|
PHP - Posting Html/code Snippets Via Ajax, Getting Unknown Error
Just a heads up, my OOP skills are in development so sorry for the roughness of things...(any tips always appreciated!)
I'm basically making my own little repository site that will have snippets (for quick copy paste anywhere) (I know there are other services, but mine is a little different and needs to be private). I'll try to just post the necessary code: HTML trying to pass: Code: [Select] <p><br /><span class="something">Hey buddy</span></p> Javascript/JQuery: Code: [Select] //send info $.ajaxFileUpload({ url:'./upload_zip.php', secureuri:false, fileElementId:'form_zip', dataType: 'json', data: {... 'description': htmlEntities($('#modularContent form textarea[name="description"]').val())...}, success:function(data, status){ var html = ... html+= ...'<div class="description"><p>'+data.description+'<br /><br />';... $('#list').append(html); ... $('#modularOverlay,#modularContent').remove(); }, error:function(data, status, e){ alert(e); } ... function htmlEntities(str) { return String(str).replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>').replace(/"/g, '"'); } //found via: http://css-tricks.com/snippets/javascript/htmlentities-for-javascript/ PHP: Code: [Select] <?php //Start object and modify initial values public function __construct($title,$description,$url,$snippet){ ... if($this->snippet == 'yes'){ $this->handle_snippet(); } } public function handle_snippet(){ $code = htmlentities($this->description, ENT_QUOTES | ENT_IGNORE, 'UTF-8',false); $this->description = $code; } //returning value public function getJSON($action){ //temp fix for js breaking if remove_tag_ids is empty/null if(empty($this->remove_tag_ids)){ $this->remove_tag_ids = 'null'; } if($this->snippet == 'yes'){ $this->description = stripslashes($this->description); } switch($action){ case 'delete': //not important default: $json = array(...'description'=>$this->description...); break; return $json; } ?> POST Value: (via firebug) Code: [Select] description: <p><br /><span class="something">Hey buddy</span></p> JSON Return value: (via firebug) Code: [Select] description: <p><br /><span class="something">Hey buddy</span></p> DB value: Code: [Select] <p><br /><span class=\"something\">Hey buddy</span></p> As far as error, I have no idea what the error is haha. It does not get through to the error code cause the plugin tosses an error b4 that (using an ajaxUpload plugin http://www.phpletter.com/Our-Projects/AjaxFileUpload/, (this does not affect the upload, it uploads just fine, but it tosses an error for some reason)). Anyone have any insights/ideas? Thanks for any and all help, Justin Similar TutorialsIs it possible to parse html document with snippets of php code in them using DOMDocument? i.e load html from file then parse/change them with DOMDocument and then save them back to file I have tryed but i get <?php%20echo%20URL();%20?> Hey, So what im trying to do is put my database variables into a session array. So this is what im trying to accomplish... $_SESSION['Name_of_Row'] = $value This is the script I wrote: Code: [Select] Function setupSession(){ session_start(); $query = "SELECT * FROM users WHERE u_id ='{$this->u_id}'"; $result = mysql_query($query); $row = mysql_fetch_array($result); foreach($row as $key => $value){ if(!empty($value)){ $_SESSION[$key] = $value; } } } When that runs I get the following warning. Can anyone tell me what this means and how to fix it? Error: Notice: Unknown: Skipping numeric key 0 in Unknown on line 0 So I have an AJAX call that I'm using to POST 1 variable to a PHP script I have on a separate server. The PHP takes this variable and returns data based off of what the variable is. This works on all browsers except IE9 and below. IE9 returns data but it's an error saying the variable is missing which to me shows that it isn't sending the data. Below I have the AJAX call I'm making:
