PHP - Why Is It Making A Staircase With The Images And Not Allowing Them To Sit By Each Other
.dropbtn { background-color: #4CAF50; color: white; padding: 10px; font-size: 16px; border: none; } .dropdown { position: relative; display: inline-block; } .dropdown-content { display: none; position: absolute; background-color: #f1f1f1; min-width: 800px; box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2); z-index: 1; } .dropdown-content img { width: 32px; height: 32px; margin: 3px; position: relative; float: left; } .dropdown-content a { color: black; padding: 12px 16px; text-decoration: none; display: block; } .dropdown-content a:hover {background-color: #ddd;} .dropdown:hover .dropdown-content {display: block;} .dropdown:hover .dropbtn {background-color: #3e8e41;} /* HIDE RADIO */ [type=radio] { position: absolute; opacity: 0; width: 0; height: 0; } /* IMAGE STYLES */ [type=radio] + img { cursor: pointer; } /* CHECKED STYLES */ [type=radio]:checked + img { outline: 2px solid #f00; } <div class="dropdown"> <button class="dropbtn">Dropdown</button> <div class="dropdown-content"> <form name="form" action="icons-submit/submit_icon-default.php" method="post"> <input type="radio" id="icon_default" name="icon_default" value="icons/default.jpg" onchange='if(this.value != 0) { this.form.submit(); }'> <img src="icons/default.jpg"> <input type="text" id="id" name="id" value=" . $row['id'] . " style="background: transparent;border: none;font-size: 0;"> </form> <form name="form" action="icons-submit/submit_icon-default.php" method="post"> <input type="radio" id="icon_default" name="icon_default" value="icons/default.jpg" onchange='if(this.value != 0) { this.form.submit(); }'> <img src="icons/default.jpg"> <input type="text" id="id" name="id" value=" . $row['id'] . " style="background: transparent;border: none;font-size: 0;"> </form> <form name="form" action="icons-submit/submit_icon-Grass_Block.php" method="post"> <label> <input type="radio" id="icon_grass-block" name="icon_grass-block" value="icons/Grass_Block.png"onchange='if(this.value != 0) { this.form.submit(); }'> <img src="icons/Grass_Block.png"> </label> <input type="text" id="id" name="id" value=" . $row['id'] . " style="background: transparent;border: none;font-size: 0;"> </form> <form name="form" action="icons-submit/submit_icon-gear.php" method="post"> <label> <input type="radio" id="icon_gear" name="icon_gear" value="icons/Gear.png"onchange='if(this.value != 0) { this.form.submit(); }'> <img src="icons/Gear.png"> </label> <input type="text" id="id" name="id" value=" . $row['id'] . " style="background: transparent;border: none;font-size: 0;"> </form> </div> </div>
Similar TutorialsI have code written for image uploading, but it doesn't allow multiple images on a single upload, and doesn't re-size. Anyone willing to share a good upload script that will do the following?: -Allow multiple image uploads (10+ per submission), -Re-size images on upload, and -Rename images. Thanks Brett Not sure if this is the correct subsection, I CTRL + F'd the first page and didn't see FTP
I'm interested in backing up data, I'm building a social media type website and I need to back up data. I don't have a lot of money at the moment so I would like to back up to my own computer/external hard drive... doesn't seem smart I guess but it is a solution for now
I currently use linux / have apache on my local machine but on my hosting service provider they use Apache as well
Their backup options seem "word for dumb" and I can't have that, imagine how much data would be lost if it didn't back up within minutes rather than 10 days or some stupid figure like that...
I mean... maybe I'm missing something, how else would it be done?
I expect the site to have life pretty much at every passing moment of time and if the site goes down for even 5 minutes... how many megabytes of data or more did I just lose?
Anyway, my laptop/external hard drive seems dumb but it is relative to my situation as I am currently testing out my ventures with a shared VPS (as in 3 different domains pointing to that website) and the space I have is 90 GB, between my external hard drive and laptop I have more than that.
