Posts by broj1

I haven't tested the deleting itself. Judging by example here the filename is enough if the file is in the same directory as the script. You can try both versions (without and with the path) and see if they work. If you have troubles I can do a test but not before tomorrow night (it is just past midnight here now |-)).

The checkbox names should have values equal to filenames so you get the array of filenames to delete in $_POST:

echo "<tr>
    <td width='400'> $file </td>
    <td > <input type='checkbox' name='formImage[]' value='$file' />&nbsp;<br /> </td>
    <td> <img src='{$handle}/{$file}' style='width:50px; height:50px;' />
    </tr>";

I optimized the code for deleting a bit:

if(isset($_POST['formImage']) && !empty($_POST['formImage'])) {

    foreach($_POST['formImage'] as $filename) {

        // check first if file exists
        if(file_exists($filename)) {

            // delete it only if it exists
            unlink($filename);

        } else {

            // if it doesnt exist display an error message
            echo "Could not delete file $filename}<br />";
        }
    }
}

Sory to missled you in my previous post. It was because I was replying on two similar posts and have mixed things up.

Sorry, I lead you on the wrong track. The $_POST array contains only the values (1) of the checked checkboxes. Give me a minute to study your code, I'll be back.

Sorry to not point it out:

In the example I have used mysqli extension which is newer than mysql extension and is preffered over mysql. See this topic.

mysqli extension comes in two favours: procedural style and object oriented style in other words all functions have both variants and it is up to you to choose which one to use. Here you can see examples how to use mysqli to query a database procedural way and object oriented way. I used the later in my post above.

What is actualy in the $_POST array and consequently in the $a? Could you put ththe following debug line in and post the result?

if(isset($_POST['formImage']) && !empty($_POST['formImage'])) {
    //DEBUG
    die(print_r($_POST, 1));

    ...

Use is_numeric function.

if(is_numeric($string)) {
    $float = (float) $string;
}

It could be that the first snippet is playing up. Why do you have two for loops, if only one would do? And sticka an if(file_exists($a[$i])) check before deleting:

if(isset($_POST['formImage']) && !empty($_POST['formImage'])) {
    $a = $_POST['formImage'];
    $N = count($a);
    for($i=0; $i < $N; $i++){
        // check first if file exists
        if(file_exists($a[$i])) {
            // delete it only if it exists
            unlink($a[$i]);
        } else {
            // if it doesnt exist display an error message
            echo "Could not delete file {$a[$i]}<br />";
        }
    }
}

Sure. It is good to have a firm plan before you start coding. Some of us do not have this privilege and have to code for living without a detailed plan (or specifications). These days they call it agile programming :-).

Anyway, come back if you are stuck with coding.

Can you post the snippet of code that causes troubles?

Give each textbox a name that has and ID of the record in it (hopefully you have a primary key in the table, you can use it for this purpose). If you have any code yet I can show you what I mean. Or if I put it in a made-up example:

// reading the rows from database
while($row = $result->fetch_row()) {

    $input_name = $row['id'];
    $input_value = $row['score'];

    ...
    echo "</td><input type=\"text\" name=\"input_name\" value=\"$input_value\" /></td>";
    ...
}

Or to make sure file exists:

for($i=0; $i < $N; $i++){
    echo($a[$i] . " ");
    if(file_exists($a[$i])) {
        unlink($a[$i]);
    } else {
        echo "Could not delete file {$a[$i]}<br />";
    }
}

To delete files from the filesystem you have to use unlink command:

for($i=0; $i < $N; $i++){
    echo($a[$i] . " ");
    unlink($a[$i]);
}

You might have to construct the path to the files first, if the file is not in the current directory. Also permissions have to be correct to delete.

