Posts by veedeoo

The table has nothing to do with it.

this is the one causing the error

 <?php if($_POST['submitted'] == true){ ?>

you can do something like this

<?php if(isset($_POST['submit']) && ($_POST['submitted'] == true)){ ?>

Okay, I must admit, I am not too lazy today. Here is the HMVC design diagram as it applies to Codeigniter functioning as HMVC framework. It is not like the Kohana or Fuel PHP, but the design pattern concept is there.

it should read "Application Modules are pretty much independent". Sorry about my wireless keyboard battery it think is dying. It cannot catch up on my typing speed :).

Unlike the conventional MVC pattern, the HMVC pattern in this particular framework isolates the modules, making them less interconnected. So the blog controller don't even know if there are other controllers. Because of this design patterns, we can create as many modules as our application demands expansion.

edit again..
I really need to change my batteries.. this is my third edit and it is missing a lot of letters and verbs here in there.

Can you please tell me which HMVC modular extension are you currently using? There are few of them, but have minor difference in doing things.

Another thing is that this

$data['featured_img'] = $this->input->post(file_get_contents($_FILES['featured_img']['name']),TRUE);

will not work. We need to try changing it to this

$data['featured_img'] = (file_get_contents($_FILES['featured_img']['name']),TRUE);

remember that is file... I did not even noticed.

On your database, you need to have an extension column and save the extension of your BLOB.

to get the extension of the BLOB, we can do it like this. There is another way of doing this effeciently, but this is the one that can work flawlessly on the BLOB.

@list(, , $image_type, ) = getimagesize($_FILES['featured_img']['tmp_name']);

if ($image_type == 3){
    $ext="png"; 
}elseif ($image_type == 2){
    $ext="jpeg";
}elseif ($image_type == 1){
    $ext="gif";
}

you can then compare the actual extension of the image to your extension allowed for upload.

The next step is to save the extension on ext column. The reason for this is for you to be able to show the BLOB image on your page. like this

$image_data=$row['image'];

header('Content-Length: '.strlen($image_data));
header("Content-type: image/".$row['ext']);
echo $image_data;

i found errors on the code above

change this

 $data['featured_img'] = $this->input->post(file_get_contents($_FILES['featured_img']['name']));

to this

 $data['featured_img'] = $this->input->post(file_get_contents($_FILES['featured_img']['tmp_name']));

On your model, you still need to find out the true extession of the image. YOu may want to add another validation rules for it. That is only for the name of the file

Second option is to use the CodeIgniter Library as shown here.. use this in your controller..

first you need to run the form validation library.
second check if the form_validation run is false.
third if false above, then call your model method to process the uploaded item.

doing this

$this->input->post('page_headline',TRUE);

will only run the data through the xss filter, but will not validate if it is empty or not.

example. Make sure to follow the php 5 syntax standard.

public function get_data_from_post(){

    $this->load->helper(array('form', 'url'));
    $this->load->library('form_validation');

    ## anticipate any error or errors coming ahead of the form submission.
    $errors = array();

    ## layout your form validation rules
    $this->form_validation->set_rules('page_headline', 'Page Headline', 'required|trim|xss_clean|max_length[255]|alpha_numeric');

    ## add the remaining rules here

    ## check for any trapped errors

        if($this->form_validation->run() == FALSE){
            $errors['errors'] = $this->form_validation->set_err();

            ## if validation return true, send the user back to your form
            $this->load->view('upload_form',$errors);

        }

        else{
            ## call out the upload model
            $this->load->model('Article_model');

            if($this->Article_model->add_article()){

            ## it is a success, do whatever you need to do
                redirect('user/article_success','refresh');
        }

        }

 }

somewhere in your article model, you can do this. We can remove the xss parameter if we like. Just make sure you define it on your form validation rules.

public function add_article{

     $data['page_headline'] = $this->input->post('page_headline');
    $data['page_title'] = $this->input->post('page_title');
    $data['keywords'] = $this->input->post('keywords');
    $data['description'] = $this->input->post('description');
    $data['page_content'] = $this->input->post('page_content');
    $imageName = $_FILES['featured_img']['name'];
    $data['featured_img'] = $this->input->post(file_get_contents($_FILES['featured_img']['name']));

    ## prepare the database query here


    return true;

    }

That's pretty much it. Just make sure to look closely on how the patterns are implemented. It takes practice in doing this.

Good luck to you..

can you at least give us which appliance you are currently using, so that we can let you know if debugging is possible? I know about 11 appliances and I don't know which one you are currently running in your development environment. There are virtualboximages, lampstack, OTRS appliance, ops view, open filer, and others.

