Posts by FlashCreations

First off, I would mysql_real_escape() any string you pass to MySQL. Secondly, your problem is once someone logs in, the $_POST for the username and password are no longer passed to the page. You need to set a cookie using $_COOKIE['name']="value" containing the username and password and get the username and password from that instead of $_POST . Please know, this is very weak security. You should not only md5() you passwords, but instead of storing a password in a cookie, use a unique session id.

Well for one, I would use mysql_real_escape() on any variable you are passing to MySQL. That should prevent any kind of MySQL injection. I would make sure that your passwords are hashed correctly (using md5() or sha1() ). For added security I would salt your encryptions. See this page for more on salts. Beyond that: Don't store password in cookies (using a unique id or some kind of session id), don't allow code tags (such as <script>) in any kind of use input that will be placed on a page, and be sure that users are authenticated on every page. If you would like, you could give us the address of your site and we can look at some possible security flaws.

The backslashes are what make the query safe from MySQL injections. They prevent the user from placing quotes that end a string into the query without be escaped (Placing a backslash in front of the quote). To my best knowledge, the backslashes dissapear when you perform a SELECT FROM MySQL query. If they don't you could simply use the stripslashes() function to remove the backslashes:

//MySQL Code Here
$result_string = stripslashes($result_string);

You're welcome! If your original problem is now solved, I ask that you mark this thread as solved.

Ok this makes much more sense now!! :D
Your problem is this: Everything is correct with the checkboxes. Your checkbox method does work, but your PHP script is not receiving these values correctly. I have fixed the problem area so that it should now work!

if($_POST['delete']=="Delete") {
  $checkbox = $_POST['checkbox'];
  if($checkbox) {
    foreach($checkbox as $box) {
      $result = mysql_query("DELETE FROM $tbl_name WHERE id='".mysql_real_escape_string($box)."'") or die("Query Error!");
    }
  }
  if($result){
    //Here a code to reload change.php
  }
}

Also as a note, the changing file doesn't require admin authentication. If anyone knew the location of this change file they could access it and delete rows in tables without loging into the admin panel you have built. I would suggest checking the admin username and password before deleting.

Well there is a problem with the general file. It seems like you have too many brackets. See below:

function uploadFile($fld,$name,$path){
	$file=new validations();
	//var_dump($_FILES[$fld]);
	switch($_FILES[$fld]['error']){
		case 0:
			if($file->validateFile($fld)){//if valid file
					if(move_uploaded_file($_FILES[$fld]['tmp_name'],$path."/".$name)) $this->message="Track Uploaded!!!";
			} else { //if not valid file
				$this->message="Uploaded file in not Valid!!!".$file->result;
			}
			break;
		case 1:
			$this->message="Upload File exceeded Maximum file size allowed by the server.";
			break;
		case 2:
			$this->message="Upload File exceeded Maximum file size allowed.";
			break;
		case 3:
			$this->message="Uploaded file was only partially uploaded.";
			break;
		case 4:
			$this->message="No File Uploaded.";
			break;
		case 6:
			$this->message="Temporary file folder missing.";
			break;
		case 7:
			$this->message="Failed to write file to disk.";
			break;
		case 8:
			$this->message="File upload stopped due to extension.";
			break;
	}
	return $this->message;	

//Whats all this down here!!
	}ield; //Whats ield;
		return false;
		}	
	}

What's with the stuff at the end? Also, it would be helpful to see the move_uploaded_file() function...

http://www.w3schools.com/php/func_http_header.asp

The header() function sends a raw HTTP header to a client.

It is important to notice that header() must be called before any actual output is sent (In PHP 4 and later, you can use output buffering to solve this problem):

<html>
<?php
// This results in an error.
// The output above is before the header() call
header('Location: http://www.example.com/');
?>

I apoligize for suggesting this, but I noticed that you use 'echo "<meta http-equiv=\"refresh\" content=\"0;URL=change.php\">";' and 'echo "<meta http-equiv=\"refresh\" content=\"0;URL=admin.php\">";'. There is a better method of redirecting users it also has less over head I think on both sides of processing the web page/there is less typing involved which makes development easier. I thought I could pass this on for future reference for you.

