Posts by minitauros

Why are there two exactly the same lines like this:

$query = $con->prepare("INSERT INTOkzn_upcoming(meet_name,location,start_date) VALUES (?, ?, ?)");

? :) One on line 14 and one on 37, while you seem to be only using one. Could you try removing one ;)? Not sure if it will matter but just to be sure.

Well that's probably because something has gone wrong while executing your query. Try adding OR exit(mysql_error()) to your query lines, so that it would become, for example:

$checkUserQuery = mysql_query("SELECT * FROM $tbl_name WHERE userName = '$user'") OR exit(mysql_error());

$checkEmailQuery = mysql_query("SELECT * FROM $tbl_name WHERE email = '$email'") OR exit(mysql_error());

And see if that returns any errors.

Also you might want to consider escaping user-input by using mysql_real_escape_string(). For example:

$first = mysql_real_escape_string($_POST['firstName']);

Yes that's probably, as I just mentioned, because you don't close your line 9 with a semicolon (";"). Try removing the semicolon from inside your quotes in the following line:
$sql="select image from images where id='$_GET[id]';";

Which would make it become:
$sql="select image from images where id='$_GET[id]'";

Then add the mysql_real_escape_string() functionality, like this:
$sql="select image from images where id='" . mysql_real_escape_string($_GET[id]) . "'";

And then place a semicolon at the end of the following line:
$row = mysql_fetch_array($result)

Which would make it become:
$row = mysql_fetch_array($result);

$sql="select image from images where id='$_GET[id]';";

I think you should remove the first semicolon in that line and place it after the following line:

$row = mysql_fetch_array($result)

Next question: What is the error you are getting? :)

Also, if you are using PHP's mysql functions to connect to your database, you might want to consider properly escaping external input to your database, like $_GET['id']. I would replace that by mysql_real_escape_string($_GET['id']) for starters. You can read more about the function here.

I'm not targeting a specific country, it is to be read in multiple countries in the EU, so this information is of a lot of help :). My basic English is fine (at least I hope so), it's just the stuff I don't read or speak everyday that I get unsure about. Thanks for your help everyone!

There is a way to add a password to it but I've never done it with PHP. A short Google search resulted in this command to be used:

exec('zip -P pass file.zip file.txt');

pass = password
file.zip = target zip
file.txt = file to zip (maybe you can specify a folder if you want to zip multiple files? I have no idea, you'd have to try :))

Unzipping would go as follows:

exec('unzip -P password file.zip');

(From: http://stackoverflow.com/questions/7712960/opening-and-creating-password-protected-zip-files-with-php and http://www.talkphp.com/general/3380-exec-zip-php-not-working-expected.html)

Plus there are huge communities for PHP, so if you get stuck you'll probably be able to get help fast. There are a lot of popular CMS'es being written in PHP, so if you want to use those, having some PHP knowledge can be useful.

Change this:

function browse($dir) {
    global $filenames;
    if ($handle = opendir($dir)) {
        while (false !== ($file = readdir($handle))) {
            if ($file != "." && $file != ".." && is_file($dir.'/'.$file)) {
                $filenames[] = $dir.'/'.$file;
            }
            else if ($file != "." && $file != ".." && is_dir($dir.'/'.$file)) {
                browse($dir.'/'.$file);
            }
        }
        closedir($handle);
    }
    return $filenames;
}

to this:

function browse($dir) 
{
    global $filenames;

    // Fill with names of files to exclude from your return array.
    $files_to_exclude = array(
        'file1.php'
    );

    if($handle = opendir($dir)) {
        while (false !== ($file = readdir($handle))) {
            if($file == '.' || $file == '..') {
                //* Skip currentt and previous directory.
                continue;
            }
            elseif(in_array($file, $files_to_exclude)) {
                //* The current file is to be excluded.
                continue;
            }

            if(is_file($dir . '/' . $file)) {
                $filenames[] = $dir . '/' . $file;
            }
            elseif(is_dir($dir . '/' . $file)) {
                browse($dir . '/' . $file);
            }
        }

        closedir($handle);
    }

    return $filenames;
}

And see if it works :).

True that, hadn't even seen that the ^ was being used as delimiter ^^. Pritaeas, do you know which character you should use to match the start of a string if you use ^ as delimiter?

Hmmm if you want both to be valid, try:

'/^(\d{5})?([a-z.\-&\'",\/\\ ]+)(\d+)$/i'

This checks for:
Must start with a digit of length 5 (because of the {5} part) or no digits (because of the questionmark after the ")")
Must then be followed by one or more words
Must end in a number of any length, but with a minimum of one

The i after the last / sets the regex to be checked case-insensitive.
If you would like to change something in the first number, you could for example change {5} by {1,5} to define: a number with a length of 1 to 5.

"x equals x" is written with 2 times an "=", not one time ;). You are now setting a new value for $n in each if() statement. You should write it as $n == 3 instead of $n = 3.

Also you're not comparing your results correctly. In line 2 of the script you present, you set $n to be a result set, not the actual result. The actual result would be $n['alias_switch'].

Try this code, if you wish:

<?php
$result = mysql_query("SELECT alias_switch FROM peoplebase");
$n = mysql_fetch_assoc($result);
$alias_switch = $n['alias_switch'];

if($alias_switch == "1") {
    mysql_query("UPDATE peoplebase SET alias_switch='2'");
}
elseif($alias_switch == "2") {
    mysql_query("UPDATE peoplebase SET alias_switch='3'");
}
elseif($alias_switch == "3") {
    mysql_query("UPDATE peoplebase SET alias_switch='1'");
}

Have you checked out the create_function() function? See here: http://php.net/manual/en/function.create-function.php

Check out this website: http://phpsec.org/projects/guide/

It has some info on PHP security :).

