|
PHP - Need Advice On Sql Injection Protection And Why My Function Won't Work.
I haven't had a problem with sql injection yet, but I'm scarred to death.
I didn't do any form data validation as I was building my site. I'm just now starting to learn how. Magic_quotes is turned on at my host. I know about htmlspecialchars and mysql_real_escape_string and stripslashes and htmlentities. In testing each of these, it seems they all miss one thing or another. so, I created an array of words and characters that I can't for the life of me imagine anyone would ever need on any form in my site, that I THINK addresses most if not all of the really bad things. But hey... I'm new to this. So here is my array and using print_r() it looks pretty good. Code: [Select] $badstuff = array('select','delete','update','insert','drop','=',';','"','\'','<','>','/'); Code: [Select] Array ( [0] => select [1] => delete [2] => update [3] => insert [4] => drop [5] => select [6] => delete [7] => update [8] => insert [9] => drop [10] => = [11] => ; [12] => " [13] => ' [14] => < [15] => > [16] => / ) My str_ireplace() function works fine within the code, but I'd like to create a function using str_ireplace(). I am failing miserably. Here is my function that doesn't work... Code: [Select] function strip($string){ return str_ireplace($badstuff,"",$string); } Here below..... the first line, that uses the function does NOT work. The second line that just uses str_replace() function works fine. Code: [Select] echo strip($string).'<br>'; echo str_ireplace($badstuff,"",$string) Can anyone tell me why my function does not work? I've read and watched 20 tutorials and just can't see the problem. Thanks for any input. Similar Tutorialsim having some robots injecting gibberish i wnat to deny amy links in the requesttext of the form for some reason i tested it and it accepted a http link Code: [Select] if (preg_match("/http/i","$RequestText")){ exit();} thanks How can you protect mysql injection? (from inserting different statements into the input field) Thanks <?php include ("database.php"); // show comments $result = mysql_query("SELECT * FROM gamecomments"); while($row = mysql_fetch_array($result)) { echo $row['username'] . ": <Br> " . $row['comment']; echo "<p>"; } ini_set ("display_errors", "1"); error_reporting(E_ALL); if (isset($_POST['submit'])) { // now we insert it into the database $insert = "INSERT INTO gamecomments (username, comment) VALUES ('[$username]', '$_POST[comment]')"; $add_comment = mysql_query($insert); { echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=games.php\">"; } } '[$username]' is using a variable from a cookie varifying that you are logged in, this code works except i need to put real escape strings and protection from mysql injection and dont really know where to put them. Code: [Select] if (isset($_POST['submit'])) { // now we insert it into the database $insert = "INSERT INTO gamecomments (username, comment) VALUES ('[$username]', '$_POST[comment]')"; $add_comment = mysql_query($insert); { echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=games.php\">"; } } [CODE] Hey, Wondering if this would work, it is based on the idea that everyone who is a real visitor will be using a browser, is that correct? Do robots use browsers too? if so, it wont work! haha. <? $browser = mb_substr($_SERVER['HTTP_USER_AGENT'], 0, 31); if (!empty($browser)){echo '<form action="send.php" method="post">';} ?> Just thought it was nice and simple, and couldnt see anywhere if it would work or not... When I put this chunk of code into it's own function: function fetch_all ($dbc, $query) { include ('knuffix_list_func.php'); pagination_start ($dbc, $query); $offset = $pag_array[0]; $rows_per_page = $pag_array[1]; $query = $query . " LIMIT $offset, $rows_per_page"; echo "test query: " . $query; knuffix_list ($query, $dbc); pagination_end ($pag_array); } And when I echo out the query as you can see in the example, then I notice that the variables $offset and $rows_per_page never get appended. I set the variable $pag_array to a global inside the function pagination_start(). It usually works when I DON'T wrap a function around this chunk of code, but if I do wrap a function around everything then the global suddenly won't work anymore. Btw, this also won't work if I wrap a function around the function DECLARATIONS. Any ideas, how I could make it work? Hi everyone, It's been awhile since I've coded in PHP and I can't figure out whats wrong with my code... I have a simple function to grab a field from my database