = "SELECT * FROM school"; $result = mysql_query($querySchools, $conn) or die ("Error retrieving schools ".mysql_error()); while($row = mysql_fetch_array($result)) { $schoolname = $row['name']; echo '<input type="checkbox" name="school" value="'.$schoolname.'">'; echo $schoolname . '<br>'; } echo '</div>'; } Im sure that this is probably something simple but any suggestions would be much appreciated. Thanks, Joe Hello, I'm new on this forum and i have not seen the rules to post a code, so i will try to explain my best : I have learned the basics of php during the past few days and i have a php code that is supposed to read parameters in several fields of a Mysql database and to return those parameters as variables in an array. (well that's how i understand it... please correct me if i'm wrong) So here the code and the part that doesn't seem to work properly (colored in red) : //I have changed the following values which are confidential... $DBName = "MyDatabase"; $DBHostName = "MyMysqlServer"; $DBUserName = "MyUsername"; $DBPassword = "MyPassword"; $Table = "MyTable"; //The fields which are in MyTable : // MemberID SMALLINT // MemberName VARCHAR(20) // MemberPassword VARCHAR(20) // MemberEmailAddress VARCHAR(50) // MemberDateTimeInscription VARCHAR(19) //Reading member parameters echo"<br>Reading the parameters of a member."; echo"<br>Defining the parameters of the member to read."; $CurrentName = "Ashley"; $CurrentPassword = "65hl3y"; $CurrentEmailAddress = "Ashley@HisDomain.com"; echo"<br>Trying to start a connection with the Mysql server."; mysql_connect($DBHostName,$DBUserName,$DBPassword) OR DIE(mysql_error()); echo"<br>Selecting the table."; mysql_select_db($DBName) OR DIE(mysql_error()); echo"<br>Searching for the fields corresponding to the CurrentName."; $Query = "SELECT * FROM ".$Table." WHERE MemberName = '".$CurrentName."'"; $Result = mysql_query($Query) or die(mysql_error()); echo"<br>Returning the parameters stored in the fields."; while($Row = mysql_fetch_array($Result,MYSQL_ASSOC)){ /////This is the start of the part that does not seem to work properly. $MemberId = $row["MemberId"]; $MemberName = $row["MemberName"]; $MemberPassword = $row["MemberPassword"]; $MemberEmailAddress = $row["MemberEmailAddress"]; $MemberDateTimeInscription = $row["MemberDateTimeInscription"]; echo"<br>MemberId : ".$MemberId; echo"<br>MemberName : ".$MemberName; echo"<br>MemberPassword : ".$MemberPassword; echo"<br>MemberEmailAddress : ".$MemberEmailAddress; echo"<br>MemberDateTimeInscription : ".$MemberDateTimeInscription; /////This is the end of the part that does not seem to work properly. } echo"<br>Ending the connection with the Mysql server."; mysql_close(); All of echo are here for debug, i'm a beginner with php. This is what the php page shows : Reading the parameters of a member. Defining the parameters of the member to read. Trying to start a connection with the Mysql server. Selecting the table. Searching for the fields corresponding to the CurrentName. Returning the parameters stored in the fields. MemberId : MemberName : MemberPassword : MemberEmailAddress : MemberDateTimeInscription : Ending the connection with the Mysql server. I don't understand why the variables $MemberId, $MemberName, $MemberPassword, $MemberEmailAddress, $MemberDateTimeInscription are empty. Your advices are welcome, Thanks, I have made a bit of code that queries the database for articles published within the last year. <?php echo $numposts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_status = 'publish' AND post_type = 'post' AND 'post_date' > '" . date("Y") . "-01-01-01 00:00:00'"); if (0 < $numposts) $numposts = number_format($numposts); ?