(function (jQ) { var inviteID = '00000000000'; jQ.ajax({ url: 'www.example.com/test.php', type: 'POST', dataType: 'json', cache: false, data: { classID: inviteID }, error: function (data, status, error) { jQ('.statusField').append('Failu ' + data + status + error); }, success: function (data, status, error) { jQ('.statusField').append('Success: ' + data); } }); })(jQuery); And below I have the PHP script that's being used: <?php //first POST to grab token function runPost($classID) { $postdata = array( 'username' => 'username', 'password' => 'password' ); //open connection $ch = curl_init(); //set the url, POST data curl_setopt($ch, CURLOPT_URL, "https://www.example.com/login"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($postdata)); curl_setopt($ch, CURLOPT_USERAGENT, 'example'); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json')); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //execute post $result = curl_exec($ch); //close connection curl_close($ch); list($message, $time, $token, $userID) = split(',', $result); list($one, $two, $three, $four, $five) = split('\"', $token); $four = json_encode($four); $four = str_replace('"','',$four); $secondaryPostData = array( 'token' => $four, 'data' => array( 'invitationID' => $classID )); //open connection $chu = curl_init(); //set the url, POST data curl_setopt($chu, CURLOPT_URL, "https://www.example.com/classID"); curl_setopt($chu, CURLOPT_POST, 1); curl_setopt($chu, CURLOPT_POSTFIELDS, json_encode($secondaryPostData)); curl_setopt($chu, CURLOPT_USERAGENT, 'example'); curl_setopt($chu, CURLOPT_HTTPHEADER, array('Content-Type: application/json')); curl_setopt($chu, CURLOPT_RETURNTRANSFER, 1); //execute post $secondResult = curl_exec($chu); //close connection curl_close($chu); return json_encode($secondResult); } //Grab classID from javascript echo runPost(trim($_POST['classID'])); ?> Again, this works fine in everything except IE. I've tried using just $.post and even XDomainRequest() and get the same result. The network console in IE shows that the Request body does have the classID in it, but I'm guessing it's just not sending the data to the PHP script. I don't know if I'm missing something that IE needs to send this to the PHP script but any help with this would be GREATLY appreciated. I Am getting along with php better than I was previously. But this 68 year old brain still refuses to learn very fast! Here is the error I'm receiving when I'm trying to open the db: Parse error: syntax error, unexpected T_VARIABLE in /home/taft65/public_html/memProtest.php on line 197 <?php error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); $host = "localhost"; $dbname="database;" Failing ------>$username = "user"; $password="drDedf#hj"; I understand you do not need to declare varibles in PHP, Correct? I checked the db to ensure that I'm calling the correct value. NuSpherePhpEd to validate the code. I also check it with DSV PHP Editor. Both come up with the same error. I'm also using MyPhpAdmin to create the database and tables. I know also to place this calling info in another folder and include it by calling it with a php include statement. I just have it within the code to quickly test it. Thank you for any assistance. Bob... Hello! I have a strange error on my PHP script and i dont how to fix it. If someone can help me, please help me then! Here is my error: Code: [Select] logout(); } else { $iq = mysql_query("SELECT * FROM users WHERE username='{$signin_username}' AND password='{$signin_password}' AND suspended='0' LIMIT 1;"); $ir = mysql_fetch_array($iq); $_SESSION['me'] = $ir; } } } } else { die("The configuration did not recieve appropriate variables to accept your request."); } if ($set['next_clearup'] < time ()) { $next_clearup = time () + 60 * 60 * 24; mysql_query ('' . 