As example:

header("Location: admin.php");

By the way have a great day. :)

Matthewl beings up a good point. The only problem is that once you have placed content on a page (He has already echoed a table), neither the meta tag (which belongs in the head) nor the header() function (which only works before there is any text outputted) will work. This also made me realize that not only is this script incorrect in PHP, but also is not a valid HTML document (There is no HTML, HEAD, or BODY tags!).

First off, Your Welcome! :D
About that line: I didn't realize that you used that result variable so here is the corrected version with explanation.

$result = mysql_query("DELETE FROM $tbl_name WHERE id='".mysql_real_escape_string($del_id)."'") or die("Query Error!");

First off, never echo the actual MySQL Error to a page visible to anyone. This could cause the integrity of your database to be sacrificed (I always test a script and if it doesn't work, run the problem queries through the PphMyAdmin Sql section). Next, the mysql_real_escape_string() is so that malicious users can't perform a MySQL Injection attack on your script (Looking at it now it seems pretty vulnerable). And the reason for the quotes is basic PHP. When you put a function result in a string you have to put a quote that started the string (In you case the ", double quote, from "DELETE) to tell PHP execute this and then a period, the function, and another period and quote. In your case you also need to include the MySQL ' and ' (single) quotes so that MySQL determines that $del_id .
Beyond that I just realized that your implementation with the checkboxes it incorrect. $_POST[] variables are not arrays, they are strings (or integers, etc.). So in this case you will need to change the code that creates the checkboxes. I also determined that their are problems way beyond the scope of this post. For one, you add a meta tag to a page that has content. (In PHP you …

It doesn't appear that you accidentally delete the song file in that code, nor do I spot any problems. I believe we need to see where you define your class "general" (Taking a good guess I would say that's in models/general.php).

How about this:
login.php

<?php
if($_POST['submit']=="Login")
{
  switch($_POST['t'])
  {
    case 1: header("Location: admin.php"); break;
    case 2: header("Location: faculty.php"); break;
    case 3: header("Location: student.php"); break;
    default: break;
  }
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<form action="login.php" method="post">
Username: <input type="text" name="u" /><br/>
Password: <input type="password" name="p" /><br/>
<select name="t">
  <option value="1">Admin</option>
  <option value="2">Faculty</option>
  <option value="3">Student</option>
</select>
<input type="submit" name="submit" value="Login" />
</form>
</body>
</html>

I believe you problem is you are looking in the wrong spot. It looks to me like the file in your screenshot was uploaded to /web/htdocs/m/s/41/f/793/f41-793.ogg, but I can't tell. Could we see some code so that we can determine where the files are going. Also, I would add an index to pnp.bojam.com/php because any client can view the file listing for that directory. EDIT: For now though, if you don't mind: please don't create an index so that I can take a look at your file structure. You can add an index after you problem is solved!

If your going to ask a question, please use clear English that we can all understand, and add some more detail. Explain exactly how to reproduce the problem. Then we will be able to help you.

I believe you already asked this question...http://www.daniweb.com/forums/thread210224.html

Here is your problem area:

$checkbox = $_POST[checkbox]; //Problem #1
if($_POST['delete']){ //Problem #2
echo "test"; //Nice Debugging But This Should Fix It So We'll Remove It
for($i=0;$i<$count;$i++){
$del_id = $checkbox[$i]; //Problem #3
$sql = "DELETE FROM $tbl_name WHERE id='$del_id'"; //And to save a line We'll condense this
$result = mysql_query($sql);

Problem #1
This line should be:

$checkbox = $_POST['checkbox[]'];

This is because the name of the checkbox is checkbox[] and $_POST['checkbox[]'] holds the value.

