PHP - Having A Brain-block

hey peeps,
I am trying to get my site to display related youtube videos under the main video

here is what i have

$query=mysql_query("SELECT title,mp3ID,youtube_ID FROM songs ORDER BY RAND() LIMIT 10 ") or die("Error Occured");
$left = true;
while($row=mysql_fetch_array($query))
{
if ($left)
{
echo "<tr>";
}
echo "<td align='justify' width='100%' cellspacing='2' cellpadding='2' >";
echo "<td><img src='http://img.youtube.com/vi/".$row['youtube_ID']."/default.jpg'></td>";
echo "<td nowrap><a href='/music.php?id=".$row['mp3ID']."'>".$row['title']."</a></td>";
echo"</td>";
if (!$left)
{
echo"</tr>";
}
$left = !$left;
}
?>


this is basic info of how i am able to get youtube video titles and image....i want to use the same youtube.com video ID To get related videos


please help!!

Ok this should be straight forward but my tired brain cannot work this out. I'm creating a simple contact form and for some reason the validation isn't working. It wont go past the check fields are filled in validation. Can anyone spot what I'm doing wrong?

Code: [Select]
                <form method="get">
                  <h1 class='contact_form_h'>Contact Us</h1>
                  <div id="login_response"></div>
                  <input type='text' name='name' id='name' class='contact_form_input' value='Name' onfocus="if(!this._haschanged){this.value=''};this._haschanged=true;" />
                  <input type='text' name='email' id='email' class='contact_form_input' value='Email' onfocus="if(!this._haschanged){this.value=''};this._haschanged=true;" />
                  <textarea name='enquiry' id='enquiry' class='contact_form_textarea' rows='10' cols='10' onfocus="if(!this._haschanged){this.value=''};this._haschanged=true;">Enquiry</textarea>
                    <input type='submit' name='contact' id='contact' class='contact_form_submit' value='Contact Us' />
              </form>
Code: [Select]
<?php
//Check if form is submitted
if(isset($_GET['contact'])) {

//Require check email function
require "check_email.php";

//Variables
$err_name=stripslashes($_GET['name']);
$err_email=stripslashes($_GET['email']);
$err_enquiry=stripslashes($_GET['enquiry']); 

$to="xxx@xxxx.com";
$subject="Website Contact Form";
$from = stripslashes($_GET['name'])."<".stripslashes($_GET['email']).">";
$message = $err_enquiry;
$headers = "From: $from\r\n" .
"MIME-Version: 1.0\r\n" .
"Content-Type: multipart/mixed;\r\n" .
" boundary=\"{$mime_boundary}\"";

//Check all form fields are filled in

if ($_GET["name"]!='' OR $_GET["name"]!='Name' OR $_GET["email"]!='' OR $_GET["email"]!='Email' )  {

if (isValidEmail($_GET['email'])){

//Send Mail
if (@mail($to, $subject, $message, $headers)) {
echo "3 - sent";
}
else{
echo "2 - not";
}

}
else {
echo "1 - not valid";
}

}
else {
echo"0 - Fill in";
}


}
?>


Below is the check email script.
Code: [Select]
<?php
   // This function tests whether the email address is valid  
   function isValidEmail($email){
      $pattern = "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$";
     
      if (eregi($pattern, $email)){
         return true;
      }
      else {
         return false;
      }   
   }
?> 

Please are going to start hating me about this haha.

Hey guys i have been trying to do this for a few hours and my brain is hurting haha hope someone can help. Ok here is what i am trying to do. I have been making a website that allows users to make friends below is my friends table::

NAME: member_friends
id
friend_id << Person who has been sent the friend request
my_id << Person who sent the friend request
friend_since << when did they become friends
is_friend << is set to 0 then friend request pending

and this is the member_topics
message_id
member_id << this stores the id of the member from the members table
message_contents << stores their message
message_date
message_reported << if set to 1 the message has been reported

Ok basically i want the messages to be displayed on the members home page if they are friends, so if my name is JamesDean and i befriended a person called Harry if i post a message i want harry to see this and any other friends i may have. Same goes for their messages.

