PHP - Pdo - Use Existing Connection?

I would like to support UTF-8 on my website but am unsure - and quite fearful - whether it will break my existing code or not?!

I looked at http://us3.php.net/mbstring(), but worry that I'm going to miss something.

Here is some sample code where I think things could easily break...

// Trim all Form data.
$trimmed = array_map('trim', $_POST);


// ************************
// Validate Form Data. *
// ************************

// Validate First Name.
if (empty($trimmed['firstName'])){
// No First Name.
$errors['firstName'] = 'Enter your First Name.';
}else{
// First Name Exists.
if (preg_match('#^[A-Z \'.-]{2,30}$#i', $trimmed['firstName'])){
// Valid First Name.
$firstName = $trimmed['firstName'];
}else{
// Invalid First Name.
$errors['firstName'] = 'First Name must be 2-30 characters (A-Z \' . -)';
}
}//End of VALIDATE FIRST NAME


// Validate Username.
if (empty($trimmed['username'])){
// No Username.
$errors['username'] = 'Enter your Username.';
}else{
// Username Exists.
if (preg_match('~(?x) # Comments Mode
^ # Beginning of String Anchor
(?=.{8,30}$) # Ensure Length is 8-30 Characters
.* # Match Anything
$ # End of String Anchor
~i', $trimmed['username'])){
// Valid Username.


// ******************************
// Check Username Availability. *
// ******************************

// Build query.
$q1 = 'SELECT id
FROM member
WHERE username=?';

// Prepare statement.
$stmt1 = mysqli_prepare($dbc, $q1);

// Bind variable to query.
mysqli_stmt_bind_param($stmt1, 's', $trimmed['username']);

// Execute query.
mysqli_stmt_execute($stmt1);

// Store results.
mysqli_stmt_store_result($stmt1);

// Check # of Records Returned.
if (mysqli_stmt_num_rows($stmt1)>0){
// Duplicate Username.
$errors['username'] = 'This Username is taken.  Try again.';
}else{
// Unique Username.
$username = $trimmed['username'];
}
}else{
// Invalid Username.
$errors['username'] = 'Username must be 8-30 characters.';
}
}//End of VALIDATE USERNAME



Three possible areas where I could run into trouble are with...

1.) array_map

2.) preg_match

3.) Prepared Statements


For #2, I see there is mb_ereg_match but I am not sure if I just replace my current Regex function with that one, or if there is more involved.

I'm not sure if any problems would arise with #1 or #3 or elsewhere, and would really appreciate a second set of eyes on this code!!

requinix said switching is a good idea, but I'm pretty freaked out that I'm going to break things and create a big security hole?!   

Any help would be appreciated!!

Thanks,


Debbie

Hi all,

 I have PDF file online i want to edit dynamic footer and page no. at the end of page.
Can anyone help me ?


thanks in Advance.
Manoj

Hi guys,

using the code below within an admin panel to create a drop down allowing the user to select the profiles they wish to assign to the record they're creating, problem we have is that once a record is created, if they need to edit it for what ever reason the selected profile option isn't sticking. I've played around with lots of variants of if existing_record to try and get it add selected="selected" into the code but failed at every attempt, any advice gratefully received.

Code: [Select]
<?php

// List only breeder profiles in the database

  echo '<select name="profile" class="textinput noborder">';
  echo '<option value="any">Any</option>';

        $qryGetDistinctProfile = "SELECT * FROM profiles ORDER BY title ASC";
        $resGetDistinctProfile = mysql_query($qryGetDistinctProfile,$connection) or die(mysql_error());

        if(mysql_num_rows($resGetDistinctProfile) > 0){

$id       =  mysql_result($resProfile, 0, "id");
          
         while ($row = mysql_fetch_assoc($resGetDistinctProfile)){
           
          echo  '<option value="'.$row['id'].'" >'.$row['title'].'</option>';

         }

        }

  echo '</select>';
?>

<?php
if(!isset($_SESSION))
{
session_start();
}
// UNCOMMENT NEXT LINE TO PRINT THE $_SESSION ARRAY TO THE SCREEN . . .
// echo '<pre>'; print_r($_SESSION); echo '</PRE>';
if(empty($_SESSION['userID']) || $_SESSION['authorized'] != true ) {



header("Location: login.php");



exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html lang="EN" dir="ltr" xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta http-equiv="content-type" content="text/xml; charset=utf-8" />
<meta http-equiv="refresh" content="5;url=editprofile.php">
    <title>Saving Profile</title>
  </head>

  <body>
<?php
require_once ("dbconn.php");
?>
<?php
$userID = $_SESSION['userID'];
$insert_query = 'insert into users WHERE userID='$userID'(
aim,
msn,
yim,
psnID,
xblGamertag,
otherContact
) 
values
(
"' . $_POST['aim'] . '", 
"' . $_POST['msn'] . '",
"' . $_POST['yim'] . '",
"' . $_POST['psnID'] . '",
"' . $_POST['xblGamertag'] . '",
"' . $_POST['otherContact'] . '"
)';

mysql_query($insert_query);

?>
Your profile has been saved!  You will now be redirected from where you came from.
<br /><a href="editprofile.php" title="Click here if you don't want to wait">Click here if you don't want to wait.</a>
  </body>
</html>

It creates a new record but I want it to update an existing one.  It's an editprofile script.

