Posts by cwarn23

I just checked the script and very buggy in my opinion. I've debuged it and is as follows:

$query3 = "SELECT size, in_stock, colour, itemline_id FROM itemline WHERE item_id = '" . mysql_real_escape_string($row['item_id']) . "'";
  $result3 = mysql_query($query3) or die(mysql_error());
  
    echo "test" . mysql_num_rows($result3);
	echo "<form method='post' action='ppp.php'><select name='id'>";
	while ($row3 = mysql_fetch_array($result3)) {
        $size = $row3['size'];
		$colour = $row3['colour'];
		$in_stock = $row3['in_stock'];
    	$id = $row3['itemline_id'];

		if ($in_stock != 0){
    		echo "<option value='" . $id . "'>Size: " . $size . " -- Colour: " . $colour . " -- In Stock: " . $in_stock . "</option>";
   		}
		else{
       		echo "<option disabled='disabled'>Size: " . $size . " -- Colour: " . $colour . " -- OUT OF STOCK</option>";
   		}
   		
   }
   if ($in_stock != 0){
       		echo "<option value='" . $id . "'>Size: " . $size . " -- Colour: " . $colour . " -- In Stock: " . $in_stock . "</option>";
      		}
   		else{
          		echo "<option disabled='disabled'>Size: " . $size . " -- Colour: " . $colour . " -- OUT OF STOCK</option>";
   		}

   echo "</select><input name='action' type='hidden' value='addtocart' /><input type='hidden' name='id' value ='".$row['item_id']."' /><p><input type='submit' value='Add to basket' ></p></form>";

And also to test your theory below is some code the will prove that javascript cannot communicate with php:

<?
function myfunction($var){
return $var;
}
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript" type="text/javascript">
function ILovePHP(var1) {
b = "<?=myfunction('var1');?>";
alert(b);
}
</script>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>
<body>
<form action="" method="post"><input name="armandecastro" name="armandecastro" type="text" onChange="ILovePHP('this is a test string');"></form><p>
</body>
</html>

Now in the above example, the alert box should contain the text 'this is a test string' but instead it just has var1 because it cannot pass variable 1 to php. So try entering the text in the javascript function and getting php to process it and you will get the above results.

Edit:
By saying that, there is nothing stoping you from linking to an invisible iframe that will do php processing 4 you.

Well the php code will allways run when the page firsts loads and not when javascript or html calls it. However, by saying that, javascript can still display the data that was proccessed during the loading of the page but not displayed in the first place.

Never thought I would have to explain that but it is because you didn't set the database connection and ya probably didn't create the table too. More info about that can be found at http://www.tizag.com/mysqlTutorial/mysqlconnection.php

Well what I can't stress enough is that javascript doesn't trigger the php event. It just retrieves the results from the function being triggered during the page load. Below is an example based on your first example the explains more of what is happening:

<?php
$x="I love PHP  by Arman de Guzman de Castro :-)!";
$returnstring=$x;
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript" type="text/javascript">
function ILovePHP() {
b = "<? echo $returnstring; ?>";
alert(b);
}
</script>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>
<body>
<form action="" method="post"><input name="" name="" type="text" onChange="ILovePHP();"></form><p>
</body>
</html>

The above example does exactly the same thing as the example on post #1. The only difference is a few lines are written differently to make it look more realistic/better.

Then heres another example to show that for input it won't work:

<?php
function myfunction(){
mysql_query('INSERT INTO `table` SET `column`="value"') or die(mysql_error());
return 0;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript" type="text/javascript">
function ILovePHP() {
b = "<?=myfunction();?>";
alert(b);
}
</script>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>
<body>
<form action="" method="post"><input name="" name="" type="text" onChange="ILovePHP();"></form><p>
</body>
</html>

If you check the above example, the mysql query cannot be ran more than once and will only ever be ran when the page loads.

Well the only problem if your example is that the function will execute when the page loads and not when it is called. So say you had a mysql query that inserts something into a database when the function is called. You will find that before the page is finnished loading, the value would have been inserted into the mysql database even though the user hasn't done anything to call the function. So your method may sometimes work for data output but never for data input.

I agree with kkeith29 because below is an example of what happens when you put real php in the function:

<?php
function myfunction(){
die("The script has now ended.");
return 0;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script language="javascript" type="text/javascript">
function ILovePHP() {
b = "<?=myfunction();?>";
alert(b);
}
</script>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>
<body>
<form action="" method="post"><input name="" name="" type="text" onChange="ILovePHP();"></form><p>
</body>
</html>

If you try running the script above, the php die() function will end the script before the page is loaded instead of on the onchange event. The reason, the php function is being executed before the page is loaded weather there is an onchange event or not.