'UPDATE settings SET set_value=\'' . $next_clearup . '\' WHERE set_name=\'next_clearup\' LIMIT 1;'); mysql_query ('UPDATE users SET ads_clicked=\'\' WHERE ads_clicked!=\'\''); } } ?> Warning: include(THDIRindex.php) [function.include]: failed to open stream: No such file or directory in C:\xampp\htdocs\Upload\index.php on line 16 Warning: include() [function.include]: Failed opening 'THDIRindex.php' for inclusion (include_path='.;\xampp\php\PEAR') in C:\xampp\htdocs\Upload\index.php on line 16 And here is the PHP file the error is in: Code: [Select] <?php session_start(); include_once('lib/lib.php'); include_once('lib/configuration.php'); $ddir = THDIR.$do->get_file_url(); include($ddir); if(file_exists(HEADER)) { include_once(HEADER); } if($contents) { print $contents; } if(file_exists(FOOTER)) { include_once(FOOTER); } ?> Help ASAP if you can! im using 000webhost as a test site and when i run this code it redirects me to there err page but with no error message. the sql query works fine in phpmyadmin and i added the rest of the code to try the php side. i "think" the problem is the echo $rows"value's" as im unsure of what the $vars should be <?php include("config.php"); // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $sql = "SELECT make, COUNT(*) AS total, SUM(IF(comments = \'pass\', 1, 0)) AS withComments FROM dsgi_serval GROUP BY make ORDER BY COUNT(*) DESC"; $result=mysql_query($sql); echo "$sql"; echo "$result"; ?> <table><tr> <td colspan="4"><strong>List data from mysql </strong> </td> </tr> <tr> <td align="center"><strong>make</strong></td> <td align="center"><strong>Total</strong></td> <td align="center"><strong>Validated</strong></td> </tr> <?php while($rows=mysql_fetch_array($result)){ ?> <tr> <td><?php echo $rows['make']; ?></td> <td><?php echo $rows['total']; ?></td> <td><?php echo $rows['withcomments']; ?></td> </tr> <?php } ?> </table> <?php mysql_close(); ?> As the title say, I can not for the life of me get the "$bank" content to display, no matter HOW much I try... Does anyone see any errors. I am sooooooo wiped out at this! main page <? $body = ' <script type="text/javascript" src="change-content.js"></script> <div id="addSold"> <form action="'.$_SERVER['REQUEST_URI'].'" method="post" name="form" autocomplete="off"> <fieldset id="Vehicle"> <legend>Vehicle</legend> <ul> <li><label for="Year">Year</label>'.$Year.'</li> <li><label for="Make">Make</label>'.$Make.'</li> <li><label for="Model">Model</label>'.$Model.'</li> <li><label for="Trim">Trim</label><input type="text" name="Trim" id="Trim" size="10" value="'.$trim.'" disabled="disabled"></li> </ul> <ul> <li><label for="Mileage">Mileage</label><input type="text" name="Mileage" id="Mileage" size="5" maxlength="6" value="'.$row['mileage'].'"></li> <li><label for="VIN">VIN</label><input type="text" name="VIN" id="VIN" size="23" maxlength="17" value="'.$row['vin'].'" disabled="disabled"></li> <li><label for="Color">Color</label>'.$Exterior.'</li> </ul> </fieldset> <fieldset id="Deal"> <legend>Deal</legend> <ul> <li> <label for="soldDte1">Date</label> <input type="text" name="soldDte1" id="soldDte1" size="1" maxlength="2" onkeyup="return autoTab(this, 2, event)" value="08"> / <input type="text" name="soldDte2" id="soldDte2" size="1" maxlength="2" onkeyup="return autoTab(this, 2, event)" value="30"> / <input type="text" name="soldDte3" id="soldDte3" size="1" maxlength="2" value="'.$year.'"> <a href="#"><img id="date_'.$row[stock].'" src="images/Icons/dateOff.png" onfocus="this.select();lcs(this)" onmouseover="MM_swapImage(\'date_'.