I suppose I should "trust" in the professionalism of my service provider but the fact that their back up system is literally like every 10 days and I have to pay $150 to retrieve my data... I don't even understand the pricing on that... what is the difference if they backed up terabytes as opposed to petabytes, is it still the same $150.00?
Anyway, I'd appreciate any help, or I'll just search elsewhere later on when this topic becomes relevant again
(hmm I don't present myself well I realize that)
I've set up a staging server with Ubuntu 14.04, Apache, PHP, and MySQL, and I'm having a configuration issue that I need to resolve.
index.html uses a server side include. I was required to change the shtml file it references to a php file, but it's not working properly.
When my webpage uses the code:
<?php include ("footer.shtml"); ?>
then the page loads correctly
However, when I change it to:
<?php include ("footer.php"); ?>
then I instead see a message stating,
"This attachment was removed because it contains data that could pose a security risk."
I can't determine which configuration file I need to change, and what the change needs to be.
I was wondering if there was a way to allow users to input there own HTML and CSS in like a members only site using PHP? If so, how would it be done? Would someone tell me how to allow foreign letters, normal english letters and numbers using the preg_replace php function? Hey, I've created a messaging system for my site and I'm trying to make it so that a copy of the original message is included and automatically put into the message content box when somebody clicks to reply. I've done this literally just by making the "reply" button into a form which also posts the content of the message from the previous page and puts it into the content box. However I have some issues with it: firstly, wherever ' is used, it becomes \' and wherever " is used, the whole of the rest of the message is blanked out. Can anybody point me in the direction of the solutions I might need to make it so that ' and " both appear normally without cutting the rest of the message off? Thanks in advance & let me know if anything is missing! There are websites like Soundcloud, Soundclick, MySpace and more.
The Question:
How to not get a law suite as a website owner when copyright protected music or in other words music from the retail has gotten uploaded?
Will moderating it and having it frequently taken down do the job?
I know that the users themselves could get researched too. The site owner could get requested to give out IP addresses. Though, I kept this separately from that question.
I basically would be looking to be safe and not get a law suite.
I would appreciate the suggestions a lot.
Hy! Any help on this topic would be much appreciated. Here is the deal. I need to redirect some countries to another URL. But I need to allow a free access for search engine's bots even if they come from those countries. Here is what I did until now: Used MaxMind PHP API and databases to establish redirect. And then tried to modify the code to redirect ONLY if user is from blocked country AND IS NOT allowed crawler... suprise suprise, it's not working as I imagined:)! Here is the code so far: #!/usr/bin/php -q <?php // This code demonstrates how to lookup the country by IP Address include("geoip.inc"); // Uncomment if querying against GeoIP/Lite City. // include("geoipcity.inc"); $gi = geoip_open("GeoIP.dat",GEOIP_STANDARD); $country = geoip_country_code_by_addr($gi, $_SERVER['REMOTE_ADDR']); geoip_close($gi); $my_countries = array('de', 'se', 'no', 'ee', 'it', 'lv', 'cz', 'dk', 'sk', 'at', 'ch', 'lu', 'nl', 'es', 'hu', 'sg', 'gr', 'ua', 'fi', 'ru', 'cn', 'hk', 'my', 'id', 'us', 'ar', 'mx', 'ec', 'cr', 'py', 'br'); $allowed_spiders = array('Googlebot', 'Yammybot', 'Openbot', 'Yahoo', 'MSNbot', 'Ask Jeeves', 'Teoma', 'Architext spider', 'FAST-WebCrawler', 'Slurp', 'Yahoo Slurp', 'ia_archiver', 'Scooter', 'crawler@fast', 'Crawler', 'InfoSeek sidewinder', 'Lycos_Spider_(T-Rex)'); $agent_name = $_SERVER['HTTP_USER_AGENT']; if (in_array(strtolower($country), $my_countries)) { foreach($allowed_spiders as $s){ if(!strpos($s,$agent_name)){ header('Location: www.REDIRECT URL.com'); } } exit; } ?