and return it. I can make it work without the function, but when I implement it as a function, it breaks - no error, just a blank page. This works fine: $page = "page_about"; $sql = "SELECT body FROM " . $page . " WHERE id=1"; $result = @mysql_query($sql,$connection) or die(mysql_error()); $row = mysql_fetch_array($result); $display = $row[0]; But this does not: function grabBody($page) { $sql = "SELECT body FROM " . $page . " WHERE id=1"; $result = @mysql_query($sql,$connection) or die(mysql_error()); $row = mysql_fetch_array($result); return $row[0]; } $display = grabBody("page_about"); If anyone has any idea whats wrong, please let me know!! Thank you, - Jeff Miller I am having an issue with a support ticket program. I have added a feature to this program that allows my staff members to add multiple users to a ticket. The problem I am having because I am new to PHP is how do I email the users when they have been added to the ticket. Below is the code I am using for add user. If someone could look at it and help me figure out how to get this to email the user when they are added to the support ticket that would be great. I have been struggling with this for alot of nights and just cant figure it out. Code: [Select] <?php require "../conf/conn.php"; require "../conf/conf.php"; require "session.php"; ?> <html> <head> <title><?php echo "$c_title - Add User"; ?></title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <STYLE type="text/css"> <?php include('../style.php'); ?> </STYLE> <SCRIPT LANGUAGE="JavaScript"> <!-- Begin function dele(assigned_user,username,ticket_id,id) { var assigned = document.getElementById('assigned_user').value; if(assigned_user==assigned) { alert("You Can't Delete the user '"+username+"'\nUsername assigned for the ticket '"+ticket_id+"'"); } else { if(confirm('Are you sure to delete?')) window.location.href = "adduser.php?action=delete&user_id="+assigned_user+"&ticket_id="+ticket_id+"&ticid="+id; } } // End --> </script> </head> <body> <?php $ticket_id = $_GET['ticket_id']; if(isset($_GET['action'])) { if($_GET['action']=='delete'){ if(isset($_GET['ticid'])) { $tid = $_GET['ticid']; $query_user ="DELETE FROM support_users WHERE id='$tid'"; $result=mysql_query($query_user); echo $_SESSION['successMsg'] = "<b>User Deleted From the ticket '$ticket_id'</b>"; } } } if(!empty($_POST)) { $date = date('Y-m-d H:i:s'); $puid = $_POST['username']; if($puid!='') { mysql_query("INSERT INTO support_users (id,user_id,ticket_id,assign_date) VALUES ('','$puid','$ticket_id','$date')") or die("<B>Error ".mysql_errno()." :</B> ".mysql_error().""); $_SESSION['successMsg'] = "User Added !"; } } $query_user ="SELECT SU.id,SU.user_id,SU.ticket_id,SU.assign_date,U.user,U.name,U.email FROM support_users AS SU LEFT JOIN users AS U ON SU.user_id=U.id WHERE ticket_id='$ticket_id';"; $result1=mysql_query($query_user); $user_arr = array(); while($userrow1 = mysql_fetch_array($result1)) { $user_arr[] = $userrow1['user_id']; } $result=mysql_query($query_user); $query_user ="SELECT * FROM support WHERE Ticket='$ticket_id';"; $support_result=mysql_query($query_user); $support = mysql_fetch_array($support_result); /* $query_user ="SELECT * FROM users WHERE Ticket='$ticket_id';"; $support_result=mysql_query($query_user); $support = mysql_fetch_array($support_result);*/ if(isset($_SESSION['successMsg'])) { if($_SESSION['successMsg']=="") { echo $_SESSION['successMsg']; $_SESSION['successMsg'] = ""; } } ?> <form method="post" action=""> <table width="400" border="0" align="center" cellspacing="1"> <tr> <td colspan="4" class="submenu"> Ticket ID <?=$ticket_id?> </td> </tr> <tr align="center"> <td colspan="4" class="submenu"> Add Users </td> </tr> <tr align="center"> <td class=""> Select User </td> <td> <select name="username"> <option value="">[--Select User--]</option> <?php $query_user1 ="SELECT * FROM users WHERE level = '3' AND active <> '0' AND validated ='1' order by name"; $result1=mysql_query($query_user1); while($userrow1 = mysql_fetch_array($result1)) { if(!in_array($userrow1["id"],$user_arr)) { $tempuser=$userrow1["user"]; ?> <option value="<?php echo $userrow1["id"];?>"<?php if($row_user[user]==$tempuser){echo " selected ";}?>><?php echo "$userrow1[user] ($userrow1[name] )"; ?></option> <?php } } ?> </select> <input type='submit' value='Add'> </td> </tr> </table> </form> <table width="400" border="0" cellspacing="0" cellpadding="0" align="center" class="border"> <tr> <td> <table width="400" border="0" align="center" cellspacing="1"> <tr align="center"> <td colspan="4" class="submenu"> Assigned Users <input type='hidden' id='assigned_user' name='assigned_user' value="<?