$row[stock].'\',\'\',\'images/Icons/dateOn.png\',1)" onmouseout="MM_swapImgRestore()" alt="Choose Date"></a> </li> <li> <label for="salesman">Salesman</label> <select name="salesman" id="salesman"> <option></option> '.$salesmen.' </select> </li> </ul> <ul> <li> <label for="dealType">Deal Type</label> <select name="dealType" class="select-content" onchange="getFile(this.value)"> <option></option> <option value="AL">Auto Loan</option> <option value="Cash">Cash</option> <option value="CAC">Credit Acceptance</option> <option value="IH">In House</option> <option value="SAL">Sensible Auto</option> </select> </li> <li> <label for="tradeDrop">Trade</label> <select name="tradein" id="tradeDrop" onchange="show_hide_trade(this.value);"> <option value="No">No</option> <option value="Yes">Yes</option> </select> </li> </ul> </fieldset> <div id="Bank" class="view">'.$bank.'</div> </form> </div> '; ?> get_Bank.php <? if ($_GET['dealType'] == "AL") { $bank = ' <fieldset id="AL"> <legend>Auto Loan Figures</legend> <ul> <li><label for="price">Price</label><input type="text" name="price" id="price" class="price" size="7" onchange="currency(this)"></li> <li><label for="down">Down</label><input type="text" name="down" id="down" class="price" size="6" onchange="currency(this)"></li> <li><label for="tax">Tax</label><input type="text" name="tax" id="tax" class="price" size="6" onchange="currency(this)"></li> <li><label for="reg">Plates</label><input type="text" name="reg" id="reg" class="price" size="4" onchange="currency(this)"></li> <li><label for="gap">Gap</label><input type="text" name="gap" id="gap" class="price" size="4" onchange="currency(this)"></li> </ul> <ul> <li> <label for="pymtNum">--------------- Payment ---------------</label> <input type="text" name="pymtNum" id="pymtNum" size="3" maxlength="3" onkeyup="return autoTab(this, 3, event)"> @ <input type="text" name="pymtAmnt" id="pymtAmnt" class="price" size="5" onchange="currency(this)"> per <select name="pymtType"> <option value="Weekly" selected="selected">Week</option> <option value="Monthly">Month</option> </select> </li> <li><label for="APR">APR</label><input type="text" name="APR" id="APR" class="rate" size="6" value="19.00"></li> </ul> </fieldset> '; } elseif ($_GET['dealType'] == "CAC") { $bank = ' Credit Acceptance stuff goes here '; } else { $bank = 'You must choose a bank before continuing'; } ?> change-content.js Code: [Select] window.onload = init; // finds all <select> tags will class="select-content" and activates function function init() { var sel = document.getElementsByTagName("select"); for (var i=0; i<sel.length; i++){ if (sel[i].className == "select-content") { sel[i].onchange = getFile; } sel[i].selectedIndex = 0; } } function getFile (url) { var url = "AJAX/get_Bank.php?dealType="+ this.value; if (window.XMLHttpRequest) {xmlhttp=new XMLHttpRequest();} else {xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");} xmlhttp.open("GET",url,false); xmlhttp.send(); // a loop that looks through all <div>s on the page // and then replaces the id with the value and gets that file var divs = document.getElementsByTagName("div"); for (var i=0; i<divs.length; i++) { if(divs[i].id == "bank") { divs[i].id = this.value; divs[i].innerHTML=xmlhttp.responseText; } } } Hey all, I keep getting this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 2 When I use the script below. I'm finding it a bit confusing because everything about it continues to work, it's just it gives me an error. When the script runs, the outcome is "Success! Your dog now looks far more energetic! Looks like this food is all used up." Followed by the error, which cuts the remainder of the page off. Does anybody know why it's doing this? $dogyay = $_POST['dogid']; $checkenergy = "SELECT energy FROM dogs WHERE id=$dogyay"; $energylevel = mysql_query($checkenergy) or die(mysql_error()); $row = mysql_fetch_array($energylevel) or die(mysql_error()); if($row['energy'] >= 100) { echo "<b>Oops!