> I really don't even know how it works and need to because I want to figure out how to make it also get articles published within the last day, month and week. I suppose if I understood what needs changing I might be able to work with it but so far everything I've tried either returns the exact same number or nothing at all. It's for Wordpress just to note. Any ideas? Hi all, I am a bit of a noob when it comes to website building and php etc so please have patients with me I am learnig as I go. I have come across this problem before and cannot remember what I did to fix it but any way it is presenting its self to me again. I have this page: http://minecraftcons...a.com/index.php with an include file loading random images, however the same code on these pages: http://minecraftconsolecrafting.comxa.com/sections/build-navi.php http://minecraftconsolecrafting.comxa.com/sections/springhill-kingdom-01.php are not working. I have other websites that this method of coding is working fine on for example here is another of my websites: http://divinegardensandlandscapes.com/index.php here the include code for random image loader is working fine on all pages it appears on so what is happening when this fail takes place? Any help and or advice would be hugely appreciated, Thanks in advance. Please remeber I am a noob when answering. Thanks Edited by eGate-Network, 12 July 2014 - 10:55 PM. Code: [Select] <?php $objConnect = mysql_connect("localhost","","cgdfgdfg") or die(mysql_error()); $objDB = mysql_select_db("ffdfvbbd"); $pic2 = "SELECT * FROM images"; if (!isset($_GET['Page'])) $_GET['Page']='0'; $pic1 = mysql_query($pic2); $Num_Rows = mysql_num_rows($pic1); $Per_Page = 16; // Per Page $Page = $_GET["Page"]; if(!$_GET["Page"]) {$Page=1;} $Prev_Page = $Page-1; $Next_Page = $Page+1; $Page_Start = (($Per_Page*$Page)-$Per_Page); if($Num_Rows<=$Per_Page) {$Num_Pages =1;} else if(($Num_Rows % $Per_Page)==0) {$Num_Pages =($Num_Rows/$Per_Page) ;} else {$Num_Pages =($Num_Rows/$Per_Page)+1; $Num_Pages = (int)$Num_Pages;} $pic2 .="ORDER by thumbnailID DESC LIMIT $Page_Start , $Per_Page" ; $pic1 = mysql_query($pic2); $cell = 0; $link1 = "SELECT * FROM images"; echo ' <div id="tablediv"> <table border="0" cellpadding="17" cellspacing="0" class="table"> <tr>'; while($pic = mysql_fetch_array($pic1)) { if($cell % 4 == 0) { echo '</tr><tr>'; } if($cell == 2) { echo ' <td> filler </td>'; } elseif ($cell == 3) { echo ' <td> filler </td>'; } else { echo ' <td> <a href="/' . $pic["link"] . '.php"> <div class="image"> <img src="https://s3.amazonaws.com/images/' . $pic["pic"] . '.png" alt="' . $pic["alt"] . '" height="200" width="200" /> </div> </a> </td>'; } $cell++; } echo '</tr></table></div>'; ?>The code above works just fine. However, once I add a WHERE function,as shown below, I get a "Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource" error. Code: [Select] <?php $objConnect = mysql_connect("localhost","","cgdfgdfg") or die(mysql_error()); $objDB = mysql_select_db("ffdfvbbd"); $pic2 = "SELECT * FROM images WHERE folder = 'blog' "; //WHERE FUNCTION IS HERE if (!isset($_GET['Page'])) $_GET['Page']='0'; $pic1 = mysql_query($pic2); $Num_Rows = mysql_num_rows($pic1); $Per_Page = 16; // Per Page $Page = $_GET["Page"]; if(!$_GET["Page"]) {$Page=1;} $Prev_Page = $Page-1; $Next_Page = $Page+1; $Page_Start = (($Per_Page*$Page)-$Per_Page); if($Num_Rows<=$Per_Page) {$Num_Pages =1;} else if(($Num_Rows % $Per_Page)==0) {$Num_Pages =($Num_Rows/$Per_Page) ;} else {$Num_Pages =($Num_Rows/$Per_Page)+1; $Num_Pages = (int)$Num_Pages;} $pic2 .="ORDER by thumbnailID DESC LIMIT $Page_Start , $Per_Page" ; $pic1 = mysql_query($pic2); My mysql table includes column thumbnailID folder link pic alt time The folder column is there so I can specify what I want in the page. Anyhow, why won't it work? PHP = 5.5.14
MySQL = 5.2.17
This simple .php script works as a standalone OK:
<?php
require '<snip partial URL>mysqli.php';
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT `callsign`, `qth`, `submitted` FROM `lqplogs` ORDER BY `callsign`");
echo "<table>
<tr>
<th><u>CALLSIGN</u></th><th><u>QTH</u></th><th><u>LOG SUBMITTED</u></th>
</tr>";
while($row = mysqli_fetch_array($result)) {
echo "<tr>";
echo "<td>" . $row['callsign'] . "</td>";
echo "<td>" . $row['qth'] . "</td>";
echo "<td>" . $row['submitted'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);
?>
A separate .html page with other info works by itself OK too, but when I try to embed the PHP script (with PHP start & end tags, of course) *between* these HTML tags:
<table>
<tr>
<td>
... Full PHP Script Embedded here...