Problem #2
This line should be:

if($_POST['delete']=="Delete"){

This is because the submit button is named delete and when clicks sends the post variable $_POST['delete'] with the value "Delete".

Problem #3
You don't need this line. As I mentioned in Problem #1, the variable $checkbox will contain the id that you seek in this line.

Housekeeping
I always hate when people make a variable to pass to a mysql function. Why not just put it in the function like this:

$result = mysql_query("DELETE FROM {$tbl_name} WHERE id='".$del_id."'");

You should also know that your script is vulnerable to a MySQL Injection. So I would protect against that (See below I did it for you).

The End Result
So fixing all those lines would make the problem area look like this:

if($_POST['delete']) {
$checkbox = $_POST[checkbox];
for($i=0;$i<$count;$i++){
mysql_query("DELETE FROM $tbl_name WHERE id='".mysql_real_escape_string($del_id)."'");

Try that out and see if it works. You also have a few other little things that are making your code longer. If you absolutely want to, post …

@Dukane
You made the same error as Newbi..the correct code is below (Don't worry about it, I've made worse mistakes :D):

while($info = mysql_fetch_array($result))

The reason for this is as Dukane explained...When you perform a query the query string is executed with the mysql_query() function. This function returns a special MySQL Result that you can then pass to mysql_fetch_array() or any other MySQL Result functions.

To start, HTTP_REFERER is not an IP address, but the URL of the page that sent the client to the current page. You need to use REMOTE_ADDR to get the users IP address (And just so you know clients can hide their IP address behind a proxy which will give you inaccurate results, but you shouldn't worry about that). To store IP addresses in a MySQL database I use varchar with a length of 15 characters (Which is the length of the longest IP address possible 255.255.255.255).
To determine if the value of a variable is inside a string I use:

if(strstr($string, $value)) echo "Found '".$value."' in the string.";
eles echo "Didn\t Find '".$value."' in the string.";

Where $string is the string to search and $value is the value to search for.

And I'm assuming that you poorly-worded last question is asking: what is an easy way to upload an array of strings to a database? I would create a separate table with a row for the array number (A number unique to each array), the element position in the array, and the string. This way adding arrays is easy (Just find the unique array id and insert each string with the array id and the string position), and searching is a breeze.

Here's how this one works. I'll start by posting one line of PHP script. The next person to post will add another line and copy the script into their post. You will simply add a line of PHP code to the script everyone wrote above you. Also don't forget to use CODE tags and try to write your line based on the code in the post above you.
The first line:

session_start();

That's great that you got it to work! If you don't have any more questions...would you please mark this thread as solved?

The problem is with the descriptions. It's just that IE will stop working on errors while most other browsers will try to continue. Specifically, the problem with your code is with line 248. Specifically the line that contains:

description = this.getDescription();

I would delete that line if the image descriptions are not important (which they probably are). I'll investigate more and see what the specific problem is with this line. IE claims it as: "Object doesn't support this property or method." Did you write this code yourself or do you know if there is any documentation that we can examine? It would help to have some kind of explanation for the code.

You can do it pretty easily in PHP with the mail() function. To do this though you would need to change the action attribute on your form tag to your PHP script. Then construct the message in PHP and use the mail() function to send it. For more on mail() see W3Schools and the PHP.net Reference.

Nice article...though I must agree with the comments and say that rel isn't rarely used. And the wbr tag: never heard about it before! Sounds useful.

Well at first glance it looks like your JS file contains some JQuery, so I would start by making sure you have the JQuery library included in your page. It would also help if you could give us the address of the gallery page as it might aid in finding the problem.

Hello,

as the "Flash Creations " said, emailto is only to be used through html.... you can jst print it in php

like

print"<a href="emailto:abc@def.com" > Send mail</a>"

Yes, but as far as I know, it's mailto: not emailto: .