</b> Looks like your dog is full right now...";} else{ echo "<b>Success! Your dog now looks far more energetic!</b><br><br>"; $sql11="UPDATE dogs SET energy=energy + 50 WHERE id=$dogyay"; $result11=mysql_query($sql11); $sql12="UPDATE items SET uses = uses - 1 WHERE itemid=$id"; $result12=mysql_query($sql12); $checkuses = "SELECT uses FROM items WHERE itemid=$id"; $useslevel = mysql_query($checkuses) or die(mysql_error()); $row = mysql_fetch_array($useslevel) or die(mysql_error()); if($row['uses'] == 0) { echo "Looks like this food is all used up.<bR><br>"; mysql_query("DELETE FROM items WHERE itemid='$id'") or die(mysql_error());} Thanks ! You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '["rid"]., SELECT refid1 FROM oto_members WHERE id='13', SELECT refid2 FR' at line 5 With this script area: $affiliate1=('.$_REQUEST["rid"].'); $affiliate2=("SELECT refid1 FROM oto_members WHERE id='".$_REQUEST["rid"]."'"); $affiliate3=("SELECT refid2 FROM oto_members WHERE id='".$_REQUEST["rid"]."'"); $affiliate4=("SELECT refid3 FROM oto_members WHERE id='".$_REQUEST["rid"]."'"); $affiliate5=("SELECT refid4 FROM oto_members WHERE id='".$_REQUEST["rid"]."'"); $affiliate6=("SELECT refid5 FROM oto_members WHERE id='".$_REQUEST["rid"]."'"); $affiliate7=("SELECT refid6 FROM oto_members WHERE id='".$_REQUEST["rid"]."'"); $affiliat8e=("SELECT refid7 FROM oto_members WHERE id='".$_REQUEST["rid"]."'"); $affiliate9=("SELECT refid8 FROM oto_members WHERE id='".$_REQUEST["rid"]."'"); $affiliate10=("SELECT refid9 FROM oto_members WHERE id='".$_REQUEST["rid"]."'"); $qry="INSERT INTO ".$prefix."members(firstname,lastname,email,address,city,state,postcode,country,telephone,username,password,refid1,refid2,refid3,refid4,refid5,refid6,refid7,refid8,refid9,refid10,geo,paypal_email,joindate,mtype,groupid,cb_id,status,signupip) VALUES('".$_REQUEST["firstname"]."','".$_REQUEST["lastname"]."','".$_REQUEST["email"]."','".$_REQUEST["address"]."','".$_REQUEST["city"]."','".$_REQUEST["state"]."','".$_REQUEST["postcode"]."','".$_REQUEST["country"]."','".$_REQUEST["telephone"]."','".$_REQUEST["username"]."','".md5($_REQUEST["password"])."', $affiliate1, $affiliate2, $affiliate3, $affiliate4, $affiliate5, $affiliate6, $affiliate7, $affiliate8, $affiliate9, $affiliate10 ,'".$_REQUEST["geo"]."','".$_REQUEST["paypal_email"]."',NOW(),".$_REQUEST["mtid"].",$eogroup,'".$_REQUEST["cb_id"]."','$memberstatus','$signupip')"; I'm a newbie, can you please help? I'm getting a mysql error "Unknown column 'E0000001' in 'where clause'" The id is in the URL: ...user-profile.php?id=E0000001 My Query $query = mysqli_query($con, "SELECT * FROM UserList WHERE UserID=".$id) or die (mysqli_error($con)); Thank you Edited September 18, 2019 by ACBMSEI have searched this forum as well as over 200 other forums and have not found the answer that is specific to my question. I have shortened my code drastically to assist in resolving this quickly -
I have a search form that has criteria for the search criteria with "virtual" "columns" in an array but it's not working. If I search one column at a time it works just fine but when I try to search 8 columns with one select I get the following error: SELECT Error: Unknown column 'achievements' in 'where clause'.
When a user selects search in Achievements, I need it to look at all 8 columns that are associated with achievements and bring back the results that match - the same as if the user selects search in Associations, I need it to look at all 5 columns and bring back the results that match.