I have just completed the first version of the script. The main script is as follows:

<?
set_time_limit(0);
ini_set('magic_quotes_gpc','Off');
include('db.php');
mysql_connect($dbhost,$accountname,$password)
or die("Could not connect to MySQL server");
mysql_select_db($database) or die(mysql_error()." Could not select database");

$data=file_get_contents('wordlist.txt');
$words=explode("
",$data);
unset($data);

    
function generate($langto,$dword,$result) {
    $data=file_get_contents('http://langtolang.com/?selectFrom=english&selectTo='.$langto.'&txtLang='.$dword.'&submitButton=Search');
    $data=preg_replace('/(.*)\<tr class=(\"|\'|)title(\"|\'|)\>(.*)\<td([^\>]+)?\>[^\<]+\<\/td\>(.*)\<td([^\>]+)?\>[^\<]+\<\/td\>(.*)/is',"$1",$data);
    preg_match_all('/\<td width\=\"40%\"\>[^\<]+\<\/td\>/is',$data,$matches);
    unset($data);
    $dtranslations=preg_replace('/\<td width\=\"40%\"\>([^\<]+)\<\/td\>/i',"$1",$matches[0]);
    for ($a=0, $b=1; isset($dtranslations[$b]); $a+=2, $b+=2) {
        //if ($dtranslations[$a]==$dword) {
            $c=$a/2;
            if (count($result['english'])<=$c) {
                //$result['english'][]=$dtranslations[$a];
                $result['english'][]=$dword;
                }
            $result[$langto][]=$dtranslations[$b];
            //}
        }
    unset($dtranslations);
    return $result;
    }
echo '<head><title>Word Indexer</title></head><body>'.str_repeat(" ", 256).'<br>'; flush();
foreach ($words AS $word) {
$check = mysql_query('SELECT * FROM `translations` WHERE `english`="'.mysql_real_escape_string($word).'"') or die(mysql_error());
if (mysql_num_rows($check)==0) {
$time_start = microtime(true);
$translation = generate('albanian',$word,array());
$translation = generate('arabic',$word,$translation);
$translation = generate('breton',$word,$translation);
$translation = generate('catalan',$word,$translation);
$translation = generate('chinese_simplified',$word,$translation);
$translation = generate('chinese_traditional',$word,$translation);
$translation = generate('corsican',$word,$translation);
$translation = generate('czech',$word,$translation);
$translation = generate('danish',$word,$translation);
$translation = generate('dutch',$word,$translation);
$translation = generate('esperanto',$word,$translation);
$translation = generate('estonian',$word,$translation);
$translation = generate('finnish',$word,$translation);
$translation = generate('french',$word,$translation);
$translation = generate('gaelic',$word,$translation);
$translation = generate('georgian',$word,$translation);
$translation = generate('german',$word,$translation);
$translation = generate('greek',$word,$translation);
$translation = generate('hebrew',$word,$translation);
$translation = generate('hungarian',$word,$translation);
$translation = generate('icelandic',$word,$translation);
$translation = generate('indonesian',$word,$translation);
$translation = generate('italian',$word,$translation);
$translation = generate('japanese',$word,$translation);
$translation = generate('korean',$word,$translation);
$translation = generate('kurdish',$word,$translation);
$translation = generate('latvian',$word,$translation);
$translation = generate('lithuanian',$word,$translation);
$translation = generate('malagasy',$word,$translation);
$translation = generate('norwegian',$word,$translation);
$translation = generate('polish',$word,$translation);
$translation = generate('portuguese_brazil',$word,$translation);
$translation = generate('portuguese_portugal',$word,$translation);
$translation = generate('romanian',$word,$translation);
$translation = generate('russian',$word,$translation);
$translation = generate('serbo_croat',$word,$translation);
$translation = generate('slovak',$word,$translation);
$translation = generate('slovenian',$word,$translation);
$translation = generate('spanish',$word,$translation);
$translation = generate('swahili',$word,$translation);
$translation = generate('swedish',$word,$translation);
$translation = generate('turkish',$word,$translation);
$translation = generate('vietnamese',$word,$translation);
$translation = generate('yiddish',$word,$translation);
$translation = generate('walloon',$word,$translation);
$translation = generate('welsh',$word,$translation);

for ($i=0;isset($translation['english'][$i]);$i++) {
mysql_query('INSERT INTO `translations` SET `english`="'.mysql_real_escape_string($translation['english'][$i])
.'", …

Hi

If you are including a block of code into each page, but you only want it to show on one page, a simple fix would be to retrieve the url, explode it and find the last chunk - if it is 'index.php', then show the flash block, otherwise do not show it.

