Hmm, the session in this case it is not, probably, the best approach: what happens if, in the current session, you open multiple tabs of A.php with different IDs?


It would screw up, because the session value would be rewritten by the latest loaded tab. Append the query string to B.php, so if you are using a form you can do:

<form method="get" action="B.php?id=123">

Or hide it in the input fields:

<input type="hidden" name="id" value="123">

If you want more appropriated help, share an example of what you are trying to do.

Votes + Comments
Good shout about multiple tabs +1 - a common gotcha!

Thank you Jim! Yes, that works fine and also counting the resulting array works fine.

The original query is not like in the above example: I was using FOUND_ROWS() in a PHP PDO class, to automatically extract the number of rows, but it was not working appropriately. So I started playing with an example table and added SQL_CALC_FOUND_ROWS too and came down with the above test.

Even by doing:


then FOUND_ROWS() should return 5, instead it returns 1. In practice, I do not understand why it does not output the expected result.

I just did a test on MariaDB 10.0.28 and MariaDB 10.1.19 and returns 5, as expected. My current instead is 10.0.29, so it may be a bug.


@Dani, yes, I added SQL_CALC_FOUND_ROWS just to test the query.



so, I'm playing a bit with MariaDB 10.0.29 and I cannot understand why FOUND_ROWS() keeps returning the 1 whatever happens to the latest select query. Here's my test:

Query OK, 0 rows affected
Time: 0.782s

> INSERT INTO `test` (`msg`) VALUES('apples'), ('oranges'), ('strawberries'), ('cherries'), ('random');
Query OK, 5 rows affected
Time: 0.180s

|   id | msg          |
|    1 | apples       |
|    2 | oranges      |
|    3 | strawberries |
|    4 | cherries     |
|    5 | random       |
5 rows in set
Time: 0.003s

|   FOUND_ROWS() |
|              1 |
1 row in set
Time: 0.002s

Expected result 5. The same happens with MyISAM engine.

Any clue why this happens? To avoid any possible backside issue, I have tested from a fresh connection through the command line client, but it does not seems to make difference.

The online test with MySQL 5.6, instead, returns 0, it is accessible here:

For the online test result I'm not sure it depends on SQLfiddle or it is MySQL 5.6.


Hi Jailani,

in your code you are using:

$value = $_GET['change'];

which will not work if the form set the method to POST:

<form method="post">

if you perform a POST request then you have to use $_POST in the PHP side to access the values of the input fields. You could use $_GET, but only if appending values to the action link of the form tag, for example:

<form method="post" action="script.php?id=123">

Also, you are trying to access the id, like this:

$id = $_REQUEST['id'];

I suppose you want to get it from this line:

echo"<td><font color='black'>" .$test['id']."</font></td>";

It will not work, unless you do not add an input field like this:

<input type="hidden" name="id" value="<?php echo $test['id']; ?>">

This is more correct, but you are also looping the array from the query, so you are going to create a group of rows, in the HTML, each with:

echo"<td><input type='text' name='change'/></td>";

In this case, since you are not submitting $_POST['change'] as an array and since this is a text type, you will apply only the last one in the list:

    <td><input type='text' name='change'/>
    <td><input type='text' name='change'/>
    <td><input type='text' name='change'/> <-- only this will be applied

So the input name should look like more name='change[]':

    <td><input type='text' name='change[]'>
    <td><input type='text' name='change[]'>

Even by applying this your update query will still not work, because you have to loop the $_POST['change'] and the other fields values.

This post may help you:

it applies to <select> tags, but ...