</td>
</tr>
</table>
I get this mess:
"; while($row = mysqli_fetch_array($result)) { echo ""; echo ""; echo ""; echo ""; echo ""; } echo "
CALLSIGN QTH LOG SUBMITTED
" . $row['callsign'] . " " . $row['qth'] . " " . $row['submitted'] . "
"; mysqli_close($con); ?>
Any thoughts as to why are appreciated.
Thanks!
- FreakingOUT
Hello everyone, I'm having this problem which is really annoying, tried to solve it but couldn't, I write that code in PHPMyAdmin and it works great, but it doesn't work in the website it self ok long story short, there are three tables, hotels, cities, countries hotels include in addition to hotel info, 2 columns (city_id) and (country_id) Cities include id and name and also countries include id and name what I was trying to do, that when a person inputs a city or country name in the search form, it should get the hotels that exists in this city or country, but unfortunately it shows all the hotels in all cities and countries, although the pagination code for number of pages works just fine, it count the number of hotels in that city or country and show the number of pages correctly so here is the code for both for hotel search Code: [Select] class hotelManager { public function getHotel($where) { $where = isset($_POST['where']) ? $_POST['where'] : ""; $dbObj = new DB(); $sql = "select * from hotels where city_id = (select id from cities where name = '$where' ) or country_id = (select id from countries where name = '$where' )"; $result = MYSQL_QUERY($sql); $arr = array(); echo "<table>"; while($row = mysql_fetch_array($result)) { echo "<tr>"; echo "<td valign=\"top\" width=\"120px\">"; $rowid = $row['id']; $imageqry=mysql_query("SELECT * FROM `hotelphotos` where hotel_id='$rowid' LIMIT 1"); $image=mysql_fetch_array($imageqry); $imagename=$image['attachmentName']; echo "<img src=\"foxmaincms/webroot/files/small/$imagename\"/>"; echo "</td>"; echo "<td valign=\"top\">"; echo "<table> <tr> <td valign=\"top\"> <a href=\"hotels.php?id=".$row['id']."\" class=\"titleslink\">".$row['name']."</a> </td> </tr> <tr> <td class=\"text\" valign=\"top\"> ".$row['location']." </td> </tr> </table>"; echo "</td>"; echo "</tr>"; } echo "</table>"; for hotel pagination Code: [Select] <?php include("includes/hotelsManager.php"); $hotelObj = new hotelManager(); $where = isset($_POST['where']) ? $_POST['where'] : ""; if(isset($_POST['where'])) { $hotelObj -> getHotel($where); $per_page = 9; //Calculating no of pages $sql = "select * from hotels where city_id = (select id from cities where name = '$where' ) or country_id = (select id from countries where name = '$where' )"; $result = MYSQL_QUERY($sql) or die("<br />No Hotels found in this city, please check the city name and try again"); $count = mysql_num_rows($result); $pages = ceil($count/$per_page) ?> <div id="loading" ></div> <div id="maincontent" ></div> <ul id="pagination"> thank you in advance Hi guys, I need a help to find out what is a problem. Some of my code does not work on my local comp and in the same time it works well when I place it on Internet server. First example: Code: [Select] <body> <?php if($_POST['submit_form'] == "Submit") { $varNewTeam = $_POST['Reg_Team']; $varNewCity = $_POST['Reg_City']; $db = mysql_connect('localhost', 'root', '') or die ('no connection with server'); mysql_select_db('db_m ,$db) or die('DB error'); mysql_query ("INSERT INTO reg2012 VALUES ('$varNewTeam','$varNewCity')") or die('insert error'); } ?