My shortened code is as follows:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Search</title>
</head>
<body>
<form name="search" action="" method="POST">
<p>Search:</p>
<p>
Achievements/Associations: <input type="text" name="find1" /> in
<Select NAME="field1">
<Option VALUE="achievements">Achievements</option>
<Option VALUE="associations">Associations</option>
</Select>
<br><br>
Secondary Education: <input type="text" name="find2" /> in
<Select NAME="field2">
<Option VALUE="edu1sectype">Highest Certificate Attained</option>
<Option VALUE="edu1secname">Highest Grade Passed</option>
<Option VALUE="edu1secinst">Name of High School</option>
<Option VALUE="edu1secdate">Date Completed</option>
<Option VALUE="edu1secinsttyp">Type of Institution</option>
<Option VALUE="subjects">Subjects</option>
</Select>
<br><br>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</p>
</form>
<?php
$searching = $_POST['searching'];
$find1 = $_POST['find1'];
$field1 = $_POST['field1'];
$find2 = $_POST['find2'];
$field2 = $_POST['field2'];
if ($searching =="yes")
{
echo "<br><b>Searched For:</b> $find1 $find2<br>";
echo "<br><h2>Results</h2><p>";
//If they did not enter a search term we give them an error
// Otherwise we connect to our Database
include_once "connect_to_mysql.php";
mysql_select_db("table_name") or die(mysql_error());
// We preform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim($find);
$find = mysql_real_escape_string($find);
$field = mysql_real_escape_string($field);
$data = mysql_query("SELECT * FROM table_name
WHERE upper(".$field1.") LIKE '%$find1%'
AND upper(".$field2.") LIKE '%$find2%'
") or die("SELECT Error: ".mysql_error());
$result = mysql_query("SELECT * FROM table_name
WHERE upper($field1) LIKE '%$find1%'
AND upper($field2) LIKE '%$find2%'
") or die("SELECT Error: ".mysql_error());
$num_rows = mysql_num_rows($result);
echo "There are $num_rows records:<br>";
echo '<center>';
echo "<table border='1' cellpadding='5' width='990'>";
// set table headers
echo "<tr><th>Reference</th>
<th>First Name</th>
<th>Last Name</th>
</tr>";
//get images and names in two arrays
$name= $row["name"];
$surname= $row["surname"];
$achieve1 = $row["achieve1"];
$achieve2 = $row["achieve2"];
$achieve3 = $row["achieve3"];
$achieve4 = $row["achieve4"];
$achieve5 = $row["achieve5"];
$achieve6 = $row["achieve6"];
$achieve7 = $row["achieve7"];
$achieve8 = $row["achieve8"];
$assoc1 = $row["assoc1"];
$assoc2 = $row["assoc2"];
$assoc3 = $row["assoc3"];
$assoc4 = $row["assoc4"];
$assoc5 = $row["assoc5"];
$edu1sectype = $row["edu1sectype"];
$edu1secinst = $row["edu1secinst"];
$edu1secname = $row["edu1secname"];
$edu1secdate = $row["edu1secdate"];
$edu1secinsttyp = $row["edu1secinsttyp"];
$subject1 = $row["subject1"];
$subject2 = $row["subject2"];
$subject3 = $row["subject3"];
$subject4 = $row["subject4"];
$subject5 = $row["subject5"];
$subject6 = $row["subject6"];
$subject7 = $row["subject7"];
$subject8 = $row["subject8"];
$compsoft1name = $row["compsoft1name"];
$compsoft2name = $row["compsoft2name"];
$compsoft3name = $row["compsoft3name"];
$compsoft4name = $row["compsoft4name"];
$compsoft5name = $row["compsoft5name"];
$compsoft6name = $row["compsoft6name"];
$achievements = array('achieve1', 'achieve2', 'achieve3', 'achieve4', 'achieve5', 'achieve6', 'achieve7', 'achieve8');
$associations = array('assoc1', 'assoc2', 'assoc3', 'assoc4', 'assoc5');
$subjects = array('subject1', 'subject2', 'subject3', 'subject4', 'subject5', 'subject6', 'subject7', 'subject8' );
$compsoft = array('compsoft1name', 'compsoft2name', 'compsoft3name', 'compsoft4name', 'compsoft5name', 'compsoft6name');
while ($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td ALIGN=LEFT>" . $row['id'] . "</td>";
echo "<td ALIGN=LEFT>" . $row['name'] . "</td>";
echo "<td ALIGN=LEFT>" . $row['surname'] . "</td>";
echo "</tr>";
}
echo "</table>";
//This counts the number or results - and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($data);
if ($anymatches == 0) {
echo "Sorry, but we can not find an entry to match your query";
}
}
?>
</body>
</html>
Any assistance will be greatly appreciated as I have been working on this website for the past 4 months which has totalled over 150 pages and this is one of the last pages left to program and it's taken 6 days to get to this search page to this point.