Check arp-scan -ln it outputs something like this:

> arp-scan -ln
Interface: wls1, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.8.1 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)     00:c0:9f:09:b8:db       QUANTA COMPUTER, INC.     00:02:a5:90:c3:e6       Compaq Computer Corporation    00:0b:db:b2:fa:60       Dell ESG PCBA Test    00:02:b3:06:d7:9b       Intel Corporation   00:10:db:26:4d:52       Juniper Networks, Inc.   00:01:e6:57:8b:68       Hewlett-Packard Company   00:30:c1:5e:58:7d       HEWLETT-PACKARD

7 packets received by filter, 0 packets dropped by kernel
Ending arp-scan 1.8.1: 256 hosts scanned in 1.628 seconds (157.25 hosts/sec). 7 responded

And you could simply parse the output. But I'm not sure if there is a version for Windows platforms. Some info here:


In this very specific case, because $ID is expected to be an integer, you could use exec() which returns the number of affected rows by the statement or something that evaluates to boolean FALSE (if something goes wrong) but you have to properly sanitize the variable.


if(FALSE !== $ID)
    $update = $db->exec("UPDATE table SET count = count + 1 WHERE id=".$ID);

    if(FALSE === $update)
         // log the error, kill the script, etc.

        // successful update

    // $ID is not valid

In case of strings, instead, the filter function is not enough, because sending something like 0 OR 1=1 would be valid and expose your query to an SQL injection attack.

I prefer to have few extra lines of code and go with prepared statements.

Besides, in PDO you can send the values as an array, in the execute() method:

$stmt->execute([':ID' => $ID]);

I was supposing the $_POST['Net'] arrays to hold float values, not file names. Anyway you could write:

$files    = [];
$products = [];

while($rowProduct = mysql_fetch_array($productSQL))
    $products[] = $rowProduct['POProductNet'];

if(TRUE === isset($_POST['Net']) && TRUE === is_array($_POST['Net']))
    $files = array_map('basename', $_POST['Net']);
    $diff  = array_diff_assoc($products, $files);

    if(count($diff) > 0)
        // write data to db

Here I'm just using the array functions, instead of the loops, it's just a choice. You can go with loops.

But if $_POST['Net'] is supposed to always be an array, then I would check it in the sanitizing step, not after the query to the database. So it would look like more:


if(FALSE !== $net)
    $files    = array_map('basename', $net);
    $products = [];

    // select query the database
    // populate the $products array
    // compare with $files

You could use the RecursiveDirectoryIterator() something like in this comment:

More precisely like this:


$path = dirname(__DIR__);

$dir_iterator = new RecursiveDirectoryIterator($path
                     , FilesystemIterator::SKIP_DOTS);

$iterator     = new RecursiveIteratorIterator($dir_iterator
                    , RecursiveIteratorIterator::LEAVES_ONLY
                    , RecursiveIteratorIterator::CATCH_GET_CHILD);

foreach($iterator as $file)
    if(TRUE === $file->isReadable())
        echo $file . PHP_EOL;


look, this hex dump suggests it could be C++:

0007e0a0  72 20 61 72 67 75 6d 65  6e 74 73 0d 0a 00 00 00  |r arguments.....|
0007e0b0  52 36 30 30 32 0d 0a 2d  20 66 6c 6f 61 74 69 6e  |R6002..- floatin|
0007e0c0  67 20 70 6f 69 6e 74 20  6e 6f 74 20 6c 6f 61 64  |g point not load|
0007e0d0  65 64 0d 0a 00 00 00 00  4d 69 63 72 6f 73 6f 66  |ed......Microsof|
0007e0e0  74 20 56 69 73 75 61 6c  20 43 2b 2b 20 52 75 6e  |t Visual C++ Run|
0007e0f0  74 69 6d 65 20 4c 69 62  72 61 72 79 00 00 00 00  |time Library....|
0007e100  0a 0a 00 00 52 75 6e 74  69 6d 65 20 45 72 72 6f  |....Runtime Erro|
0007e110  72 21 0a 0a 50 72 6f 67  72 61 6d 3a 20 00 00 00  |r!..Program: ...|
0007e120  2e 2e 2e 00 3c 70 72 6f  67 72 61 6d 20 6e 61 6d  |....<program nam|
0007e130  65 20 75 6e 6b 6e 6f 77  6e 3e 00 00 00 00 00 00  |e unknown>......|