> <form action="registration_2012_form.php" method="post"> <p>Team: <input type="text" name="Reg_Team" size="20" maxlength="50" value="<?=$varNewTeam;?>" /><br /></p> <p>City: <input type="text" name="Reg_City" size="20" maxlength="50" value="<?=$varNewCity;?>" /><br /></p> <p><input type="Submit" value="Submit" name="submit_form" /></p> </form> </body> On local comp: It gives me message "Undefined index: submit_form". On Net server works well. If I split the code in two files. In the first one I leave the form with "action=FILE2.php" and put my php code in the second file "FILE2.php" - it starts work even on local server. second example: Code: [Select] <body> <?php $db = mysql_connect('localhost', 'root', '') or die ('no connection with server'); mysql_select_db('db_m' ,$db) or die('DB error'); mysql_query ("CREATE TABLE temp1 (team char(50), city char(50) )") or die('create tables error'); ?> </body> It works in the Net and can not create the TABLE on my local comp. I use XAMPP on my local comp (if it's important) This one requires lots of up front information: I have a page, for this example that I will call page.php. It takes get parameters, and for this example I'll call the parameter "step". So I have a URL like this: page.php?step=1 This page has a form with an action of page.php?step=1. The code on the page validates the posting information. If the information is bad, it returns the user to page.php?step=1; if it is good, it takes the user to page.php?step=2 via header( "location:page.php?step=2" ). So redirection is done by relative path, not full URLs. This all works as expected. Now what I've done is set .htaccess to be HTTPS for this page, via this code: # Turn SSL on for payments RewriteCond %{HTTPS} off RewriteCond %{SCRIPT_FILENAME} \/page\.php [NC] RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L] This works (initially). However, once you try to post the form, it just redirects back to the step=1 version of the page. I really don't know how or why that would be. I'm not sure how else I can explain this or what other information you may have. But it's frustrating to not get a page working in HTTPS that works in HTTP. Very odd. Any suggestions? (I don't even really know the best location to figure out when/why it's redirecting back to the original page.) With a TON of help from you guys already it's working but I do have one thing that I just need to figure out to clean it all up...
echo $games['htn']," ",$games['hs']," VS ",$games['vtn']," ",$games['vs']," on ",$games['d']," at ",$games['t'];This is returning what I need perfectly except if an object is empty it's also showing that.. for example... Pittsburgh Steelers 0 VS Baltimore Ravens 0 on Sat at 8:15 --- is what I want to show... shows up great then the next line will show an empty set because the games are not known until other games are played so I also get this: 0 VS 0 on Jan 18 at 3:05 and Seattle Seahawks 0 VS 0 on Jan 10 at 8:15 What can I do to make this not show up?
$xml = simplexml_load_string($data);
// print_r($xml);
foreach($xml->gms->g as $games)
{
echo "<div class='button blue'>";
echo $games['htn']," ",$games['hs']," VS ",$games['vtn']," ",$games['vs']," on ",$games['d']," at ",$games['t'];
echo "</div>";
}
This is what I have and it's working with a lot of help from you guys... I just need to clean it up so I can show only games that have two teams listed..
Thanks again everyone!!