Sorry if im confusing you stay with me.

Ok here is what i am trying to do (did i mention im fairly new to php so please if im doing something wrong dont hurt me (: )

$query = mysql_query("SELECT * FROM member_friends");
while($row = mysql_fetch_array($query)){
       $friend_id = $row['friend_id']; // Ok this is where i want the while loop to loop through all of my friends
       // Ok set up the new filter im gunna get lost here now
      $sql = mysql_query("SELECT a.*,b.* FROM member_topics as a, member_friends as b WHERE (a.member_id = b.my_id OR a.member_id = b.my_id) 
AND ((b.friend_id = '$friend_id') AND b.my_id = '$my_id') ORDER BY a.message_id DESC");
     // $my_id is a variable created from session so thats ok and the $friend_id i want that to change fromt he first loop so the statement changes for all of my friends.
     // Sorry for the query above i have tried that many i dont even know my gender anymore 
    // So while loop in a while loop i think
     while($row = mysql_fetch_array($sql)){
$message_id = $row['message_id'];
$member_id = $row['member_id'];
$message_contents = $row['message_contents'];
$message_date = $row['message_date'];
$message_type = $row['message_type'];
$message_reported = $row['message_reported];


}
}

something like this hope someone can point me in the right direction before my brain fails thanks in advanced!!!!!!!

I have an array

$INFO = array(
  'joebob' => 'password',
  'fred' => 'password',
  'tom'=> 'password'
);

how can i just do a simple check to see if a name and password match?

something like  if (in_array(can'tthink));

thanks

Help.  I used the great Simple SQL search tutorial provided by this site, but when I tried to customize it for my site, it keeps falling apart.  I am a newbie, but any disgust at my idiocy is fine as long as I find a ball of string to lead me out of the labyrinth.

Here's the code (modified from the tutorial) sans the login information:

$con = mysql_connect($dbHost, $dbUser, $dbPass) or trigger_error("Failed to connect to MySQL Server. Error: " . mysql_error());


mysql_select_db($dbDatabase) or trigger_error("Failed to connect to database {olsendai_ssn}. Error: " . mysql_error());

// Set up our error check and result check array
$error = array();
$results = array();

// First check if a form was submitted.
// Since this is a search we will use $_GET
if (isset($_GET['search']))
   $searchTerms = trim($_GET['search']);
   $searchTerms = strip_tags($searchTerms); // remove any html/javascript.
   
  if (strlen($searchTerms) < 3) {
      $error[] = "Search terms must be longer than 3 characters.";
   }else {
      $searchTermDB = mysql_real_escape_string($searchTerms); // prevent sql injection.
   }

   
  // If there are no errors, lets get the search going.
   if (count($error) < 1) {
      $searchSQL = "SELECT name, ssn FROM simple_search WHERE ";
     
      // grab the search types.
      $types = array();
      $types[] = isset($_GET['name'])?"`name` LIKE '%{$searchTermDB}%'":'';
      $types[] = isset($_GET['ssn'])?"`ssn` LIKE '%{$searchTermDB}%'":'';
 
   
      $types = array_filter($types, "removeEmpty"); // removes any item that was empty (not checked)
     
      if (count($types) < 1)
         $types[] = "`name` LIKE '%{$searchTermDB}%'"; // use the name as a default search if none are checked
     
          $andOr = isset($_GET['matchall'])?'AND':'OR';
      $searchSQL .= implode(" {$andOr} ", $types) . " ORDER BY `ssn`"; // order by ssn.