My opinion: making your own database class might be worth only if you are doing it in order to learn about database handling and OOP. If you need a good and verstaile db class there are many arround which have been developed by dedicated people/teams and through considerable amount of time spent. I use Pear MDB2 class which has thousands of lines of code and works very well (OK, it still has some shortcommings). It is good to have a look at the source code there and you will find many good ideas like transactions, prepared statements, quoting, escaping etc. It abstracts database functions so they are usable for many different databases (mysql/mysqli, mssql, oracle ...).

if(isset($_POST['formImage']) && !empty($_POST['formImage'])) {

    // do what you like with it
}

How do you track if user is logged in? It would help if you posted some code.

Usually users are tracked in session array so if you use this method, check the values there. something like:

// start the session (on the very top of the script)
session_start();

// if user is logged in echo the html for links
if(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == true) {

    echo '<a href="logout.php">Logout</a>&nbsp;|&nbsp;';
    echo '<a href="profile.php">Profile</a>';
}

Don't slap it too hard, you might still need it :-)

What has the action attribute of your form been set to? If form posts to the same page (#) then set the action to the page name without the querystring, something like:

$action = parse_url(__FILE__, PHP_URL_PATH);
echo "<form action='$action'>";
...

A quick debugging technique is to check the contents of variables at various stages using a combination of echo, die() and print_r() functions:

$sql = mysql_query("SELECT * FROM teachersubject WHERE teacherID ='$id'");
while($test = mysql_fetch_array($sql))
{        
    // inspect the contents of returned row
    echo(print_r($test, 1)) . '<br />';

    $subjectid=$test['subjectID'];

    // inspect the contents of subjectID
    echo "subjectID: $subjectid<br />";

    $getsubject=mysql_query("SELECT * FROM subject WHERE subjectID='$subjectid'") or die(mysql_error());

    // inspect the query (you can copy it to phpmyadmin)
    echo "getsubject: $getsubject<br />";

    $getthis=mysql_fetch_array($getsubject);

    // inspect the value of $getthis
    echo('getthis:' . print_r($getthis, 1));  

    // you can stop after the first loop to check the values for first row in your time
    die('----------------');

    echo "<option value=".$getthis['subjectID'].">".$test['subjectCode']."</option>";
}
mysql_close($conn);

This way you it will be easier to spot the errors.

I would do it simple way without regular expressions which are not very efficient:

$allowed = array('Indiana', 'Ohio');

if(!in_array(allowed)) {
    $errors .= "You have entered the wrong state."; 
}

And also make sure the directory you try to write into is writable by the web server process owner (apache or httpd or something else). If you are on Windows make sure you set the path correcty (maybe you have to use backslashes and maybe they have to be escaped)

Have you tried with a simple test:

$html2pdf->writeHTML('<p>THIS IS A TEST</p>');
$pdf->Output('/xampp/htdocs/campion/css2/test.pdf','F');

Can you state what exactly is not working. Do you get any error messages? You can test the output method by trying a simple html like:

require_once(dirname(__FILE__).'/../html2pdf.class.php');
try {
    $html2pdf = new HTML2PDF(); // you can use the default parms
    $html2pdf->setDefaultFont('Arial');
    $html2pdf->writeHTML('<p>THIS IS A TEST</p>');
    //$html2pdf->Output('monthly.pdf');
    //$pdf->Output('../css2/monthly.pdf','D');
    $pdf->Output('/xampp/htdocs/campion/css2/monthly.pdf','F');
    //$html2pdf->Output('C:/xampp/htdocs/campion/css2/monthly.pdf','I');
}
catch(HTML2PDF_exception $e) {
    echo $e;
}

to try to narrow down the possible causes for errors.

Use the Output method with appropriate parameters depending on what you want:

http://wiki.spipu.net/doku.php?id=html2pdf:en:v4:output

The pages have to be in the directory that Apache is configured to serve. In Linux this is often /var/www/html. The Apache directive that defines this directory is in httpd.conf and is called DocumentRoot. So in above example in Linux it would be DocumentRoot "/var/www/html". And of course Apache server should be started. In case apache is located on the same machine as the browser, just access the page by localhost in the location as leviathan185 posted above.