=$support['user_id']?>"> </td> </tr> <tr> <td class="descrip">User</td> <td class="descrip">Name</td> <td class="descrip">Email</td> <td class="descrip">Actions</td> </tr> <?php while($row = mysql_fetch_array($result)) { ?> <tr> <td class="dat"><a href="#" onClick="sendValue(<?php echo "'".$row[user]."'"; ?>);"><?php echo $row[user]; ?></a><?php if ($row["active"] == 2) echo "<font size=1 color=#FF0000> (Suspended)</font>"; ?></td> <td class="dat"><?php echo $row["name"]; ?></td> <td class="dat"><?php echo $row["email"]; ?></td> <td class="dat"><img src="../images/delete3.gif" /> <a href="javascript:dele('<?=$row["user_id"]?>','<?=$row["user"]?>','<?=$row["ticket_id"]?>','<?=$row["id"]?>');">Delete </a></td> </tr> <?php } ?> <tr align="center"> <td colspan="4" class="submenu"> <?php if ($numpage>1) { pagenav(); } else { echo " "; } ?> </td> </tr> </table> </td> </tr> </table> <br><table align="center"><tr><td><a href="javascript:window.close();">Close Window</a></td></tr></table> </body> </html> Thanks in advance for any help... All the tables are correct and it's making the connect to the database fine it's just not working, did I write it wrong? Code: [Select] function newPm($to, $from, $title, $text){ $q = $db->query("SELECT * FROM ibf_message_topics ORDER BY mt_id DESC"); $lastMsg = $db->fetch_assoc($q); $mid = $lastMsg['mt_id'] + 1; $msgId = $lastMsg['mt_msg_id'] + 1; $db->query("INSERT INTO ibf_message_topics SET mt_id=$mid, mt_msg_id=$msgId, mt_date=". time(). ", mt_title='$title', mt_from_id=$from, mt_to_id=". $to. ", mt_vid_folder='in', mt_read=0, mt_owner_id=$to, mt_user_read=0") or die(mysql_error()); $db->query("INSERT INTO ibf_message_text SET msg_id=$msgId, msg_date=". time() .", msg_post='$text', msg_sent_to_count=1, msg_author_id=$from") or die(mysql_error()); $userq = $db->query("SELECT new_msg FROM ibf_members WHERE id = $to"); $userData = $db->fetch_assoc($userq); $msgCount = $userData['new_msg'] + 1; $db->query("UPDATE ibf_members SET new_msg=$msgCount, show_popup=1 WHERE id = $to") or die(mysql_error()); } Here's how that function is being called in the beginning of the page: Code: [Select] if($action =="banUser"){ $expire = time() + (3600000 * 24 * $_GET['duration']); $q = $db->query("SELECT * FROM ibf_message_topics ORDER BY mt_id DESC"); $lastMsg = $db->fetch_assoc($q); $mid = $lastMsg['mt_id'] + 1; $msgId = $lastMsg['mt_msg_id'] + 1; $title = "Notification"; $duration = $_GET['duration'] ." days"; if($_GET['duration'] == "1"){ $duration = "1 day"; } if($_GET['duration'] == "Forever"){ $duration = "forever"; } $temp = 0; if($expire > time()){ $temp = 1; } $body = "This automated message has been sent to notify you that your account has been banned $duration. To appeal this ban, click on Irc from the menu on the homepage and ask to speak to a moderator. If this ban is temporary, your account will be reinstated automatically at the appropriate time"; newPm($id, 3017, $title, $body); $msgCount = $_GET['msg'] + 1; $db->query("UPDATE ibf_members SET ban_level = $level, tempbanned = $temp, banned = 1, ban_expire='$expire', ban_reason='". $_GET['reason']."', ban_by='". $name."' WHERE id=$id") or die(mysql_error()); ?> <center><b>User banned!</b> (<a href="index.php?code=plyrmgmt">Back to Player Management</a>)</center> Hello Everyone, I am writing a simple CMS system for someone. I am having trouble getting the delete function to work. I pick the user that I want to remove from the system. I verify that this is the right person to remove. Then the record is deleted from the database. The part that picks the person and verifies that it is the right person to remove from the database work fine. It is the part that actually deletes the record. It takes me back to the pick_user.php. If someone could help me with this I would appreciate it This is the code from the show_user_del.php <?php if (!$_POST[id]) { header ("LOCATION: pick_user.php"); exit; } if ($_COOKIE[auth] != "ok") { header("Location: ../login.php"); } require('../includes/auth_user.php'); //build and issue query $sql = "SELECT * FROM $table WHERE id = '$_POST[id]'"; $result = mysql_query($sql, $connection) or die(mysql_error()); while ($row = mysql_fetch_array($result)) { $f_name = $row['f_name']; $l_name = $row['l_name']; $username = $row['username']; $password = $row['password']; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Add Classified Ad</title> </head> <body> <h2><em>Delete user from Database</em></h2> <h3>User being deleted <?php echo "$f_name $l_name"; ?