Okay so I have a time in the format yyyy-mm-dd that is pulled from a MySQL array row and I need to add one month to it then echo that out. I assume it has something to do with the strtotime() and date() functions but I have tried every combination and cannot figure it out. Can I get some assistance please and thank you? Very very very new to php.

Here is what I have lol;
Code: [Select]
$row=mysql_fetch_array($result);
$ddaterow=$row['donation_date'];
Like I said the date will always be in the format yyyy-mm-dd

Hello All!

I was hoping one of you phpFreaks could help me out

I have the following code that produces links from a database. Certain sets of results have over 3000 links. I can currently set the amount of links to display per page but that's it.

I would like to be able to truncate the links to all the pages using pagination.

Any help would be greatly appreciated!

Here is the code:

<?php 
 
echo "Results<br><HR WIDTH=100% SIZE=1><br>";
mysql_connect("mysite.com", "mysite_mysite", "mysitepassword") or die(mysql_error()); 
mysql_select_db("user_database") or die(mysql_error()); 
 

 if (isset($_GET['pagenum']))
 {
  $pagenum = $_GET['pagenum'];
 } else
 {
  $pagenum = 1;
 } 
 
$rpg = $pagenum;
$data = mysql_query("SELECT * FROM mydb WHERE mfg='golf'") or die(mysql_error()); 
$rows = mysql_num_rows($data); 
$page_rows = 80; 
 
$last = ceil($rows/$page_rows); 
 
 if ($pagenum < 1)
  {
   $pagenum = 1;
  } 
 elseif ($pagenum > $last) 
  {
   $pagenum = $last;
  } 
 
$max = 'limit ' .($pagenum - 1) * $page_rows .',' .$page_rows; 
$data_p = mysql_query("SELECT * FROM mydb WHERE mfg='golf' $max") or die(mysql_error()); 
 
 while($info = mysql_fetch_array( $data_p )) 
  { 
   $page=$info['link'];
echo "<a href='$page' class='blue1'>". $info['title'] . "</a><br>"; 
  } 
   echo "<p>";
 
if ($pagenum > $last) 
  {$pagenum=1;} 
else
 { 
  echo "<HR WIDTH=100% SIZE=1><br>";
  $pagenum = 1;
    while ($pagenum <= $last)
    {
       $next = $pagenum;
       echo " <a href='{$_SERVER['PHP_SELF']}?pagenum=$next' class='g5'>$pagenum</a> ";
       $pagenum = $pagenum+1;
      
    }
  Echo "<br><br>Page $rpg of $last <br>";
 }

?>

Simple insertion of pagination would be GREAT! Thanks guys....

Hello,   First time asking technical question in a forum so I beg pardon for errors.   I have a third party blog module installed on opencart. The original coder helped me to fix some bugs, but he is not answering anymore to emails. I would like to add a simple pagination to the "latest articles"  part, because at the moment the website display the exact number declared in "article limit" and does not show pagination if articles shown are less than the total.   the code from "article_by_type.php" line 85  is the following:

/*recent_article*/

        if ($setting['article_type']=='recent_article') {

        $data = array(

                    'sort'  => 'p.date_added',

                    'order' => 'DESC',

                    'start' => 0,

                    'limit' => $article_limit

                );

        

                $articles = $this->model_news_article->getArticles($data);

        }

another file "article_list.php" at line 88 and 214 already have pagination:  

$this->data['article_ajax_load'] = $this->getArticle($article_category_id,$page,$limit,$description_limit);

                    

            $pagination = new Pagination();

            $pagination->total = $article_total;

            $pagination->num_links = 3;

            $pagination->page = $page;

            $pagination->limit = $limit;

            $pagination->text = $this->language->get('text_pagination');

            $pagination->url = 'index.php?route=module/article_list/getlist&cpath='.$article_category_id. '&page={page}'.'&limit=' .$limit;

        

            $this->data['pagination'] = $pagination->render();

  can anyone help add pagination to "article_by_type.php" or adapt the existing pagination code to it ? Attached Files  article_by_type.php   6.23KB   0 downloads  article_list.php   10.2KB   0 downloads

I need some guidance in regards to adding Login with Facebook.   Is this something which is easily done? Currently, I'm using UserCake:   http://usercake.com/   How much testing and QA is necessary for this type of work?