This is how I would do it:

<?php
if (@$_GET['action'] == "Save") {
    if(
        @$_GET[idnum]==null   || 
        @$_GET[fname]==null   || 
        @$_GET[lname]==null   ||
        @$_GET[midin]==null   ||
        @$_GET[gender]==null  ||
        @$_GET[bdate]==null   ||
        @$_GET[course]==null  ||
        @$_GET[year]==null    ||
        @$_GET[address]==null ||
        @$_GET[cnum]==null
    ) {

        echo "<font size=5><center>Fill-Up First the Provided Information<br>
        <button type=button onclick=history.back();>Back</button></center></font>";

    } else {

        // first check whether a combination of first name / last name
        // already exists in the students table

        // very important: escape the values before sending the query to the database
        $fname = mysql_real-escape_str($_GET['fname']);
        $lname = mysql_real-escape_str($_GET['lname']);
        $check_qry = "SELECT COUNT(*) FROM students WHERE fname='$fname' AND lname='$lname'";

        // send the query to the database
        $result = mysql_query($check_qry);

        // get the number of rows returned
        $num_rows = mysql_num_rows($result);

        // if number of rows equals 1 or more than the combination of 
        // first name and last name already exists in the table
        if($num_rows >= 1) {

            echo "The person $fname $lname already exists in the database!";

        // if number of rows equals 0, do the insert query
        } else {

            // security first: escape all the values before inserting them in database
            $idnum    = mysql_real_escape_string($_GET['idnum']);
            $midin    = mysql_real_escape_string($_GET['midin']);
            $gender   = mysql_real_escape_string($_GET['gender']);
            $bdate    = mysql_real_escape_string($_GET['bdate']);
            $course   = mysql_real_escape_string($_GET['course']);
            $year     = mysql_real_escape_string($_GET['year']);
            $addressm = mysql_real_escape_string($_GET['address']);
            $cnum     = mysql_real_escape_string($_GET['cnum']);

            // prepare the insert query
            $ins_qry  = 'INSERT INTO students ';
            $ins_qry .= '(idnum,fname,lname,midin,gender,';
            $ins_qry .= 'bdate,course,year,address,cnum) ';
            $ins_qry .= 'VALUES ';
            $ins_qry .= "('$idnum','$fname','$lname','$midin','$gender',";
            $ins_qry .= "'$bdate','$course','$year','$addressm','$cnum')";

            // execute the query
            @$result = mysql_query($ins_qry);

            echo "<font size=5><center>Record Successfully Added<br>
                <button type=button onclick=history.back();>Back</button>
                </center></font>";
         }
    } …

In the last code you posted there are lines that you never posted before. Now seeing this my code dees not fit into your code since it is duplicating the functionality. If this is your last version then I will have a look at it tonight when I have some time (other post are welcome).

I wrongly accused the Firebug add-on of crashing my browser in my post above, my apologies to girls and guys at getfirebug.com/. I haven't got Firebug installed at my work laptop but FF is crashing anyway.

The add-ons I have here at work are:

• ColorZilla 2.8
• Javascript debugger 0.9.89
• Live HTTP headers 0.17
• View source chart 3.05
• Web developer 1.2.2

Las crash occured about an hour ago. I also filled a bug report to Mozilla.

Now, I am not sure how much time is it worth to be spent on this issue. I disabled adds again and have no problems and am happy with that. But I will keep watching this thread if anyone wants more info from me. And I gave mayself a task of enabling adds every now and then, checking them out and disabling them again to make sponsors happy.

In that case first check whether the firstname/lastname pair already exist:

$fname = mysql_real-escape_str($_GET['fname']);
$lname = mysql_real-escape_str($_GET['lname']);

$check_qry = "SELECT COUNT(*) FROM students WHERE fname='$fname' AND lname='$lname'";

If this query returns 1 (or more) rows the firstname/lastname pair is not unique.