Edited by cowboysdude, 02 January 2015 - 11:03 PM. Weird question, but is there a way using PHP to "check" to see if a certain URL brings up an actual real page, or if it brings up a 404 error or something? Any functions do anything like that? Alright this script is being stupid! Heres the Script... $gid = array($P1 = $_POST[P0] ,$P2 = $_POST[P1] ,$P3 = $_POST[P2] ,$P4 = $_POST[P3] ,$P5 = $_POST[P4] ,$P6 = $_POST[P5] ,$P7 = $_POST[P6] ,$P8 = $_POST[P7] ,$P9 = $_POST[P8] ,$P10 = $_POST[P9] ,$P11 = $_POST[P10] ,$P12 = $_POST[P11] ); $pick= array($G1 = $_POST[game1] ,$G2 = $_POST[game2] ,$G3 = $_POST[game3] ,$G4 = $_POST[game4] ,$G5 = $_POST[game5] ,$G6 = $_POST[game6] ,$G7 = $_POST[game7] ,$G8 = $_POST[game8] ,$G9 = $_POST[game9] ,$G10 = $_POST[game10] ,$G11 = $_POST[game11] ,$G12 = $_POST[game12] ); function iORu($gameF, $pickF){ $Current_user_id = $_SESSION[user_id]; $con = mysql_connect("localhost","user","pass"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("sports", $con); $query = "SELECT User_ID FROM CollegeFootballPicks WHERE User_ID='$Current_user_id' && Game_ID='$gameF'"; $result = mysql_query($query); if(mysql_num_rows($result) == 0){ $query = "INSERT INTO CollegeFootballPicks (User_ID, Game_ID, Pick) VALUES ('$Current_user_id','$gameF','$pickF')"; $result = mysql_query($query); echo'Inserted'; }else{ $query = "UPDATE CollegeFootballPicks SET User_ID = '$Current_user_id', Game_ID = '$gameF', Pick = '$pickF'"; $result = mysql_query($query); echo'Updated'; } mysql_close(); echo "<i>"; echo ' '.$Current_user_id. ' '; echo $gameF. ' '; echo $pickF. ' '; echo "</i>"; echo '<br />'; } //End of Function for($i=0; $i< 12; $i++) { iORu($gid[$i],$pick[$i]); } For testing purposes i have inserted all the echos along the way to visually see how far its getting. When i run the script it recognizes all the information when and where it's supposed to (With the echos) but its not inserting/ updating to mysql except for game 1 (i.e. the first time the function runs) Does anyone see any errors? It doesn't make sense on why all the info echos exactly right, and game one inserts and updates right. But games 2-12 don't insert or update! Before anyone says something. Yes this is the same shit i've been working on for about two weeks and have gotten help with before. I have two jobs and web design aint one of them. So if your gonna help, help! But if your gonna say something that aint in any way "help" keep it to yourself! Hai i am very much new to PHP...can any one suggest me.....which framework to follow.....
Thanks & Regards
Shankaar
Hi all - I have a simple PHP app, which I've run thru my Dreamweaver validation and a few PHP syntax validators and it comes out clean. Works perfectly in Firefox but shows a blank page in I.E. and I'm not sure why. The functionality is simple - the page shows a disclaimer, and when the user hits 'OK" it should hide the disclaimer and then display other content. Here's the URL: https://www.dca.ca.gov/webapps/bppe/annual_report.php Any ideas as to what is wrong? Thanks! Here's the code: <?php if(isset($_POST['OK'])){ ?> <h3 class="center"><a href="#a">A</a> <a href="#b">B</a> <a href="#c">C</a> <a href="#d">D</a> <a href="#e">E</a> <a href="#f">F</a> <a href="#g">G</a> <a href="#h">H</a> <a href="#i">I</a> <a href="#j">J</a> <a href="#k">K</a> <a href="#l">L</a> <a href="#m">M</a> <a href="#n">N</a> <a href="#O">O</a> <a href="#p">P</a> <a href="#q">Q</a> <a href="#r">R</a> <a href="#s">S</a> <a href="#t">T</a> <a href="#u">U</a> <a href="#v">V</a> <a href="#w">W</a> <a href="#x">X</a> <a href="#y">Y</a> <a href="#z">Z</a></h3> <h3><a name="a">A</a>:</h3> <h3><a name="b">B</a>:</h3> <h3><a name="c">C</a>:</h3> <h3><a name="d">D</a>:</h3> <h3><a name="e">E</a>:</h3> <h3><a name="f">F</a>:</h3> <h3><a name="g">G</a>:</h3> <h3><a name="h">H</a>:</h3> <h3><a name="i">I</a>:</h3> <h3><a name="j">J</a>:</h3> <h3><a name="k">K</a>:</h3> <h3><a name="l">L</a>:</h3> <h3><a name="m">M</a>:</h3> <h3><a name="n">N</a>:</h3> <h3><a name="o">O</a>:</h3> <h3><a name="p">P</a>:</h3> <h3><a name="q">Q</a>:</h3> <h3><a name="r">R</a>:</h3> <h3><a name="s">S</a>:</h3> <h3><a name="t">T</a>:</h3> <h3><a name="u">U</a>:</h3> <h3><a name="v">V</a>:</h3> <h3><a name="w">W</a>:</h3> <h3><a name="x">X</a>:</h3> <h3><a name="y">Y</a>:</h3> <h3><a name="z">Z</a>:</h3> <?php }else{ ?