></h3> <form method="POST" action="do_delete_user.php"> <input type="hidden" name="id" value="<?php echo "$_POST[id]"; ?>" /> <input type="hidden" name="f_name" value="<?php echo "$f_name"; ?>" /> <input type="hidden" name="l_name" value="<?php echo "$l_name"; ?>" /> <p> <strong>Name:</strong> <?php echo "$f_name $l_name"; ?> </p> <p> <strong>Username:</strong> <?php echo "$username"; ?> </p> <p> <strong>Password:</strong> <?php echo "$password"; ?> </p> <p> <input type="submit" name="submit" id="name" value="Delete User" /> </p> </form> <p><a href="../admin_menu.php">Return to Administration Menu</a></p> </body> </html> When the submit button is clicked in the above code. It is supposed to bring you to the page below saying that the record was deleted. When the submit button is clicked it sends you back to the pick user page. <?php if ((!$_POST[f_name]) || (!$_POST[l_name])) { header ("LOCATION: show_user_del.php"); exit; } if ($_COOKIE[auth] != "ok") { header("Location: ../login.php"); } require('../includes/auth_user.php'); $sql = "DELETE FROM $table WHERE id = '$_POST[id]'"; $result = mysql_query($sql, $connection) or die(mysql_error()); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <h1>User has been removed</h1> <h2><em>User <?php echo "$_POST[f_name] $_POST[l_name]"; ?> has been deleted from the <?php echo "$table"; ?> table</em></h2> <p><a href="pick_user.php">Delete another person</a></p> <p><a href="../admin_menu.php">Administration Menu</a></p> </body> </html> HI...I hope u r all fine. I am using nested function ih php. this is not working.Here is the code. Code: [Select] <?php $array = array('a','b','c'); big_func($array); function big_func($arr) { function func1($arr) { foreach($arr as $list1){ echo $list1.'<br />'; } function func2($arr) { foreach($arr as $list2){ echo '<b>'.$list2.'</b><br />'; } } function func3(){ $arra = array('d','e','f'); func1($arra); } } } ?> This is not working.What is the problem with this code? please help me .....thanks........ hi guys. i'm new to php and Apache and i have a problem. i'm trying to execute an exe file that i have in my folder, and the code i use is Code: [Select] echo exec('test.exe');i have tried using this with and without the ".exe." and still no luck. i have also tried using a different path Code: [Select] echo exec('C:\Windows\System32\mspaint');now these codes work when i run them from my php editor(PhpED), bun when i try running it on Apache it gets stuck. (just shows the web page as loading with no end. please help me out. i'm guessing it something with security. also if there is any other code i can use please let me know (i have also tried using system) Code: [Select] <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>----Index----</title> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } //--> </script> <link href="file:///H|/10109/10109/10109/WITHOUT_FLASH/style.css" rel="stylesheet" type="text/css"> </head> <body bgcolor="#ffffff" onLoad="MM_preloadImages('file:///H|/10109/10109/10109/WITHOUT_FLASH/images/l1-1.gif')"> <table width="766" style="height:100%" border="0" cellspacing="0" cellpadding="0" align="center"> <tr> <td width="766" style="height:850px" valign="middle"> <table width="766" style="height:850px" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="766" style="height:299px" valign="top"> <table width="766" style="height:299px" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="45" style="height:299px" valign="top"></td> <td width="680" style="background-image: url(file:///H|/10109/10109/10109/WITHOUT_FLASH/images/fl.jpg); background-repeat: no-repeat; background-position:;height:299px" valign="top"> <table width="680" style="height:299px" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="680" style="height:97px" valign="top"> <table width="680" style="height:97px" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="537" style="height:97px" valign="top"> <img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/logo.jpg" style="margin-left:10px; margin-top:29px"><br> </td> <td width="143" style="height:97px" valign="top"> <a href="#"><img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/p-h.gif" style="margin-left:px; margin-top:55px"></a><img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/p-l.gif" style="margin-left:17px; margin-top:55px"><a href="#"><img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/p-m.gif" style="margin-left:17px; margin-top:55px"></a><img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/p-l.gif" style="margin-left:17px; margin-top:55px"><a href="#"><img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/p-s.gif" style="margin-left:16px; margin-top:55px"></a><br> </td> </tr> </table> </td> </tr> <tr> <td width="680" style="height:202px" valign="top"> <table width="680" style="height:202px" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="238" style="height:202px" valign="top"> <?php include("menu.php"); ?