Well for starters, there appears to be missing a " at the start of your content definition (content=<div id=\"content\">) :).

Great ^^. How did you do it?

What I'd do is:

<?php
$parts = explode(' ', $name);

for($i=0; $i<count($parts); $i++)
{
    $first_letter = $parts[$i][0]; // Gets the first letter of the given part.
    $letters[] = $first_letter;
}

$initials_only = implode('.', array_map('strtoupper', $letters));

Well that's one nice explanation :)! What I would do is something like this:

<?php
// Get all your sections.
$q = 'SELECT section_id,
        section_name,
        topics_limit
    FROM sections
    ORDER BY section_id DESC';
$rq = mysql_query($q);

while($fetch = mysql_fetch_assoc($rq))
{
    // Looping through sections.

    // Retrieve topics for this section.

    $q2 = 'SELECT topic_id
            topic_name
        FROM topics
        WHERE section_id = "' . $fetch['section_id'] . '"
        ORDER BY topic_id DESC
        LIMIT ' . $fetch['topics_limit'];
    $rq2 = mysql_query($q2);

    while($fetch2 = mysql_fetch_assoc($rq2))
    {
        // Looping through topics.

    }
}

Hm that is strange indeed. Usually you should be able to modify globally defined variables from within a function. What's particulary strange is that the $film_ids variable does get filled within the function, but then appears to be empty in your global scope. I assume you are checking the value of $film_ids AFTER running $film->getFilms()? ;).

The common way to do this using an object, however, is slightly different from what you're doing now. Below I'll post an example of how most people would do this using an object (for as far as I know).

<?php
// Optionally include your database class if this is a standalone file.
include 'dbconnection.php';

class Film
{
    private $film_ids = array(); // We declare these variables as private if they are only accessible through this class's functions.
    private $numfilms;

    // The setter method. Usually in object oriented programming you use setter 
    // and getter methods, to keep a clear distinction in what happens where.
    // The getter method is below this setter method.
    public function setFilms() 
    {
        $dbh = new DBConnection();
        $sql = "SELECT * FROM films";
        $stmt = $dbh->prepare($sql);

        // Could the query be executed?
        if($stmt->execute()) 
        {
            while($row = $stmt->fetch())
            {
                $film_ids[] = $row['film_id'];
            }
        }

        // We have now filled $film_ids WITHIN the function. Let's save this information.
        $this->film_ids = $film_ids; 

        // We have now stored the film id's in the class's properties.

        // Count the number of films and store it.
        $this->numfilms = count($film_ids);

        return true;
    }

    // The getter method …

Well since you must retrieve all sections and topics anyway, you could still use the query in my last example and then use PHP to sort the results. For example:

<?php
$q = 'SELECT topics.topic_name,
        sections.section_name
    FROM topics
    JOIN sections ON topics.section_id = sections.section_id
    ORDER BY sections.section_id DESC';

// Execute the query the way you want to execute it.

while(// Loop through the results in your own way.)
{
    // Get the current record's section name.
    $section_name = $results['section_name'];

    // If the current record's section name differs from the previous,
    // it means a new section has started.
    if($section_name != $old_section_name)
    {
        // A new section has started. Do anything you want to do if it has.
    }

    // Remember the last section name that we've used.
    $old_section_name = $results['section_name'];

    // Display info.
}

True that! You'll probably wanna use AJAX, then :).

No I mean his form's target is _blank, which means a new window will open and the original window will stay to exist to execute another form submission. At least, that MIGHT be so, I've never tested it, but that's why I came up with the idea :p.

Yea but you're being sent to a new tab, right? So the original tab will remain to exist :).

I once ran into Felipe Ribeiro's spelling corrector class. It can do spelling suggestions like "did you mean... ?". I think it can be useful in this case. You can find it here. It's a pretty nifty piece of work :).

Well your if(isset($_POST['submitRec'])) is inside your if(isset($_POST['submitButton'])) statement, so in order for it to work, $_POST['submitButton'] must be set. This is probably not the case when you submit the second form, so what I think should solve your problem is placing the if() construction that contains the Javascript warning outside its parent if() construction :).

What you're doing is checking if the mysql query is being executed correctly. $tester will be set to true if the query could be executed, or to false if it could not. You should rather use something like: $results = mysql_fetch_assoc($tester); And then check if $results has any records. If it has, results could be found for the query that was just executed. If not, no results were found.

For example if you have two computers (that are on the same local area network!), the computer with the name "ComputerA" is running XAMPP, and you want to access this XAMPP server from the computer with the name "ComputerB", then here's what you do:

On ComputerB, start up your web browser. In the address bar, type: ComputerA/projectname. For example if you have a project called "testproject" in your XAMPP's htdocs folder, you can access it by going to "ComputerA/testproject". Hope this helps :).

Here's a good tutorial on regular expressions:

http://www.phpro.org/tutorials/Introduction-to-PHP-Regex.html

In your case, I think you're looking for something like

preg_match('/^[0-9A-Za-z_\-]+$/', .....)

Which returns true if the input string contains nothing more than letters, numbers, underscores and dashes, or indeed, like pritaeas says

preg_match('/^[\w-]+$/', .....)

which is similair to that.

It should be:

if (!preg_match("/^[A-Za-z0-9]{3, 20}$/i", $_POST['brugernavn']))

The {3, 20} part checks if the length is between 3 and 20 characters.

I'm using Google Webfonts myself, but it's too bad that not all browsers know how to work with custom fonts :(.