> <form method="post" action="annual_report.php"> <fieldset> <strong><p><strong>An Annual Report must be filed with the Bureau for Private Postsecondary Education (Bureau) by each approved institution pursuant to California Education Code (CEC) section 94934. The Institution reports the required aggregate information for all locations (main and all branches). In addition to the Annual Report, each Institution is required to submit a Performance Fact Sheet and the school catalog.</strong></p> <p><strong>The Bureau <span style="text-decoration:underline">publishes the</span> information provided in the links below <span style="text-decoration:underline">as it was submitted</span> by the institution, and does not endorse, recommend, or favor any institution whose information is published or provided</strong>.</p> <p><strong>Disclaimer of Liability</strong> <br /> The California Department of Consumer Affairs, Bureau for Private Postsecondary Education shall not be held liable for any inaccurate, altered, delayed, omitted, or misleading information, or any improper or incorrect use of the information published or provided herein, and assumes no responsibility for anyone's use of the information on any theory of liability. </p> <p><strong>Disclaimer: Links</strong> <br /> The Department of Consumer Affairs, Bureau for Private Postsecondary Education is not responsible for the contents of any off-site pages that reference, or that are referenced by, this website. The user specifically acknowledges that the Department of Consumer Affairs, Bureau for Private Postsecondary Education is not liable for any defamatory, offensive, misleading or illegal conduct of other users, links, or third parties and that the risk of injury from the foregoing rests entirely with the user. <br /> Links from this site to other sites, do not constitute an endorsement by the Department of Consumer Affairs, and are for convenience only. It is the responsibility of the user to evaluate the content and usefulness of information obtained from other sites. <br /> When you use a link to connect to another site, you are no longer on the Department of Consumer Affairs', and/or its constituent Boards’ or Bureaus’ web sites and are subject to the privacy policies and other practices of the new site. The Department of Consumer Affairs and/or its Board or Bureaus has no control over and is not responsible for the information, practices or content of these or any other sites and your participation in promotions or services of any kind with any third party found on or though this site, or your correspondence or business dealings of any kind with any third party found on or through this site are solely between you and that third party.<br /> The Department of Consumer Affairs and/or its Boards or Bureaus does not, by way of its links to other sites, endorse, adopt, recommend, promote or support products, positions, statements made or taken by parties controlling the other sites.</p> <p><strong>Choice of Law </strong><br /> Construction of the disclaimers above and resolution of disputes thereof are governed by the laws of the State of California.</p></strong> <div class="content_onecolumn"> <input type="submit" name="OK" value="OK" class="inputSubmit" /> </div> </fieldset> </form> <?php } ?> I have a script to check for duplicate username's on signup. Even when there is no entry found and the script preforms the update statement, the error will come back indicating the requested name already exists. #Check to see if requested name already exists $name = $_POST['name']; $siteid = $_POST['siteid']; $checkname = mysql_query("SELECT * FROM projects WHERE url = '$name'"); $founduser = mysql_num_rows($checkname); if ($founduser != 0) { echo"$name already exists in the database. Please select another name";} if ($founduser == 0) { mysql_query("UPDATE projects SET url = '$name' WHERE siteid = $siteid"); die; echo"URL updated successfully";} If I remove the UPDATE statement and simply return an echo statement for each IF statement, everything works fine: if ($founduser != 0) { echo"$name already exists in the database. Please select another name";} if ($founduser == 0) { echo"$name is available";} So what's happening is, when $founduser == 0, the update script preforms just fine and the database is populated correctly, but then the entire script will then re-run itself and find the name that was just entered, resulting in $founduser != 0. How do I stop the script when it preforms the UPDATE statement? I tried putting die; in after the UPDATE statement, but the entire script still re-runs itself. I am pulling my hair out here... |
|||||||