Hi there I'm trying to insert audi files' records into mysql database this is how the records insertion looks like: Code: [Select] $fileName = $_FILES['uploaded']['name'];//name $tmpName = $_FILES['uploaded']['tmp_name'];//temp location $fileSize = $_FILES['uploaded']['size'];//size of the file $fileType = $_FILES['uploaded']['type'];//type of file $error = $_FILES['uploaded']['error'];//verifys errprs $ext = substr($fileName, strrpos($fileName, '.') +1); //this will get the extention out of the file name e.g. .mp3 //check that a file is passed by and no errors if(isset($fileName) && $error == 0 && $fileSize != 0){ //condition to accept only certain file types/extentions if($ext == "mp3" || $ext == "wma" || $ext == "wav"){ //get file content $fp = fopen($tmpName, 'r'); $content = fread($fp, filesize($tmpName)); $content = addslashes($content); fclose($fp); if(!get_magic_quotes_gpc()) { $fileName = addslashes($fileName); } //query to retrieve user's id $userid = mysql_query("select userID from user where username = '$username'"); //to get id by username $row = mysql_fetch_assoc($userid); $userid = $row['userID']; $query = "INSERT INTO tracks (trackName, userID, tag, price, file, fileName, fileSize, fileType) VALUES ('$tname','$userid','$tag','$price','$content','$fileName','$fileSize' , '$fileType)"; mysql_query($query) or die (mysql_error()); when i send it i get this error: Unknown column 'application' in 'field list' i did set data type for the fileType field to varchar. when i remove the fileType all together the record is inserted successfully into database though. ?!! can anyone help please I have this function I use to simplify things.
function search_string( $needle, $haystack ) {
if ( preg_match_all( "/$needle/im", $haystack ) || strpos( $haystack, $needle ) ) {
return TRUE;
}
return FALSE;
}
I keep getting this error in my PHP logs, and it comes in a sequence: [07-Nov-2020 05:34:14 America/Los_Angeles] PHP Warning: preg_match_all(): Unknown modifier 'G' in /home/baser-b/public_html/include/functions.php on line 791 [07-Nov-2020 05:34:14 America/Los_Angeles] PHP Warning: preg_match_all(): Unknown modifier 'g' in /home/baser-b/public_html/include/functions.php on line 791 Meaning, it will come with one with the small g, then three with the big G, then one with the small g, then five with the big G, and so on.... My question is, how can I stop getting this error. It won't show me the functions being called to arrive at this answer, as this is likely an error generated by another function calling this one. I was wondering if anyone knew what to change in the search_string function to stop getting this error, why this error is happening, or why the strange repetitive sequence. Is it someone trying to do a hack? The only variable that would be changeable by a visitor would be the $needle variable, so what could they type that has something to do with 'g' to get this? Anyway, thanks. I GET QuoteFatal error: TPL: [in line 0]: syntax error: file 'm/pg/_categories' does not exist in C:\WebServ\httpd\libs\tpl\class.template.php on line 943 unset($_templatelite_tpl_vars); else: $_templatelite_tpl_vars = $this->_vars; echo $this->_fetch_compile_include($this->_vars['TPLx'].'m/pg/_categories'.$this->_vars['HTML'], array()); $this->_vars = $_templatelite_tpl_vars; WITH FILES http://testynarkotykowe.j13x.pl/index.txt && http://testynarkotykowe.j13x.pl/indexpg.txt HOW TO FIX IT In drive.php