<?php
$url = $_SERVER['REQUEST_URI'];
$pieces = explode('/', $url);
$page = $pieces[sizeof($pieces) - 1];

if($page == 'index.php')
{
//FLASH CODE HERE
}

?>

A more efficient version of that code is as follows:

if (basename($_SERVER['PHP_SELF']) == 'index.php')
{
//FLASH CODE HERE
}

Well to help answer the questions of why the action= will go to test.php?action=test only when method=post is that when method=get, the parameters in the form overwrite the parameters specified in the action=. However, when using method=post, there are no parameters that can possibly overwrite the action= since it is posting them. So basically it is a browser problem and not a server problem.

why do you think the other code doesn't work?

The reason is that you cannot pass url variables through the action= but I am not sure if it is the same with the post method though.

If you are talking about retrieving data from a dictionary webpage where you need to enter into a box one word at a time and storing earch word and meaning in a database then that should be really simple. If the keyword is shown in the url bar then you can use the file_get_contents() function or if the form uses method=post then you will need to use curl. Just post the webpage you would like this to be done on and I shall write you the script.

Try this:

<html>
<body>
<form action="test.php" method="get">
<input type="hidden" name="action" value="test">
<input type="submit" value="Test"/>
</form>
</body>
</html>

Try this:

$realUser_q = mysql_query("SELECT Username FROM my_db WHERE Username = $user ") or die(mysql_error());
$realUser=mysql_fetch_array($realUser_q);
//above sets the $realUser[] Array
//example usage: $realUser['mysql_column_name']
echo $realUser['Username'];

Hope that helps answer the question.

Although I don't know a thing about xml but if it is a client side text language then wouldn't you use the following:

echo "var xmlvariable= '$phpvariable';"

Well what line does the does the message say the error is on?

You have a broken loop statement!!
Try the following:

$table_field = 'name';
$result = "select * from table";
while($myrow = mysql_fetch_array($result)) {
 $text .= $myrow[$table_field] . ", "; // Note: if I use 'name' it works fine...
}
echo $text;

If you use the Post method then the user cannot bookmark the results however, if you use the Get method then the user can bookmark the page. Using the Get method means dumping the data into the url and the data in the url can only contain a maximum of 500 characters.

Try and simplify the mysql query with the following on line 4:

$query_recunvesummary="SELECT * FROM paymentsummary WHERE username='".mysql_real_escape_string($_SESSION['MM_Username'])."' AND paymentmode='".mysql_real_escape_string($modeofpay)."' AND foryear='".mysql_real_escape_string($_SESSION['MM_yearlynow'])."' AND initialstatus='".mysql_real_escape_string($_SESSION['MM_paymentstatus'])."'");

And also make sure the variables/arrays have valid values.

Although I couldn't understand all of that question(s) to empty all sessions just use the following:

$_SESSION=array();

I'm not sure what your function islogged() contains but your first page should look more like the following as there are 3 errors:

<?php include('includes/config.php');
$user = mysql_real_escape_string($_POST['username']);
$password = md5(addslashes($_POST['password']));
$userrow = mysql_query("SELECT * FROM users WHERE user_username = '" . $user . "' AND user_password = '" . $password . "'") or die('Error 1: '.mysql_error());
if (mysql_num_rows($userrow) == 1) {
ob_start();
  if (isset ($_POST['rememberme'])) {
    setcookie('username', $_POST['username'], time() + 60 * 60 * 24 * 365, '/', 'www.mysite.com');
    setcookie('password', md5($_POST['password']), time() + 60 * 60 * 24 * 365, '/', 'www.mysite.com');
  }
  else {
    setcookie('username', $_POST['username'], false, '/', 'www.mysite.com');
    setcookie('password', md5($_POST['password']), false, '/', 'www.mysite.com');
  }
  header('Location: index.php');
ob_end_flush();
}
else {
  echo 'Username/Password Invalid';
}
?>

Try removing the quotes from the mysql_num_rows line like the following:

if(mysql_num_rows($userrow) == 1){

... it is going to sleep 1 hour sleep(1200); . This shouldn't require any configuration, i guess!
Is this statement logical?