> How I imagined this code should work is: First check from where is user coming. Then compare GeoIP shortcode for country to shortcodes for banned countries. AND then if traffic is indeed from banned country also check if user agent name has anything in it from an array of allowed spider names (Googlebot can be Googlebot, or Googlebot/2.1 for an example). And if it's not allowed spider then redirect user to another address. I tried many variations of this but nothing seems to work. Each time that I tried to fetch page as a googlebot in webmaster, I got 302 redirection. Any help or guidance here MUCH appreciated. Thank you PHP JEDI in advance !! hi i was wondering how i would make a website that allowed a user to login and edit there website ... like im a hoster and they can have a webpage on my server... how would i do this? allow them to create a database , and use all types of code? please help me this is important , if i didnt explain good enough please tell me I have text with an apostrophe (Bill's car) that has been encrypted and decrypted, then inserted into a database. After it is decrypted but before inserting it, I process it with $field1 = mysqli_real_escape_string($cxnA, $field1) When I insert the field and view it in MySQL Query Browser, it shows the converted apostrophe: Bill's car When I select on the field Code: [Select] select * from table1 where field1='Bill\'s car'this returns no records I have to use Code: [Select] select * from table1 where field1='Bill's car'to get the record, which is very inconvenient If I display this field in a browser using <input type='text' name=field1 value='".htmlentities($field1Value, ENT_QUOTES, 'UTF-8')."' maxlength='50'> I get - Bill's car - in the browser, which is not what I want. I have to use <input type='text' name=field1 value='".htmlspecialchars_decode(htmlentities($field1Value, ENT_QUOTES, 'UTF-8'), ENT_QUOTES)."' maxlength='50'> to get Bill's car to display. The strange thing is that when I echo field1 before it is inserted, it shows Bill's car. I have even tried the following to get it to insert the proper value: $field1 = htmlspecialchars_decode(mysqli_real_escape_string($cxnA, $field1), ENT_QUOTES); but this doesn't work either. How do you prevent this from happening? Thanks. Hello Guys, I check the price field on the server side and I am trying to figure out how to allow a comma in the price field example 2,300 Here is the code I use to check the price. Code: [Select] function check_Price($price,$member_id,$description,$ip){ if (isset($price) && (!is_numeric($price))) { do something here } } Thanks in Advance! Dan Hey guys, OK, so actually I have two questions that are kind of related. The first one is how I can allow users to use <i>, <b>, <strong> tags when submitting information in a form. I would like to allow certain tags so they can emphasize things in their text, but I still want to strip the rest for security reasons. I tried using strip_tags() with some exceptions as a second parameter, but as far as I understand, that just allows them to be displayed as text, not for the browser to make text bold for instance. Below is what I have now. function stripdata($data) { return trim(htmlentities(stripslashes($data), ENT_QUOTES)); } echo stripdata($someDataFromMySQL); I also want to ask if the solution above is 100% safe so that users can not submit malicious code that can execute when users' visit a page of mine that displays that code. Thank you in advance. I would like to allow special characters in my script like: ஆஇஊஎஐஓ But I don't want to allow HTML like: <b>bold</b> At first I was using htmlentities() when PRINTING OUT (NOT when or before inserting in the query) . Data shows up in MySQL as ᇋᇄᇝᇠᇤᇢᇦ And it was also printed out that way, I'd like to have it translated into it's actual form (ஆஇஊஎஐஓ), yet I don't want <b>bold</b> to be translated as well, I want it to stay <b>bold</b> Is there any way I can do this? I also tried htmlspecialchars() but that didn't do the trick either. If you need script examples let me know. EDIT: To bring it to the point, I want it to be just like in this forum post. The special chars are showing up, and the html is just being printed as <b></b>. I know the title is a bit confusing but I wasn't exactly sure how to describe my issue and none of my numerous searches online and here returned any positive results for a solution. What I'm trying to do is allow a user to 'choose' one set from multiple