> </td> <td width="442" style="height:202px" valign="top"> <img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/slogan.jpg" style="margin-left:px; margin-top:62px"><br> </td> </tr> </table> </td> </tr> </table> </td> <td width="41" style="height:299px" valign="top"></td> </tr> </table> </td> </tr> <tr> <td width="766" style="height:3px" valign="top"></td> </tr> <tr> <td width="766" style="height:548px" valign="top"> <table width="766" style="height:548px" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="55" style="height:548px" valign="top"></td> <td width="659" style="height:548px" valign="top"> <table width="659" style="height:548px" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="659" style="height:435px" valign="top"> <table width="659" style="height:435px" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="181" style="height:100%" valign="top"> <table width="181" style="height:100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td bgcolor="#E9E9E9" width="181" style="background-image: url(file:///H|/10109/10109/10109/WITHOUT_FLASH/images/m1-b.gif); background-repeat: no-repeat; background-position: bottom;height:100%" valign="top"> <img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/t1.gif" style="margin-left:px; margin-top:px"><br> <div class="m_text" style="margin-left:25px; margin-top:30px; margin-right:15px; margin-bottom:10px"> <strong class="ls_text">[ 12.11.2005 ]</strong><br> <br style="line-height:4px"> <a href="#" class="h_text">Vestibulum ante ipsum primis faucibu</a><br> <br style="line-height:4px"> Fusce feugiat maleda odio. Morbi nunc odio, gvida mrsus necluc tus a, lorem. Mcenas tristique orci ac sem.<br> <img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/line.gif" style="margin-left:px; margin-top:18px"><br> <br style="line-height:19px"> <strong class="ls_text">[ 12.11.2005 ]</strong><br> <br style="line-height:4px"> <a href="#" class="h_text">Vestibulum ante ipsum primis faucibu</a><br> <br style="line-height:4px"> Fusce feugiat maleda odio. Morbi nunc odio, gvida mrsus necluc tus a, lorem. Mcenas tristique orci ac sem.<br> <div align="left" class="_text" style="margin-left:0px; margin-top:30px"><img alt="" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/a.gif" hspace="0" vspace="0" border="0" align="left" style="margin-right:6px; margin-top:5px"><a href="#" class="l_text">more news</a></div> </div> </td> </tr> <tr> <td width="181" style="height:71px" valign="top"> <a href="#"><img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/b1.jpg" style="margin-left:px; margin-top:7px"></a><br> </td> </tr> </table> </td> <td width="7" style="height:435px" valign="top"></td> <td width="471" style="height:100%" valign="top"> <table width="471" style="background-image: url(file:///H|/10109/10109/10109/WITHOUT_FLASH/images/m2-dr.gif); background-repeat: repeat-y; background-position:;height:100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="m_text" width="471" style="background-image: url(file:///H|/10109/10109/10109/WITHOUT_FLASH/images/m2-b.gif); background-repeat: no-repeat; background-position: bottom;height:100%" valign="top"> <img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/t2.gif" style="margin-left:px; margin-top:px"><br> <div align="left" class="_text" style="margin-left:20px; margin-top:20px; margin-right:35px; margin-bottom:px"> <img alt="" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/p1.jpg" hspace="0" vspace="0" border="0" align="left" style="margin-right:10px; margin-top:0px"> <img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/spacer.gif" width="1" height="7"><br> <strong>Ultricies pharetra magna, donec acsan malada <br> Donec sit amet eros, sit amet. </strong><br> <br style="line-height:6px"> Consectetuer dipiscing elit. Mauris in fermen tum dictum.<br> magna <a href="#" class="h_text" style="text-decoration:none">(sed laoreet aliquam leo tellus)</a> dolor, dapibus.<br> eget, elementu vel, cursus eleifend, elit. Aenean auctor wisi et urna erat volutpat.