You're welcome. You know you can also create your own contact form (In a language such as PHP or by using a free service) so that no one would know your email, but that is totally up to you. I ask though if you have no further questions to mark this thread as solved.

Ok I didn't realize that...whoops! Anyway I believe bgeisel meant for you to get the author name first and replace the ... with the_author(). So something like this:

<?php
if (!get_the_author()=="admin")
{
echo "        <div class='dateauthor'>";
echo "            <small class='capsule'>".the_time('F jS, Y')." by ".the_author(); 
echo "			</small>";
echo "        </div>";
}
?>

Correct, unless these bots can register on your sites and access the page with your email. You can always protect your email simply by making it an image and putting that image on your page instead of using a plugin like this.

You don't need PHP to do this! All you need is some JavaScript:

<html>
<head>
<title>Gender  Drop Down Test</title>
<script type="text/javascript">
function selectGender(value, id){document.getElementById(id).value=value;}
</script>
</head>
<body>
I'm a 
<select name='gender' id='malefemale' onChange="selectGender(this.value, 'heshe');">
  <option value='0'>Male</option>
  <option value='1'>Female</option>
</select>.<br />
<p>
<select name='gender' id='heshe' onChange="selectGender(this.value, 'malefemale')">
  <option value='0'>He</option>
  <option value='1'>She</option>
</select>
 wrote this paragraph.</p>
</body>
</html>

If you use wp_list_authors(); it should by default exclude the admin account. If not you could try:

Posted By: <?php wp_list_authors('exclude_admin=true&hide_empty=true'); ?>

See The Codex Page for wp_list_authors() and The Codex Page on Author Templates for more.

Well this wouldn't be PHP, it would be HTML and maybe JavaScript. You could create a link on your page like this:

<?php
echo "<a href='mailto:email@domain.com?subject=Email Subject&body=Insert HTML table here and chart here' id='emailLink'>Send Email (Opens in Outlook)</a>";
?>

For more on mailto: syntax see this page.
And you could even go the extra mile by adding this JavaScript code so that the link is automatically clicked when the page loads:

<script type="text/javascript">
clickEmailLink(){document.location.href=document.getElementById('emailLink').href;}
</script>

This would require you to add onload="clickEmailLink();" as an attribute to your body tag. Like this, in case you were wondering:

<html>
<head>
...
</head>
<body onload="clickEmailLink();">
...
</body>
</html>

You must understand that not everyone in the word has Outlook or uses it. Unless you're positive that all of your users use Outlook, I would try for a simple PHP mail() command that would first print the message for the user to approve. Then once it was approved, the message would be sent by another PHP script.

That works perfectly!! Thanks so much!!

Hi,
I've been designing a web application that scales to fit the available window space in the web browser so that there is no need to use the scroll bar (and the whole point of the application is to fit the window). I've already figured out how to catch resizes and change the height of the elements on the page (It's pretty simple using onload, onresize and document.getElementById().style.height), but I can't seem to get an accurate height to scale the web content with. The height I want is not the height of the document (Which would be the height of the content...which is what I'm trying to change in the first place!) and not the height of the window (Because if I'm not mistaken that includes the status bar, the tab bar, the URL bar, etc. which can vary between browsers). I need the height of the available web space that I can fit my content into. This would be the space between below the tab bar and above the status bar (To make my height as clear as possible I've provided a link to a screenshot). How can I get this height with Javascript (And I really need it to be cross-browser because I want this app to be able to work on multiple browsers)?
Thanks,
FlashCreations

Screenshot (For some reason the DaniWeb Attachment System just refuses to upload my image and gives me a blank page each time I upload the screenshot so I'll …

Ok so I did figure out how to fix the post width problems with the help of some CSS on this page. What I needed to do was simply set a margin on the side the post details would appear of 120px. This would offset the post to be to the right or left of the post details. I still have the problem with the links to the Home page, New Posts, Members, etc. not being centered and padded correctly. I would like to have them padded so that they fill the greybox exactly. Any ideas...or should I just leave this be?