Please post here what is the output of the first die() statement.

Make the ID of a record in your students table autoincrement and use it as a primary key. If this is not an option, check for existence of the record first with SELECT COUNT(*).

A note on security: do not use $_GET array values directly in your insert query since you are asking for SQL injection. Validate, sanitize and escape them first.

While we are at it, the editors play some part here, too. If you are on windows have a look at Notepad++ (http://notepad-plus-plus.org). It is nice free editor that higlights html, css, javascript, php and others and makes mistakes stand out so they are easy to spot and correct. I prefer coding html by hand (not with WYSIWYG editors) so I exactly know what is going on.

Put this in the beginning of your script:

<?php
// if values exist in $_POST, insert them in the database
if(isset($_POST['product_id']) && isset($_POST['country_id'])) {

    // uncomment this to inspect the $_POST array
    // it should contain product_id and an array of country_ids
    // die(print_r($_POST, 1))

    // product ID
    $product_id = $_POST['product_id'];
    // begin the query
    $query = 'INSERT INTO countries_product (coutry_id, product_id) VALUES ';
    // add coutry ID's
    foreach($_POST['country_id'] as $country_id) {
        $query = "($country_id, $product_id),";
    }
    // remove trailing comma from the query
    $query = rtrim($query, ',');

    // uncomment this to debug the query
    // you can copy the displayed query in phpmyadmin
    // die($query);

    // execute the query (I presume the db connection is already established)
    mysql_query($query);
}
?>

This is the processing part. It will only when the form has been submitted and will run the update query. You have two die commands in the code. Uncomment the first one to see whether the $_POST array contains valid values. Uncomment the second one to display the generated qury to see if it is OK. You can post the output of both commands here if you have more troubles.

A problem could lie in the select element in the code below:

while ($cat_row = @mysql_fetch_object($cat_rs)) {?>
<option value= '1' <?php echo $cat_row->country_id; ?> > <?php echo $cat_row->country_name; ?> </option>
<!-- <option>UAE</option>
<option>KSA</option>

where statement <option value= '1' should be only <option value= (omitting '1' which is read from $cat_row->country_id). Please check the generated HTML source in a browser (right button -> view source, or something similar). If there are errors in HTML, they would be hihlighted (at least in Firefox).

Sometimes it is easier if html and php is not mixed too much. I would code it this way (so code for options gets echoed in one statement and you can easily spot errors):

while ($cat_row = @mysql_fetch_object($cat_rs)) {
    echo "<option value='$cat_row->country_id'>$cat_row->country_name</option>";
}

If HTML code is allright the error could be in the processing part of your script which is not in the posted code above. it would be good idea to test for the values of $_POST and the query before it is submitted.

// if values exist in $_POST (or $_GET if you use it)
if(isset($_POST['product_id']) && isset($_POST['country_id'])) {

    // product ID
    $product_id = $_POST['product_id'];

    // begin the query
    $query = 'INSERT INTO countries_product (coutry_id, product_id) VALUES ';

    // add coutry ID's
    foreach($_POST['country_id'] as $country_id) {

        $query = "($country_id, $product_id),";
    }

    // remove trailing comma from the query
    $query = rtrim($query, ',')

    // execute the query
    ...
}

Add a bit of security checks to this. If IDs are integers it is good to cast them to integers to avoid SQL injection attacks.

$product_id = (int) $_POST['product_id'];

or use is_numeric checks

if(isset($_POST['product_id']) && is_numeric($_POST['product_id']) && isset($_POST['country_id']) && is_numeric($_POST['country_id']) ) {
    ...
}

Seems like I marked this as solved a bit too early.

Last night I did a test. I disabled all my add-ons and no crashes for next hour. Then I gradually enabled add-ons one by one. The last to be enabled was Firebug 1.9.2. and when it was FF soon crashed. After disabling it again no crashes. But I can not for sure since Firebug is enabled again and today no crashes.