And this:

0008ead0  46 53 4f 55 4e 44 20 50  72 69 6d 61 72 79 20 4d  |FSOUND Primary M|
0008eae0  69 78 42 75 66 66 65 72  00 00 00 00 43 3a 5c 64  |ixBuffer....C:\d|
0008eaf0  65 76 5c 66 6d 6f ...


from the documentation the strtotime() function you can read:

Parse about any English textual datetime description into a Unix timestamp

And it expects:

int strtotime ( string $time [, int $now = time() ] )

The $stockdate is a DateTime object, not a string. So try by submitting the string:

date('l F d, Y', strtotime($stockdate->date));

Or follow the DateTime library:

print $stockdate->format('l F d, Y');



Spaces in URLs can be represented by %20 or by +, it depends on the browser and by the enctype attribute of the form tag.

Your script can receive requests like these:


Which in your code equals to:

string(7) "abc    "

So, instead of $searchTerm = $_GET['term']; do:

$searchTerm = trim(filter_input(INPUT_GET, 'term', FILTER_SANITIZE_STRING));

And the script will process the intended input:

string(3) "abc"

Note, in this case you don't need to use urldecode() as superglobals are already decoded. Also, you should query the database through prepared statements.


Ok, the blank list of results happens because JQuery expects to receive label and/or value as index keys of the result set.

Multiple types supported:
Array: An array can be used for local data. There are two supported formats:

  • An array of strings: [ "Choice1", "Choice2" ]
  • An array of objects with label and value properties: [ { label: "Choice1", value: "value1" }, ... ]

The label property is displayed in the suggestion menu. The value will be inserted into the input element when a user selects an item. If just one property is specified, it will be used for both, e.g., if you provide only value properties, the value will also be used as the label.

Source: http://api.jqueryui.com/autocomplete/#option-source

So change desc1 to label and should work fine. I was testing with a custom table which had a label column, so the issue didn't show up to me.


<script type="text/javascript">
    $(function() {

            minLength: 0,
            source: "autocomplete.php",
            focus: function(event, ui) {
                return false;
            select: function(event, ui) {
                return false;

And in the PHP side:

$i = 0;
    $data[$i]['code']  = $row['code'];
    $data[$i]['label'] = $row['desc1'];

Look, it works fine for me. Do this: open the Web Developer Console which is available in Google Chrome, Chromium and Mozilla Firefox, hit the Network tab and enter a letter in the autocomplete input field, you should see a request to the server, hit the request link and click the Response tab, you should see a JSON object with the rows.



check the source of the custom data example in the autocomplete JQueryUI documentation:

The select property should fit your requirements:

select: function( event, ui ) {
    $( "#project" ).val( ui.item.label );
    $( "#project-id" ).val( ui.item.value );
    $( "#project-description" ).html( ui.item.desc );
    $( "#project-icon" ).attr( "src", "images/" + ui.item.icon );

    return false;

Another example: https://jsfiddle.net/0wdbgage/


Why is it so, that when there's an issue, people look all around :D, but not on the issue.

lol, I asked because I do not know how you are implementing that statement and what you really expect to get. What do you mean by true 404? A redirect to the 404 error page defined by the server?


While Opera fools itself, Firefox doesn't. It shows just super-empty document (not 404, but also not even standard CSS stylesheet). How do I successfully send "404 Not Found" to ALL browser.

is not a useful information, to understand your issue.

Look, to me it's easier to move the includes scripts into a separated directory, then use .htaccess to deny direct access to that directory, so it cannot be accessed through the browser.

This solution does not require to modify the scripts, so nothing like the header() 404 statement, if really needed you could force it through .htaccess and send a more appropriate 403 or even 404.

It's even better if you move the includes directory to the parent of the public_html directory, which if correctly set, is not accessible by the browsers, that way you don't even need to use .htaccess file to define what is accessible and what not.

Votes + Comments