I could try, but here's the problem. The user details that appear beside the post have a set width. I can't use a percentage because of this. I need the post to fill up just the area it is given. I have partially fixed the problem by not aligning the posts to the left/right and removing the width, but for some reason there still is an issue with overlap.

Here is a before and after preview of what I am trying to accomplish....(screen-shots attached)

You bring up a good point JugglerDrummer. I guess as long as my site works for 1024x768 and up I'm good. But, I still can't figure out why my post boxes won't fill the whole area given to them though! Any ideas?

Here is your code for the specific user variable. You must understand that for each user you need to create a new folder with an index.php containing the same code each time.

$tmp=explode("/",$REQUEST_URI);
$specific_user =  $tmp[count($tmp)-2];

Have you started the session with session_start() elsewhere on this page?

That is true sDJh, but wouldn't this mean that spank would have to create a folder and index.php for every user the registers? Still though, I like your solution (My other plan was using almost exactly your idea except the URL would be /user.php/username but that wasn't exactly what was required).

Well first off there is an error in your code:

$public $message = "..."; //Not correct what's the first $ for
public $message = "..."; //Corrected!

And yes there is a way to do this. Since the son extends the father I would say simply use echo $this->message . If that doesn't work you could always make message a constant:

const message = "..."; //Notice that the constant name has no $ before it

With that code you could write message from the father with echo Son::message .

Make sure that you have no html or other text written with echo before that or any html or text before the <?php tag. This could be something as simple as a space:

<?php //Notice the space here
header("Location: thiswillnotwork.html");
?>

And can easily be fixed by removing the extra space or characters:

<?php //No spaces so the header call should work along with the use of session vars 
header("Location: thiswillwork.html");
?>

I also find it to be a good practice to begin the session right after the <?php tag if I am using it in that script.

That seems like a great idea, being that it just doesn't want to properly align to the center. And I have tried it and it worked quite well. People with small screen resolutions will have a double height bar, but oh well. There just doesn't seem to be away to get the li's to adjust their widths to fit a one line nav bar. I won't worry too much about that because DaniWeb has some bugs too. There is still one issue I need to deal with and that is the div boxes with class post not stretching to fill the available area. On larger screen resolutions the posts are very small and there is lots of white space between the post and the user details. Here is my code:

<div class="full-post">
	<div class="post-details pst-left">
		<a href="#"><strong>phpmycoder</strong></a>
		<img alt="phpmycoder's avatar" src="http://assets.phpmycoder.net/images/logo.jpg"/>
		<ul>
			<li><strong>Site Admin</strong></li>
			<li>Posts: <strong>947</strong></li>
			<li>Reputation: <strong>20</strong></li>
		</ul>
	</div>
	<div class="orangebox post pst-right">
		<h3>Test Post</h3>
		<small>Posted on May 16, 2009 12:00 PM</small>
		Test Post
		<div class="divider"/>
                Test Signature
	</div>
</div>

And the CSS:

.orangebox { background: #FF9900; border-bottom: 1px solid #FF6600; border-left: 1px solid #FFCC00; border-right: 1px solid #FF6600; border-top: 1px solid #FFCC00; color: #FFFFFF; margin-bottom: 5px; }
.orangebox a, .orangebox a:visited { color: #CCC; text-decoration: underline; }
.orangebox a:hover { color: #999; text-decoration: underline }

.full-post { float: left; margin-bottom: 7px; width: 100%; }
.post { min-height: 145px; padding: 3px 3px 3px 3px; width: 670px; }
.pst-right { float: right; }
.pst-left { float: …

Oh wow I didn't realize that this thread was that old. Now that I think about it....was jQuery even around back then?

It looks like you need htaccess code. This will make a rule on your webserver to call a server file (I'll call it user.php) with details from your url.