EDIT: sorry - new to posting guidelines - using XAMPP with mysql 5.1.44 (I think this is correct!!)

Newbie question he I have successfully created a form that that displays students (based on a selected lesson/group/date) with the ability to enter scores.

I'm now trying to set the form up so that if data already exists then it is displayed in the form.

Eg: if a member of staff choses group 7AS, lesson 1, 24/09/2010 and another member of staff has entered a score already for one student it shows up in the <select> drop down by using
Code: [Select]
<option>" . $scorevalue . "</option>

I had this working at one point but have made a change somewhere and cannot get it working again! can anyone spot an obvious mistake I am making?

The code I am using is as follows:
Code: [Select]
<input type="hidden" name="tutor" value="<?php echo $_GET["tutor"]; ?>" />
<input type="hidden" name="date" value="<?php echo $_GET["date"]; ?>" />
<input type="hidden" name="lesson" value="<?php echo $_GET["lesson"]; ?>" />


<?php

error_reporting(-1);

$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("lakeside", $con);

$result = mysql_query("SELECT students.admin, students.fname, students.surname, students.tutor
FROM students
WHERE tutor='$_GET[tutor]' 
ORDER BY students.tutor, students.surname");


echo "<table class='scores'>
<tr>
<th>Admin</th>
<th>Firstname</th>
<th>Surname</th>
<th>Tutor</th>
<th>Score</th>
<th>Code</th>
<th>Comment</th>
</tr>";

while($row = mysql_fetch_array($result))
  {
  
$sqlstatement = "SELECT * FROM scores where admin = '" . $row['admin'] . "' and lesson = '" . $_GET[lesson] . "' and date = '" . $_GET[date] . "' ";
$scorevalue = mysql_query($sqlstatement);  



echo " . $score . ";

while($rowvalue = mysql_fetch_array($scorevalue))
{
$score = $rowvalue['score'];
$comment = $rowvalue['comment'];
$code = $rowvalue['code'];
}
  
  
  echo "<tr>";
  echo "<td>" . $row['admin'] . "</td>";
  echo "<td>" . $row['fname'] . "</td>";
  echo "<td>" . $row['surname'] . "</td>";
  echo "<td>" . $row['tutor'] . "</td>";

  echo "<td><select name='score"  . $row['admin'] . "' value='{$row['score']}' />
   <option>" . $scorevalue . "</option>
   <option>0</option>
   <option>1</option>
   <option>2</option>
   <option>2.5</option>
   <option >3</option>
   <option>3.5</option>
   <option>4</option>
   </select>
   </td>";

My root directory (in the actual file system) has several subdirectories, one of which is a "main" site, while the others are individual user sites. Every subdirectory has their own .htaccess file, but it's the root .htaccess file that is the topic. I have tried to create rewrite rules myself, but I can't get the rewrite conditions to properly check for the folder existing.   /main/lots-of-files /homer/lots-of-files /marge/lots-of-files /bart/lots-of-files /lisa/lots-of-files /maggie/lots-of-files /.htaccess   So this is the root of my web server. When I go to sites.example.com I see the directory listing above. I want sites.example.com to point to "/main/" instead of "/". Not only that, but I want everything not specifically pointing to any user dubdirectory to rewrite to /main/.   These should not rewrite to /main/, because these directories exists in root*: /homer/index.php /marge /lisa/pictures/profile.gif   * The files may not exist in those positions, as /homer/, /marge/, /bart/, /lisa/ and /maggie/ all has a .htaccess file with their own rewrite rules.   These should rewrite to /main/: / /philip /bender/bending/rodriguez.php /basically/anything-not-existing-as-a-directory /some-file.txt
Edited by Berre, 07 January 2015 - 12:17 PM.

Hi I'm currently experiencing a problem with my query. I've used the `INSERT IGNORE` option in my query and it works pretty well not to add duplicates, but the problem is that if my unique field match it doesn't update any other info in the row, is there maybe another option to update a row if an existing field exists but insert new row if it doesn't exists?   my current query is as follow  

$query = mysqli_query($con,"INSERT IGNORE INTO mxit (ip,time,user_agent,contact,userid,id,login,nick,location,profile) 
VALUES ('$ip','$post_time','$mxitua','$mxitcont','$mxituid','$mxitid','$mxitlogin','$mxitnick','$mxitloc','$mxitprof')") or die(mysqli_error($con)); 

Hello everybody,

I have been racking my brain trying to decipher something that should be really simple for a seasoned programmer.
The following code shows random numbers from 0 to 60.
How can I get the code to display six columns as opposed to ten?
Support is much appreciated!