sets of numbers for inclusion into the database. The image below should with the visualization of my goal. As you can see from the above image, there's a "button" to the right that states "keep this set". My goal is to allow the user to click the button and the corresponding set of values is then entered into the database as a string (the values aren't being used in any calculations afterwards just being displayed on screen.) The following code below works for auto-insertion if there's only one set generated but nothing I've attempted so far works when it comes to allowing the user to choose one set they'd like entered. <?php additional code here... echo '<table><tr><td>'; for($i=1; $i<=$Sets; $i++){ $Stat_Results = GenStats($uId, $StartSet, $SetOption); echo "Stat values for ".$SetGenerated[$i]; foreach($Stat_Results as $key => $DisplayStats){ echo $DisplayStats.', '; } if($Sets == 1){ $SetResults = implode(',',$Stat_Results); DB_Insert($uId, $SetResults, $TimeStamp); }else if($Sets >= 2){ echo "</td><td> => <input type='button' name='submit' value='keep this set'></td> <tr><td>"; } } echo '</td></tr></table>'; ?> html below here....Variables: $sId, $StartSet, $SetOption, $Sets, $uId, and $TimeStamp are all set in a section not shown in this snippet. I've tried Javascript but too be honest, I'm not all that familiar with it (though I am trying to become more fluid in it) and I've went so far as to try to create the multiple sets as a dropdown box thinking the user could simply select it from there and it be treated as a dynamic form and php would do the rest. But that didn't work either. The form button for submission is the remnant of the <select> list I tried to generate. The form is no longer there. I left the button in to generate the image you see above and has since been removed from the actual code. I admit, I'm stuck and need some guidance because I can't seem to make this work no matter what I do. I realize $Stat_Results is a multidimensional array and contains all the values of each set in their respective array, but so far, I'm at a stand still on properly retrieving those values for insertion. Thanks to all who read and attempt to help! Edited by Cryotech, 01 December 2014 - 03:08 PM. My server is Linux/Apache/PHP.
When a file is uploaded, I use PHP's finfo_open to confirm that the file have the correct file extension matches and delete them if it doesn't match. I also which file mimi types and size could be uploaded.
Things I do with the files include:
Upload user's files and store them in some public directory (/var/www/html/users_public_directory/), and allow other users to directly download them.
Upload user's files and store them in some private directory (/var/www/users_private_directory/), and allow other users to download them using X-Sendfile.
Upload user's ZIP files and convert them to PDF files (unzip the ZIP file, and uses Libreoffice and Imagemagick's convert to convert them to PDFs).
From the server's prospective, what are the risks of allowing users to upload files? Are there some file types which are more dangerous to the server? Could they be executed on the server, and if so, how could this be prevented?
I am trying to allow the user to update a variable he chooses by radio buttons, which they will then input text into a box, and submit, to change some attributes. I really need some help here. It works just fine until I add the second layer of variables on top of it, and I can't find the answer to this question anywhere. <?PHP require('connect.php'); ?> <form action ='' method='post'> <select name="id"> <?php $extract = mysql_query("SELECT * FROM cars"); while($row=mysql_fetch_assoc($extract)){ $id = $row['id']; $make= $row['make']; $model= $row['model']; $year= $row['year']; $color= $row['color']; echo "<option value=$id>$color $year $make $model</option> ";}?> </select> Which attribute would you like to change?<br /> <input type="radio" name="getchanged" value="make"/>Make<br /> <input type="radio" name="getchanged" value="model"/>Model<br /> <input type="radio" name="getchanged" value="year" />Year<br /> <input type="radio" name="getchanged" value="color" />Color<br /><br /> <br /><input type='text' value='' name='tochange'> <input type='submit' value='Change' name='submit'> </form> //This is where I need help... <?PHP if(isset($_POST['submit'])&&($_POST['tochange'])){ mysql_query(" UPDATE cars SET '$_POST[getchanged]'='$_POST[tochange]' where id = '$_POST[id]' ");}?