I use the following add-ons:

• Firebug (1.9.2)
• Live HHTP headers (0.17)
• PHP developer toolbar (3.0.5)
• Web developer (1.2.2)

Maybe others can list their add-ons and we can find the lowest common denominator to concentrate on.

I can not comment on Flash since I have never used it on my sites. I had an odd bad experience with sites using Flash in past (see note below) but that does not mean that I can criticize it right away. I think it is a tool to use for some special group of customers (musicians use it often maybe, and artists due of many possibilities for rich visual content and interacion) but more important these days is progresive enhancement (supporting many browsers), SEO friendlines (search engines find you and rank you high), maintanability, scalability, which are quite harder to reach with Flash.

HTML5 and CSS3 are still finding their places in web browsers. Together with Javascript these technologies will enable much more riches and probably do what Flash already does today. I think it is worth learnig them since they are standardized and not proprietary - but this is my personal view, I do not want to start new war :-)

Just a note: last night I was going to check on http://www.felixbaumgartner.com/ how preparations go for the maddest skydive in human history and saw only a black screen in my Firefox on Fedora linux. I had to hack for next quarter of hour to access the content which is in Flash.

Hi Tomas and welcome.

The answer is: Java is not neccessary. To create a website, theoreticaly, HTML is enough. In practice CSS is a must also (to make page look nice and to de-couple contents and design) as well as Javascript (to do many client side things like form validation etc). Now, more complex web applications deal with data which will bring you to server side scripting and databases. Here, Java can be used a sa a server side tecnology, it is powerful and professional web server platforms exist. But I am not really knowledgeable here, I use PHP - avery popular server scripting language. Others are Ruby, ASP variations etc. On the database side MySql is very popular since it is opensource (free) and widely supported. But you are not limited to mySql if your company owns (or you are skilled in) some other DB system.

In other words: Java or not Java: there is a lot to learn (continously).

Have you tested what are the values are in the $_GET? Are they comming from a form or you construct a URL + query string some other way? You should always check for posted values:

if(isset($_GET['file']) && isset($_GET['image'])) {
    $file = $_GET['file'];
    $image = $_GET['image'];
} else {
    // handle error as apprpriate for your app
    // i.e die...
    die('Error: File or image missing!');
}

You should not if you put the above statement in the action page. Which is your action page? Is it the same page as the form or is it a separate page? You have to check for the $_POST to find a bug. Maybe you post the whole script.

$bots is an array of beginning of term marks copied from $_POST['bot'], which is an array of beginning of term marks returned from your form. $bots serves as a parameter for the foreach loop and is expected to contain the same numnber of marks as the arrays $mts and $eots.

In case $bots is not set (does not exist) you get the above error. To figure out the value of $_POST (used for $bots) put this debug code in the beginning of your action page:

die(print_r($_POST, 1));

and post here the output. This command will output the contents of $_POST array after submitting the marks and stop the script.

OK, I get it. You want to sum the total price for a product coe and a selected date, I guess. The query should be something like:

$query = "SELECT *, SUM(total_price) AS sum_total_price FROM order WHERE date = '$date' GROUP BY product_code ";

As you can see you can get the result just by preparing appropriate query. You might want to ask also in a mysql forum here on DW if you need more complex queries.

If by email brodcast you mean sending mail to many recipients using php then look at swiftMailer.

http://swiftmailer.org/

It is not evident from your code where the $price is getting echoed. This should work:

$result = mysql_query("SELECT * FROM `order` where date = '$date' ");

        $price = $row['total_price'] + $row['total_price'];

        echo "Double price is $price<br />";
}

as long as $row['total_price'] exists and has some value;

It helps. It was actually not myintention to disable adds but now FF at least does not crash. Thnx, I'll mark it solved.