Newbieprogrammer

<html>
<head>
<?php
    mt_srand((double)microtime()*1000000);
    function Vullen()
    {
    $randomNr = array(0,1,2,3,4,5,6,7,8,9);
    shuffle($randomNr);
    return $randomNr;
    }
    $randomNr = Vullen();

    function display($randomNr)
    {
    $table = '<table  border="1px" cellpadding="1px">';
    $bingokaart = array();
    for ($row = 1; $row < 7; ++$row)
    {
      $table .= '<tr>';
        foreach ($randomNr as $number)
        {
        $table .= '<td>'.$row.$number.'</td>';
        }
        $table .= '</tr>';
    }
    $table .='</table>';
    echo $table;  
    }
display($randomNr);
?>
</body>
</html>

Hello Everyone,

I've successfully created a form script to check to make sure all my fields are filled out.

However, I wanted to create an if statement to check and see if the email address is valid and it contains both and "@", "." symbols. If not then echo '' This is not a Valid email address " if  its not correct.

Could someone tell me the proper way to write this and incorporate this into my existing script below.


Thank you all Again for your Help


thanks
mrjap1


Code: [Select]

// Confirm All feild were filled out when submit button was pressed
if($name && $email && $username && $password && $confirm_password)
{
// Confirm that the NAME that you used is NOT greater than 30 characters
if(strlen($name)>24)
{
echo "<h2><center>YOUR NAME IS TOO LONG!!!!</center></h2><br>";
}
// Confirm that the EMAIL that you used is NOT greater than 25 characters
if(strlen($email)>25)
{
echo "<h2><center>YOUR EMAIL IS TOO LONG!!!!</center></h2><br>";
}

// Confirm that the USERNAME that you used is NOT greater than 10 characters
if(strlen($username)>10)
{
echo "<h2><center>YOUR USERNAME IS TOO LONG!!!!</center></h2><br>";
}
else {

// Confirm that the PASSWORD that you used MATCH & Between 6 and 15 characters
if(strlen($password)>10 || strlen($password)<6)
{
echo "<h2><center>YOUR PASSWORD MUST BE BETWEEN 6 and 15 CHARACTERS!!!!</center></h2><br>";
}
if($password == $confirm_password)
{

Hello! I found this code from github. https://github.com/gburtini/Learning-Library-for-PHP and I want to know if its possible to add variables to it and what changes needed to be done to the whole script.
My first guess is the variables are 

$xs

and 

$ys

I want replace them and add two more. The whole code is he

<?php 

    require_once 'function.php';

    function ll_nn_predict($xs, $ys, $row, $k) {
        $distances = ll_nearestNeighbors($xs, $row);
        $distances = array_slice($distances, 0, $k);

        $predictions = array();
        foreach($distances as $neighbor=>$distance) {
            $predictions[$ys[$neighbor]]++;
        }
        asort($predictions);

        return $predictions;
    }

    function ll_nearestNeighbors($xs, $row) {
        $testPoint = $xs[$row];

        $distances = _ll_distances_to_point($xs, $testPoint);
        return $distances;
    }

    function _ll_distances_to_point($xs, $x) {
        $distances = array();
        foreach($xs as $index=>$xi) {
            $distances[$index] = ll_euclidean_distance($xi, $x);
        }
        asort($distances);
        array_shift($distances);
        return $distances;
    }

and the function.php that is required is this:

<?php

    function ll_transpose($rows) {
        $columns = array();
        for($i=0;$i<count($rows);$i++) {
            for($k = 0; $k<count($rows[$i]); $k++) {
                $columns[$k][$i] = $rows[$i][$k];
            }
        }
        return $columns;
    }

    function ll_mean($array) {
        return array_sum($array)/($array);
    }

    function ll_variance($array) {
        $mean = ll_mean($array);

        $sum_difference = 0;
        $n = count($array);

        for($i=0; $i<$n; $i++) {
            $sum_difference += pow(($array[$i] - $mean),2);
        }

        $variance = $sum_difference / $n;
        return $variance;
    }
 
    function ll_euclidean_distance($a, $b) {
        if(count($a) != count($b))
            return false;
        
        $distance = 0;
        for($i=0;$i<count($a);$i++) {
            $distance += pow($a[$i] - $b[$i], 2);
        }

        return sqrt($distance);
    }

 

I just want to know where is the variables in those 2 scripts and add more as I'm not well versed in using PHP. Thank you!

I have a table with lots of records. My table has the following field, with records containing either NULL or '1' that I need to modify.