public function insert($postBody, $optParams = array()) I have a database in which i store articles that contain all type of special characters including slashes, single quotes, double quote etc. Previously it was working fine, but now after the updating the xampp, things are not going as usual. I insert are articles using following code $query = "INSERT INTO `articles` (`source`, `heading`, `description`, `catagory`, `detail`, `date`, `timestamp`) values ('$source', '$heading', '$desc', '$catagory', '$detail', '$date', '$timestamp')"; Error I am getting is Error Running query 1You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's economy and emphasized that international community should provide its complet' at line 2 Can anybody tell me whats wrong with my script? Bad title, I know. What I mean is I have a code that shows a pop-up error message if you try to post with a username someone else has. Well, I use this code for my user/pass/message fields: $user = preg_replace("/[^A-Z a-z0-9]/", "", $_POST['user']); $password = preg_replace("/[^A-Za-z0-9]/", "", $_POST['password']); $message = preg_replace("/[^A-Za-z0-9]/", "", $_POST['message']); What that does is, if you post with, say, a less than or greater than sign, or some other whack character, it makes the field blank for whichever field(s) you enter other characters into. So really, when someone posts on my forums with a character I do not want them to use in their user/message, it makes the message completely blank, no matter what other allowed characters are used, and the same with the username...so the post will show up without a poster. My question is, what is a code to use so a pop-up box would show up instead of letting the post go through and post blanks? Doesn't even have to be a pop-up box, just something to say to the user, "Hey, you can't use (insert disapproved character(s) here)" and to have the post not go through. hi, I'm working with a script I've written (with a *lot* of help!!) I'm trying to get the results of a db search to be displayed in a html table, with a row for each result. I'm almost there, I've got 1 glitch and 1 cosmetic issue I can't resolve with the below script, any help would be greatly appreciated!! 1. the table displays the entire contents of the db before it is filtered through the search, I think this has something to do with the $num=mysql_numrows($result); expression, but I'm not sure how to fix it 2. I'd like the last column of the table to be about twice as wide as the others, as it contains a lot of free text, would I have to set the length of each column in order to do this or is there a shorthand way? the current script is: <form method="post" name="Search" action="test2.php"> <input type="text" name="name" autocomplete="OFF" /> <input value="Search" type="submit" name="Search" /> <input value="yes" type="hidden" name="submitted" /> </form> <?php if($_POST['submitted'] == 'yes') $username="*****"; $password="*****"; $database="*****"; $server="localhost"; $db_handle = mysql_connect($server, $user_name, $password); $db_found = mysql_select_db($database, $db_handle) or die( "Unable to select database"); $query="SELECT * FROM ***** WHERE surname LIKE '" . mysql_real_escape_string($_POST['name']) . "%'"; $result=mysql_query($query) or die ('<br>Query string: ' . $SQL . '<br>Produced error: ' . mysql_error() . '<br>'); if (mysql_num_rows($result) == 0) { echo "No results found"; exit; } $num=mysql_numrows($result); $fields_num = mysql_num_fields($result); echo "<h1>Table: {$table}</h1>"; echo "<table border='1'><tr>"; for($i=0; $i<$fields_num; $i++) { $field = mysql_fetch_field($result); echo "<td>{$field->name}</td>"; } echo "</tr>\n"; while($row = mysql_fetch_row($result)){ echo "<tr>"; foreach($row as $cell) echo "<td>$cell</td>"; echo "</tr>\n"; } mysql_free_result($result); mysql_close($db_handle); ?> Hello, On my site I am allowing users to post HTML and I'm in the planning phase. I'm already written REGEX to get rid of <script> and <frame> tags, but I have ran into a problem regarding <embed> it seems as though in browsers such as chrome <embed> acts like an <iframe> tag. The problem is that with this sort of behavior users may link to potentially harmful sites like infinite alert boxes ect. How will I bee able to make sure users don't embed websites instead of flash? Alternate Question: Also if I do allow users to include websites, how could I disable alert boxes? |
|||||||