<br> <div align="right" class="_text" style="margin-left:0px; margin-top:6px"><img alt="" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/a.gif" border="0" style="margin-right:6px; margin-top:0px"><a href="#" class="l_text">learn more about us</a></div> </div> <img alt="" border="0" src="file:///H|/10109/10109/10109/WITHOUT_FLASH/images/t3.gif" style="margin-left:px; margin-top:24px"><br> <div style="margin-left:25px; margin-top:22px; margin-right:px; margin-bottom:25px"> <table width="" style="height:px" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="223" style="height:px" valign="top"> <ul class="lt_text" style="margin-left:px; margin-top:px; margin-bottom:2px"> <li style="margin-top:0px"><a href="#" class="lt_text">Fusce feugiat malesada odio </a></li> <li><a href="#" class="lt_text">Morbi nunc odio, gravida at </a></li> <li><a href="#" class="lt_text">Cursus necluc tus a, lorem</a></li> <li><a href="#" class="lt_text">Maecenas tristique orci ac sem</a></li> <li><a href="#" class="lt_text">Duis ultricies pharetra.</a></li> </ul> </td> <td width="" style="height:px" valign="top"> <ul class="lt_text" style="margin-left:px; margin-top:px; margin-bottom:2px"> <li style="margin-top:0px"><a href="#" class="lt_text">Fusce feugiat malesada odio </a></li> <li><a href="#" class="lt_text">Morbi nunc odio, gravida at </a></li> <li><a href="#" class="lt_text">Cursus necluc tus a, lorem</a></li> <li><a href="#" class="lt_text">Maecenas tristique orci ac sem</a></li> <li><a href="#" class="lt_text">Duis ultricies pharetra.</a></li> </ul> </td> </tr> </table> </div> </td> I am using PHP 5.5 on windows 8 and I am trying to localize my website to multiple languages while everything is OK on remote host , the gettext function does not work correctly in my localhost. I have implemented the whole tutorial of http://www.sitepoint...applications-1/ step by step but it seems setlocale(LC_ALL, "en_US") fails and I don't know how to correct or install "en_US" in my system. when I use "en-US" instead of "en_US" the sellocale function does not return FALSE but again the gettext function return the original string.
I am attempting to build an online shopping cart, however I have a problem with the Delete /Remove Item function. Add New and Update Item work perfectly fine, just the Remove Item doesn't. It seems to be mirroring the same functionality as Update Item. http://www.tottonc.co.nz to see my problem in action. Any help or solutions would be much appreciated... Hey guys.
I am currently hosting my website on my own dedicated server, and i am trying to use the mail() function, but for some reason it doesn't send the email.
This is my php code:
the *** are real addresses.
The from is admin@host.com
<?php $to = "****"; $subject = "Test mail"; $message = "email message."; $from = "***"; $headers = "From:" . $from; mail($to,$subject,$message,$headers); echo "Mail Sent."; ?> Edited by Tzahi_ben_artzi, 02 October 2014 - 02:44 PM. Hi, Im learning php, but Im a bit confused on this basic problem. I have the following code: <?php include "tax.php"; $price = 95; echo "Price before tax: $price <br>"; echo "Price after tax: "; echo add_tax ($price); ?> Which uses the function below <?php function add_tax ($amount) { $total = $amount * 1.09; return $total; } ?> When I execute the code I can see that it does work, but I do not understand why this part works! echo add_tax ($price); There is no multiplier symbol here, so is the function performed on the ($price) variable simply because of where it is located on this line of code? Thanks Well PHP manual says that the script execution will be delayed by $x seconds if you write a codes like this: Code: [Select] $x = 5; //5 secs sleep($x); Now I have this script in which I write the four lines to the screen one by one, each should be delayed by 5 secs after the last line is output to the screen. It does not work out at all... Code: [Select] echo "Update setting 1:"; sleep(5); echo "Success! <br>Updating setting 2"; sleep(5); echo "Success! <br>Updating setting 3"; sleep(5); echo "Success! <br>Updating setting 4"; Instead, the entire script execution is delayed by 15 secs, with all four lines output at the same time. Why is this happening? Is there a way to fix it? Please help... how would this code work? Code: [Select] if ($_POST['username'] == "[, ., ,, _, -" ){ die('Invalid characters.'); i want it to mean if there are any characters like ", [ . - _ ' " or anything in the username then die('invalid characters.'); for extra safety I need to know, what i need to care about while im coding, how someone can hack my php code. Some tricks for protection pls? |
|||||||