      $searchResult = mysql_query($searchSQL) or trigger_error("There was an error.<br/>" . mysql_error() . "<br />SQL Was: {$searchSQL}");
     
if ($num_rows < 1 ) {
          echo '<b>No Titles Found.</b><br><br><br>';
} 
      }else {
         $results = array(); // the result array
         $i = 1;
         while ($row = mysql_fetch_assoc($searchResult)) {
            $results[] = "{$i}: {$row['ssn']}<br /><br />{$row['name']}<br /><br />";
            $i++;
         }
      }
   }
 

function removeEmpty($var) {
   return (!empty($var));
}
?>
<html>
   <title>My Simple Search Form</title>
   <style type="text/css">
      #error {
         color: red;
      }
   </style>
   <name>
      <?php echo (count($error) > 0)?"The following had errors:<br /><span id=\"error\">" . implode("<br />", $error) . "</span><br /><br />":""; ?>
      <form method="GET" action="<?php echo $_SERVER['PHP_SELF'];?>" name="searchForm">
         Search For: <input type="text" name="search" value="<?php echo isset($searchTerms)?htmlspecialchars($searchTerms):''; ?>" /><br />
         Search In:<br />
         name: <input type="checkbox" name="name" value="on" <?php echo isset($_GET['name'])?"checked":''; ?> /> |
         ssn: <input type="checkbox" name="ssn" value="on" <?php echo isset($_GET['ssn'])?"checked":''; ?> /> |
         /><br />
                 Match All Selected Fields? <input type="checkbox" name="matchall" value="on" <?php echo isset($_GET['matchall'])?"checked":''; ?><br /><br />
         <input type="submit" name="submit" value="Search!" />
      </form>
      <?php echo (count($results) > 0)?"Your search term: {$searchTerms} returned:<br /><br />" . implode("", $results):""; ?>
   </name>
</html>

When I try this, it gives me this message:

Parse error: syntax error, unexpected '}' in /home/olsendai/public_html/sqlfour.php on line 65.

Help.  Please!

It seems simple, but when I remove the unexpected '}', it comes back with this error - before I have even used the search feature

Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/olsendai/public_html/sqlfour.php on line 60
The following had errors:
Search terms must be longer than 3 characters.

I've been trying to wrap my head around this for about two hours now. The file uploads just fine, the entry goes into the database just fine, EXCEPT for the file name like it's supposed to do. I wrote the code from scratch... it worked fine, then it broke (that's the way it's supposed to work, right?)
Anyways, if anyone could take a look-see and point out what I'm missing? I've tried throwing errors on all the queries, I've made sure the filename is passed from the upload form, the form does have the proper enctype.

require 'dbconfig.php';
$title = escape($_POST['title']);
$content= escape($_POST['content']);
$time = time();

//Check the file.
if (!empty($_FILES['attachment'])) {


//$filename = the name as saved on user's the computer.
//$filename = $_FILES['attachment']['name'];
if($_FILES['attachment']['type'] === 'image/jpeg' || $_FILES['attachment']['type'] === 'image/jpg' || $_FILES['attachment']['type'] === 'application/pdf') {
//Move the file only if it's uploaded.
if (is_uploaded_file($_FILES['attachment']['tmp_name'])) {
//Whoops, an error.
if (!move_uploaded_file($_FILES['attachment']['tmp_name'], './attachments/' . $_FILES['attachment']['name'])) { die('Error: File not uploaded. Please make sure it is a JPEG image or a PDF document.'); }
else {
$filename = $_FILES['attachment']['name'];
}
}
}
}

if( $filename = '' || empty($_FILES['attachment'] )) {
die('No attachment found. Please <a href="javascript: history.go(-1)">Go back</a>');
}

if ($title === '') {
die('News title is empty. Please <a href="javascript: history.go(-1)">Go back</a>');
}
if ($content === '') {
die('News content is empty. Please <a href="javascript: history.go(-1)">Go back</a>');
}

else {
if (mysql_query("INSERT INTO news (news_title, news_content, news_posted, news_edited, news_attach_path) VALUES ('$title', '$content', '$time', '0', '$filename')") or die(mysql_error())) {
$posted = true;
}
else {
$posted = false;
}
}


?>

Okay guys.

My brain has completely froze and I can't figure out how to do this.