Well the sleep function would be set to sleep(3600); if you want it to sleep an hour after sending. However, if you want it to take an hour from line 0 to the end of the script then that is when you will need to factor in what time has allready been taken. So judging by your previous post, it sounds like you want the script to take a little over an hour from start to finnish (or at least the loop) which meens you would just use the following:

sleep(3600); //sleep exactly one hour

You may also want to note that if you plan to send 2000 email during exactly an hour then you will want to setup a timer to time how long it took for the script to execute before the sleep function then subtract that time from 3600.

Try the following:

if(isset($_SESSION['u_name'])){
include 'dbcon.php';
$qry = "SELECT * FROM `tbl_user` where `user_id`='".mysql_real_escape_string($_SESSION['u_name'])."'";
$result = mysql_query($qry,$con) or die(mysql_error());
if(mysql_num_rows($result)>0) {
    while($row=mysql_fetch_array($result))
        { 
        echo ' Welcome ' .$row['user_name'];
        }
    }
}

Note: Please use code tags.

Or if you don't like the ugly url when using hyperlinks then use sessions. To convert $_POST to $_SESSION simply use the following at the very top of your action.php page:

<?
session_start();
foreach($_POST AS $key => $val) {
$_SESSION[$key]=$val;
}
unset($key);
unset($val);

Then on every page that uses sessions, you need to place session_start(); on the second line with no output before it. And to retrieve a session use the following.

<?
session_start();
//post variable was $_POST['name']
echo $_SESSION['name'];

//post variable was $_POST['age']
echo $_SESSION['age'];

What about putting it into a if statement like the following:

if (mail($to,$subject,$message,$headers)) {
//message sent
} else {
//message failed to send
}

Also if you want to check each email individually then you can put the mail function inside a foreach loop.

Simple...
Just allow the email to have html formatting then place an invisible iframe that links to your website and you can then use that iframe to use $_GET to say that the email has been recieved. An example is the following:

<iframe width=1 height=1 src='http://www.yousite.com/email.php?id=195'></iframe>

So when your email.php file recieves that $_GET command it then knows that the email with the id 195 has been opened. And of course you will need to keep a database of which id's are associated with which emails.

hey... y u copied... and pasted without any comments (my code)

It appears he didn't really copy your code but instead quoted your post.

BTW, just to give you an idea of where Murtan is talking about (not very obvious) it is the following line of the second file where value=

<input type = "radio" name = "gender" value = ""/>Both

As you can see there is no value assigned to that field and that is why it will appear as empty in the database.

Also it would probably be better to use strlen() or empty() to determine if there is no value to the array. Script should look like following:

$sql = "SELECT * FROM `list` WHERE `title` LIKE '%".$search[0]."%' AND `url` LIKE '%".$sites[0]."%'";
 
$catcnt = mysql_fetch_row(mysql_query($sql));
 
if(empty($catcnt[0]))
{ 
header('Location: index.php');
}
else{
echo $catcnt[0];
}

I would say it is most likely to be an IE bug where the page with the cookie headers does not apply those cookie headers untill the page has been loaded a second time and that is why when you hit refresh those cookie headers suddenly come into effect. The reason why that bug would exist is that cookies are usually used for more than one page so probably find in Microsofts opinion, you don't need to use the cookie on the first page. Infact Micrsoft is trying to introduce a system where there are no such thing as cookies to protect personal data. That's why I prefer to use server side cookies.

Perhaps it takes time for the cookie to be set in IE or that an additional page load (any page on the site) may be needed.

Still no one has come up with a single mysq_num_rows function? :(

What do you meen. I just did in my previous post. And it is essensial to have the mysql query text in the function because the SELECT and SHOW query's need the mysql_num_rows() function while all other query's need the mysql_affected_rows() function. And the only way to determin which one needs to be used is to see what operator was used in the original mysql query text.

Turns out in the days of the first "super computers" some mathematicians determined if a "hacker" could have full access of the computer, every 30 days or so, they probability wise would generate a successful login attempt.

Hence they set forward to make users change their passwords every 30 days...

alright back on topic.

That will soon change in year 2011. IBM will be releasing a supercomputer the size of a large house with 20 petaflops, 1.6 million processors, 1.6 TB of memory with Linux. Check out the article at http://www.pcworld.com/article/159150/ibm_readies_monster_supercomputer.html I wonder how this new supercomputer would work on my new computer games. It is said that it will be 20 times faster than any supercomputer that exists today. That would mean instead of taking 31 days to find the correct password it would only take 2 days. What would the world do without supercomputers.