> I havent included the whole title as it wouldnt let me but I was wondering if someone could help me on this? I know this is possible as torrentflux caters for this but unsure of where to start. I dont want to allow file or directory uploads or creation in my /etc/php.ini file (this is turned off). Yet then torrentflux allows me to link a torrent from an external source (using legal downloads of course ) but then it uploads it on my server and creates folders on a per user basis. How is this possible can someone give me some pointers please? I look forward to any replies, Jeremy. I have this script from http://lampload.com/...,view.download/ (I am not using a database) I can upload images fine, I can view files, but I want to delete them. When I press the delete button, nothing happens
http://www.jayg.co.u...oad_gallery.php
<form>
<?php $dir = dirname(__FILENAME__)."/images/gallery" ; $files1 = scandir($dir); foreach($files1 as $file){ if(strlen($file) >=3){ $foil = strstr($file, 'jpg'); // As of PHP 5.3.0 $foil = $file; $pos = strpos($file, 'css'); if ($foil==true){ echo '<input type="checkbox" name="filenames[]" value="'.$foil.'" />'; echo "<img width='130' height='38' src='images/gallery/$file' /><br/>"; // for live host //echo "<img width='130' height='38' src='/ABOOK/SORTING/gallery-dynamic/images/gallery/ $file' /><br/>"; } } }?> <input type="submit" name="mysubmit2" value="Delete"> </form>
any ideas please?
thanks
What kinds of things can I do to make Logging-In and being Logged-In *secure*?? I get the whole form validation thingy, but what about from the standpoint of how/where I store data in my database and how I keep track of who is logged in and where they can go, and so on? Thanks, Debbie Hi, I am trying to make a search based on information about a user in the database. Here is my code so far, notice any words like "and" or "the" in a multiword entry would mess it up. Any advice greatly appreciated. Ideally I would like a list of the matches by user name, and put the word "match" next to the matching data, because I used the OR statement it is going to bring back all of the user's info if one of the criteria matches. Any tutorials on the subject or keywords for google would be greatly appreciated. thanks. here is the search code. Code: [Select] <?php ini_set ("display_errors", "1"); error_reporting(E_ALL); $host = " ; $database = " "; $username = " "; $password = " "; $tbl_name = "users"; $conn = mysql_connect($host, $username, $password) or die("Could not connect: " . mysql_error()); if($conn) { mysql_select_db($database); echo "connected to database!!"; } else { echo "failed to select database"; } //include('bouncer.php'); //$currentUser = $_SESSION['myusername']; if(isset($_POST['submit'])) { $dob = mysql_real_escape_string( $_POST['dob']); $gender = mysql_real_escape_string( $_POST['gender']); $ethnic = mysql_real_escape_string( $_POST['ethnic']); //THE SEARCH FUNCTION $sql = mysql_query ( "SELECT * FROM users WHERE dob LIKE '%$dob%' OR gender LIKE '%$gender%' OR race LIKE '%$ethnic%' OR dob LIKE '%$dob%' ") or die(mysql_error()); $result = mysql_query($sql) or die( "<br>Query: $sql<br>Failed with error: " . mysql_error() ); if (!$result) { echo "Could not successfully run query ($sql) from DB: " . mysql_error(); exit; } if (mysql_num_rows($result) == 0) { echo "No rows found, nothing to print so am exiting"; exit; } // While a row of data exists, put that row in $row as an associative array // Note: If you're expecting just one row, no need to use a loop // Note: If you put extract($row); inside the following loop, you'll // then create $userid, $fullname, and $userstatus while ($row = mysql_fetch_assoc($result)) { echo $row["dob"]; echo $row["gender"]; echo $row["race"]; } }//if(isset($_POST['submit'])) ?> <html> <body> <p>Login Successful</p> <p> </p> <form action="login_success7.php" method="post"> <p> <input name="dob" type="text" size="20" id="dob" /> Date of Birth<br /> <input type="text" name="gender" size="20" id="gender" /> Gender <br /> <input type="text" name="ethnic" size="20" id="ethnic" /> Ethnicity <br /> <input type="submit" name="submit" value=" search" /> <input type="reset" value="Reset fields" /> </p> </form> </body> </html> |