I have one date, that is somewhat static it doesn't change regularly but it changes. Anyway let's say this timestamp is:

2011-07-12 10:30:00

and the current timestamp is

2011-07-13 10:30:00

That's exactly a day difference, which will produce 86400 seconds.

How would I write this in PHP?

I have been reading most spambots use UTC-12 timezone and PHbb has a hack to block UTC-12, but I dont have the file

I am looking to get the UTC ( or GMT ) time from the referring page

any ideas?

How is it that a site can forward to my site without a trace?

www.2mysite.com is forwarding traffic to www.mysite.com but

$page_name = $_SERVER['HTTP_REFERER'];
echo $page_name;

does not show www.2mysite.com as the referring site...how does one hide this?

Help?

I draw contents from a database. Some of the texts contain a footnote, which is formatted using a div class. Following the HTML of this:

<div class=""footnotes"">
<br>
<hr align=""left"" noshade=""noshade"" size=""1"" width=""150"" />
      <blockquote> <a href=""#f1"" name=""fn1""> <span class=""superscript""> * </span>

        </a>Some footnotetext</blockquote></div>

Since my bibliography uses data from the database as well, the footnote now appears before the references, but I would like it at the very bottom of the page. I was thinking of using preg_replace in order to separate the textfield into two variables, one for the text itself, the other one for the footnote (it is always just one) and integrate after the bibliography is compiled.    Unfortunately, it seems that the preg_replace does not work. It always displays the whole content of the textfield. Here's the PHP:

$text = preg_replace('/(.*)(\div class=\"footnotes\"\>.*?\<\/div\>)/s', '$1', $result['text']);$footnote = preg_replace('/(.*)(\div class=\"footnotes\"\>.+?\<\/div\>)/s', '$2', $result['text']);

echo '<div align="justify"><span style="font-family:Georgia;font-size:16px;">' . $text;

***BIBLIOGRAPHY***

...

echo $footnote; 

Maybe someone has an idea how to deal with that. I tried it on phpliveregex. There search string works fine. Many thanks for any help.

how to block someone from visiting my page using ip adress ?
this is the case
if someone come to my site then we record the ip address and put it into database.
when the visitor come again with the same IP they cannot see my page (block them) and redirect it to somewhere page.

Hey Guys,
 
Hope you are all having a great day

I was hoping somebody could help me with preventing my blog from being attacked by SQL Injection. I made a simple blog in using PHP and MySQL but I keep getting spam comments (even though I use re-captcha) and some files were overwritten on my web server. For all my input I use mysql_real_escape_string but I still get the problem.

I found a video on youtube that showed how to enter stuff on the address bar like "order by 2--" and "union all select...." after passing a variable etc, and all of the things in the video could be replicated on my site   I am guessing that is my problem, but the video did not tell me how to resolve the issue and I am sick of having to delete hundreds of spam comments per day and check my web server for uploaded files.
 
How can I stop people adding these commands to the address bar and getting data from my database?  I really need your help
 
Thanx,
 
Jen

Hey   Need help i am having a mental block   when I fill in the form and click send it sends the form but looks like this

Name: , 
Email: , 
Subject: , 
Message:

the form data is 

<?php
$name = $_POST['name'];
$email = $_POST['email'];
$subject = $_POST['subject'];
$message = $_POST['message'];

$formContent = "From: $name, \n Email: $email, \n Subject: $subject, \n Message: $message";
$recipient = "email@email.com";
$subject = "Website Request";
$mailheader = "Website \r\n";
mail($recipient, $subject, $formContent, $mailheader);
echo "Your message was sent" . " - " . "<a href='index.html' style='text-decoration: none; color: #d03837;'>Return Home</a>";
?>

Anyone with any ideas

In PHP?

Let's say I'm going off of:
width x height





So this is 2x1

2x1

2 blocks across, 1 block height.

How do I check this against other blocks in php to see if the 2x1 will overlap another set of dimensions dynamically?

Am I over thinking this?
Edited by Monkuar, 24 January 2015 - 12:08 PM.