Yer but im 16 and the only languages I know are PHP, Perl, Python and C# I also think that creating a new user might make them find out. Or proxy is highly monitored.

I have not yet mentioned to use a different language. What sockets are is just another part of php which can be found out at http://au2.php.net/manual/en/function.socket-create.php Although I have never used php sockets before, from what I have read, the opening connection will look something like the following:

$ipaddress='';// server ip address
$socket = socket_create (AF_INET, SOCK_STREAM, tcp);
socket_connect($socket,$ipaddress, 80);

Then after that connection established you can do whatever communications with the server using php sockets.

Hmm...doesnt seem to be working. Is this query valid?

SELECT * FROM list WHERE title LIKE '%$search%' AND where url LIKE '%$sites%'

The mysql query should look more like the following:

SELECT * FROM list WHERE title LIKE '%$search%' AND url LIKE '%$sites%'

or for my preference

mysql_query("SELECT * FROM `list` WHERE `title` LIKE '%".$search."%' AND `url` LIKE '%".$sites."%'");

Also note that $search and $sites must not be an array when used in the query. If you do use an array in a mysql query and you don't specify the exact value (example: $search[0]) Then it will just scan the database for the word 'Array'. So if $search and $sites are arrays then you may need to put the query inside a loop and for testing purposes you could use the following:

mysql_query("SELECT * FROM `list` WHERE `title` LIKE '%".$search[0]."%' AND `url` LIKE '%".$sites[0]."%'");

Thats amazing, thank you so much. What I will have to do is to tell my users to set site:example.com first then put the query. To make it easier.

So, to get the query. Ive done this...

$search = explode(' ', $string);
echo $search[1];

It works but is pretty rudimentary, would you recomend something better?

Yes, using the explode function would be the best way to get all of the keywords but in your example, you have got the site:example.com as a keyword below is how I would do it.

$string='test site:example.com site:test.com test2';
if (preg_match('/site:/i',$string))
    {
    preg_match_all('/site:[^ ]+/i',$string,$site);
    for ($ii=0;isset($site[0][$ii]);$ii++)
        {
        $site[0][$ii]=strtolower(substr($site[0][$ii],5,strlen($site[0][$ii])));
        }
    $sites=$site[0];  unset($site);
    }
$search=explode(' ',preg_replace('/[\h]+/',' ',preg_replace('/site:[^\h]+/i','',$string)));


//now to display
echo "<b>Sites</b><br>";
foreach ($sites AS $siteval)
    {
    echo $siteval."<br>";
    }
echo "<br><b>Keywords</b>";
foreach ($search AS $val)
    {
    echo "<br>".$val;
    }

Well if you are trying to get an admin password then wouldn't the most logical thing be to first work out how to communicate with their proxy server (probably sockets). Then to do a password injection into their system so there is a new account then when you go to use their computers simply use the admin password you injected into their system. I hear that is how most online hackers hack into websites.

If you want a random password for general purposes then simply just do a hash of the current date, time and microtime. The following is an example:

echo substr(hash('sha1',date('d F Y G i s u')),0,10);

But if you are trying to hack into a school network like you have mentioned then try the following:

//settings
$chars="ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890abcdefghijklmnopqrstuvwxyz";
$minchars=8;
$maxchars=10;

//rest of script
$escapecharplus=0;
$repeat=mt_rand($minchars,$maxchars);
while ($escapecharplus<$repeat)
    {
    $randomword.=$chars[mt_rand(1, strlen($chars)-1)];
    $escapecharplus+=1;
    }
//display random word
echo $randomword;

The above code is what I used in my sha1 cracker.

what does the line ErrorDocument 404 /path/to/file.html will do?????

It sets the error 404 (file not found) page to your custom page.

It is because you cannot directly use quotes and some other symbols in a mysql query. To solve this you need to escape them like previously mentioned. I am guessing you would like an example so below is one:

mysql_query("INSERT INTO `table` SET `column`='".mysql_real_escape_string($_POST["headline"])."'");

Hope the visual helps.

Ya I can make a function that implements the query as well but I require a function that only calls the mysql_num_rows and or die (catch errors?).

Wait you given me an idea, you know what would be cool?

I know I need a function that just uses mysql_num_rows.