RewriteEngine On
RewriteRule ^/user/([A-Za-z0-9]+)/?$ user.php?username=$1

With this code in user.php username would be a GET variable you could use. Also, I would suggest making the URL's /user/username/ instead because lets say a user called themself index.php. Then this code would redirect that to their page. There is a way around this but I would require me to know every page on your site. It's just easier to use the /user/username structure.

What about JQuery?? jQuery Documentation: http://docs.jquery.com/Ajax/load#urldatacallback
If not maybe try this code:

/*For safety reasons I would only allow the PHP file to determine the location of the file...if you want the ability to pick your file just post and I will modify my code*/
$file = "test.txt"
//Test if file exists
if(file_exists($file))
{
    //Open the file in read mode
    $fp = fopen($file, "r") or die("Error: Cannot open file");
   //Cycle through file
   while(!feof($fp))
   {
      //Return the file for AJAX to use
      echo fgets($fp);
   }
}
else { die("Error: Cannot find file"); }

Fist off a few questions before I start helping you with you code:

1. Do you have any code yet? If so may we see it?
2. What file type do you want to save as? (You mention both PNG and GIF in your post)
3. Do you want to rotate the image or do you want an animation of the image rotating? (GIF's can contain short animation and you mentioned them)
4. And finally, if you only want a rotation...do you know how many degress? (It's alright to if that will be determined by user input.

If you could answer these, I will have a better understanding of what you are doing and be able to help you with your problems.

Here is my CSS for the navlist...

<ul class="greybox navlist" id="navigationbox">
            <li><a href="#"><span>Home</span></a></li>
            <li><a href="#"><span>New Posts</span></a></li>
            <li><a href="#"><span>Members</span></a></li>
            <li><a href="#"><span>Stats</span></a></li>
            <li><a href="#"><span>Rules</span></a></li>
            <li><a href="#"><span>FAQ</span></a></li>
	    <li><a href="#"><span>Search</span></a></li>           
</ul>

And the CSS looks like:

#navigation #navigationbox { margin: 0 33% 7px; } /* Note that the id navigation belongs to a div that this navlist is in */
/* 33% margin is experimental.....and breaks down with screen size 640x480 */

.greybox { background: #CCCCCC; border-bottom: 1px solid #999999; border-right: 1px solid #999999; color: #FFFFFF; margin-bottom: 5px; }

ul.navlist { display: inline-table; height: 20px; margin-left: 25%; width: auto; }
ul.navlist li { display: inline-table; height: 20px; list-style: none; margin: 0; padding: 0; }
ul.navlist li a, ul.navlist li a:visited { background: #CCC; color: #FFF !important; height: 20px; padding: 0px 7px 5px 7px; text-decoration: none !important; }
ul.navlist a:hover { background: #999999 !important; color: #FFF !important; text-decoration: none !important; }
ul.navlist li a span { vertical-align: middle; }
/* Note: The !important's are due to another part of the CSS document that define the color and background properties to be different (For another part of the site) */

So wait...you want a web application programmed in PHP that can monitor your activity on a website that will then simulate the activity again? By simulate do you mean to reproduce with the exactly same interactivity that you had before? (In that case, do your tests and note what you did then whenever you need to present what you did, open the website and follow your notes). If what you are looking for is something to record a video of what you are doing that would allow views so see everything you do on your computer screen.....then this is not the right place. I can point you to a good software for this. It's called CamStudio. It's a screen capturing program that's pretty simple to use. Google search for it and download it (It's free!) and then simply record your "scenarios". And if that's not what you are looking for, could you please be a bit more descriptive about what you want.

Hen, Lie, Lighten, Line, Lit, Ten

victory

Ok so I did fix the center align nav menu (It's still not perfect...640x480 people aren't going to like the look of it to much so if there is any other fix, please post!! :) ). Aside from that...any ideas on the post width problem not filling the whole given area?