@Bachov Varghese
Your solution is more elegant, good stuff. The query could be made in one go as well:

if($_POST['add_marks'] ==1)
{
    include('includes/connect.php');
    $bots =$_POST['bot'];
    $mts=$_POST['mt'];
    $eots=$_POST['eot'];

    $insert = "INSERT INTO marks(beginning_of_term,mid_term,end_of_term) VALUES ";

    foreach($bots as $key=>$bot)
    {
        $insert .= "('$bot','$mts[$key]','$eots[$key]'),";
    }

    insert = rtrim(insert, ',');

    $execute_insert = mysql_query($insert);
}

Hi there

It's not a complaint just a note: when I hover over the adds on DW pages my Firefox often crashes (and says 'Well, this is embarassing...'). I learned to live with that (patience is my strong attribute) but thought you might want to know (also I do not want to embarass Firefox too much).

My Firefox is 15.0.1 (some older versions were crashing, too) on Fedora 17 64bit.

I am not sure if I understand th question correctly:
- on a webpage you have a table of students with their name, reg. no, cals etc and three input fields do BOT, MOT and EOT marks
- you get student data (except for marks) from the students table
- input fields are initialy empty
- someone fills in the values for marks and you want to insert those marks into the marks table

If this is correct then first thing you have to enclose the whole table in form tags:

<form method="post" action="proces.php">

Then you have to correct the name attributes for input fields. They have to be unique and tied to a student. You can use regNo field for that. Also add a hidden field in each row that will hold the regNo:

<?php
    // construct the name attributes for the current row
    $bot_name = 'bot-' . $rows['regNo'];
    $mt_name = 'mt-' . $rows['regNo'];
    $eot_name = 'eot-' . $rows['regNo'];

// the name for the hidden field with the regNo
    $reg_name = 'reg-' . $rows['regNo'];
?>

<!-- This is one row of a table -->

<tr bgcolor="<?php echo $bg; ?>">
<td><?php echo $rows['firstName']." ".$rows['lastName']." ".$rows['otherName']; ?></td>
<td><?php echo $rows['regNo']; ?></td>
<td><?php echo $rows['class']." ".$rows['stream']; ?></td>
<td><div align="center"><input type="text" name="<?php echo $bot_name; ?>" size="10" />
<input type="hidden" name="<?php echo $reg_name; ?>" value="<?php echo $rows['regNo']; ?>" /></div></td>
<td><div align="center"><input type="text" name="<?php echo $mt_name; ?>" size="10" /></div></td>
<td><div align="center"><input type="text" name="<?php echo $eot_name; ?>" size="10" />
</div></td>
</tr> …

It's me again. Sory to post in pieces but I noticed another issue. Do not use $HTTP_POST_VARS array since it is deprecated and will be at some stage removed form PHP. Use $_POST array which is basically the same for your purpose.

A note on using script tags: a <script> tag is, as far as I know, used for scripts that browser executes (javascript, vbscript...). For server side scripts use <? ?> tags which for PHP is:

<?php

// PHP code here

?>

or in your example:

<html>
<?php
$email = "personal email addres" . ",";
$email .= $HTTP_POST_VARS['mailme'];
$subject = "Attack";
$data .= "Air 1: " . $HTTP_POST_VARS['air1'] . "n";
$data .= "Air 2: " . $HTTP_POST_VARS['air2'] . "n";
$data .= "Multiair: " . $HTTP_POST_VARS['multiair'] . "n";
$data .= "Cc: " . $HTTP_POST_VARS['mailme'] . "nn";
mail($email, $subject, $data, "From: myemailaddress");
}
?>
<script type="text/javascript">
function randInt(min, max) {
...

The language attribute in script tag is deprecated in HTML 4.01. Use only <script type="text/javascript">

Is there any reason that you implemented the functionality in javascript? You could probably do the same processing with php and just mail the values. But if you really want to use javascript for processing then you will have to use ajax approach - a javascript function that passes values to a php file that will send the mail.

http://www.w3schools.com/ajax/default.asp