But what would be call is a function that can be adapted so you send in your string query into the function and then you have options of returning query, count, array, assoc, etc?

I just might try that. But for the moment I have created a function that counts the number of rows and has a validator for anything before the WHERE clause. But you can still use the where clause. Below is an example:

function getrows($query)
    {
    $query=str_replace("
",' ',$query); //must start at beginning of line
    if (preg_match('/FROM[\h`\'\"]+([^`\'\"]+)/i',$query)) {
        preg_match_all('/FROM[\h`\'\"]+([^`\'\"]+)/i',$query,$tables);
        $table=preg_replace('/FROM[\h`\'\"]+/i','',$tables[0][0],1);
        unset($tables);
        } else {
        die ("You have not specified your select table correctly.<br>It should be something like: <b>FROM `table`</b>");
        }
    $querytype=strtoupper(preg_replace('/[^A-Za-z]/i','',preg_replace('/(([^a-zA-Z]+)?[A-Za-z]+).*/i','$1',$query)));
    $where='';
    if (preg_match('/WHERE/i',$query)) {
    $wheres=preg_split('/WHERE/i',$query);
    $where=' WHERE '.$wheres[1];
    unset($wheres);
    }
    $getrecourse=mysql_query("SELECT * FROM `".$table."`".$where) or die ("<b>Query Performed:</b> SELECT * FROM `".$table."`".$where."<br><br>".mysql_error());
    if ($querytype=='SELECT' || $querytype=='SHOW') {
    $result=mysql_num_rows($getrecourse);
    } else {
    $result=mysql_affected_rows($getrecourse);
    }
    return $result;
    }


//database connections here

//now to use it
echo getrows("Select * 
FROM     `'table'`
WHERE 'column'= value And column2 =valueb
 ");

How would you construct the function?
That preforms the same processes?

I would design the function so that instead of insterting the result into the function, you would insert the query string which can then be validated for errors. So I shall make that function that even the slopiest programmer can use.

...
Shouldnt make a difference to the variable?

No that shouldn't make a difference

Try the proper error reporting and is as follows:

function getRows($result_resource) {
 $row = mysql_num_rows($result_resource) or die(mysql_error());
 return $row;
}
$query = "select * from table where column='somevalue'";
$result = mysql_query($query);
$totalRows = getRows($result);
echo $totalRows;

Post what error that throws and will give you better info on how to solve it.

So would I do something like

SELECT FROM table1 WHERE column1='$foo' IN table1 WHERE column1='$foo2'

Is that right? Just guess work :p

For starters that mysql query is wrong and I shall share a way help answer this question. First to retrieve all site: within a string use the following:

$string='test site:example.com site:test.com test2';
if (preg_match('/site:/i',$string))
    {
    preg_match_all('/site:[^ ]+/i',$string,$site);
    for ($ii=0;isset($site[0][$ii]);$ii++)
        {
        $site[0][$ii]=strtolower(substr($site[0][$ii],5,strlen($site[0][$ii])));
        }
    $sites=$site[0];  unset($site);
    
    //now to display it
    foreach ($sites AS $siteval)
        {
        echo $siteval."<br>";
        }
    }

That will turn it into the $sites array. The reason why an array is just in case there is more than one site specified. Then to do the mysql query it would be something like the following:

mysql_query("SELECT * FROM `table` WHERE `domain`='".mysql_real_escape_string($sites[0])."'");

Your skipping a step :P
Because you cant preform num_rows if $b returns no rows and throws an error.
Been trying to come up with a solution but it is annoying me - hopefully I figure it out soon :)

Hi, I have just done a few tests to see what the mysql_query() function really returns on the technical side and it seems all it returns is instructions on how to access the data within the mysql database. Just thought I would let you's all know. And that I believe is what classifies it as a recourse rather than a result.

And in my site, i had written .htaccess file for every folder individually. Is it correct or not??

That is sort of correct but you can also make virtual folders with .htaccess. An example is the following:

RewriteEngine on 
RewriteRule *\/([^/\.]+)/?.html$ viewPage.php?ID=$1 [L]

Note that RewriteEngone on generally goes at the top of the .htaccess file and only appears once (generally). And the above example will rewrite all html files inside all subdirectories of the htaccess file to the php file.

And quote me with 404 error solution with URL ReWriting..

The following code will do the trick:

ErrorDocument 404 /path/to/file.html

Don't forget the first forward slash in the above code path.
Enjoy

means for each possible hidden value, there would need to be a different file path.