How do I debug? I haven't done that before.

you can either use netbeans, eclicpse IDE's or PHP designer. Load your script and run debug.

pzuurveen and hericles are correct. You must evaluate all them

Let us know when you got it working, so that I can teach you how to use these

     PDO::PARAM_INT
     PDO::PARAM_BOO
     PDO::PARAM_NULL
     PDO::PARAM_STR

that's for late though..

you are not supposed to wrap the placeholders with single quotes. So, this

 VALUES (':userName',':password',':firstname',':Surname', ':gender', ':dob', ':email')"; 

should be like this

VALUES (:userName, :password, :firstname, :Surname, :gender, :dob, :email)");

and this

 $query_insertintotable->execute(array( $userName,$password,$firstname,$Surname,$gender, $dob ,$email));

should be like this

$query_insertintotable->execute(array(
"userName" => $userName,
"password" => $password,
"firstname" =>$firstname,
"Surname" => $Surname,
"gender" => $gender,
"dob" => $dob,
"email" => $email
));

we only use this

$query_insertintotable->execute(array( $userName,$password,$firstname,$Surname,$gender, $dob ,$email));

if our placeholders are like these

    VALUES ( ? , ? , ? , ? , ? , ? , ? );

Prepared statements with parameters work like this.

Methods used : prepare() and execute()

PDO is class. An instance of this class is called an object and the functions associated with this object are called methods.

For our purpose above (shown on your codes), we need these methods called prepare and execute. Now, PDO allows us to prepare and compile our query with placeholders. Placeholders are like markers for the expected values from the users. When the execute method is called, it sends the arguments and runs the compiled statements sent earlier.

So, there are two things going on here in the background.

First, this will be send to the server and later on will be compiled

 $query_insertintotable = $con->prepare("INSERT INTO User (username,Password,First Name,Surname, Gender, DOB, Email Address)

VALUES (:userName, :password,  :firstname, :Surname, :gender, :dob, :email)");

These are placeholders for anticipated incomming values from the user

 VALUES (:userName, :password,  :firstname, :Surname, :gender, :dob, :email)");

TYPE 2 : alternatively, we can also do this

VALUES ( ? , ? ,  ? , ? , ? , ? , ? )";

Those are two options in setting-up the placeholder for binding. For now, let us stick to the first one to avoid any confusion.That is the beauty of PDO. It allows us to send query and temporarily compile with the placeholders.

The second part of the process is to send arguments by way of the method execute.

For the first example, we can do it like this

$query_insertintotable …

I'm on my way out to lunch. I won't be back for 2 hours though.

I thought your form is suppose to be submitted through ajax. why is it submitting like a regular form?

Is the chat script reading from a text file? If so, take a look at the chat log. I left a message there.

Your site is about 180ms one way from where I'm at. That is pretty slow for a server, but then the chat response is super slow at >2 minutes response time.

We need to see your PHP script as already been suggested above.

I modified a chat script similar to this long time ago, but it was this slow as I can recall.

Pretty much there is not much difference except you cannot use Scope Resolution Operator :: for non-static methods AND static method does not need an instance of the object.

This

className::function()

is use outside the class, while these

self::function()
static::function()

are use within other methods within the class. This

 $this->function();

if use in other static method will throw not in object context error.

Static method is commonly used in Singleton pattern, database connection or anything that don't need to instantiate the entire class. In short static method is independent to the class or object where it belongs.

To prove that static method is not dependent in the class of which it resides, try this..

class Test
{

    public function non_s(){
        echo 'not static method';
        self::static_m(); // this will work
        static::static_x(); //this will work

    }

    public static function static_m(){

        echo 'this is from static method static_m <br/>';
        self::non_s(); // this will throw an error
        $this->non_s(); // this will not work also

       }

     public static function static_x(){
         echo 'This from static_x();
         $this->static_m();// will throw a not in object context error. 
    }

   } 

   ## this will work
   Test::static_m();
   Test::static_x();

   ## this one will not work for the non-static
   Test::non_s(); //will not work

   ## but this will work
   $object = new Test();
   $object->non_s();
   $object::static_x();// this will work
   $object->static_x(); // this will work also

In conclusion, static method can be access regardless if there is an instance of object or not.

if you will be adding values for each column, then a second argument to the function must be added and make sure that the count of the values going underneath are perfectly equal to the number of <th> you need to create.

something like this

 create_th($cols_count, $col_header_name){

  if($cols_count > 0 && (is_array($col_header_name) && (count($col_header_name == $cols_count)))){

         return array(true,$col_header_name);
    }
}

You can also try one like this.

First create a function to generate the <th> items. The function can be as simple as this

function create_th($col_header_name){

    if(is_array($col_header_name)){

        return array(true,$col_header_name);
      }

  }

to generate the cols, you call the function like this. There is no limit on how many header cells you can create.

$tbl_cols = create_th(array('Hotel','Class','Single','Adult(RM)','CNB(RM)'));

    if($tbl_cols[0]){


    echo '<table>';
    echo '<tr>';
    foreach($tbl_cols[1] as $th){
        echo '<th>'. $th.'</th>';
    }

    echo '</tr>';
    echo '</table>';

    }

The output should be something like this

<table>
   <tr>
    <th>Hotel</th>
    <th>Class</th>
    <th>Single</th>
    <th>Adult(RM)</th>
    <th>CNB(RM)</th>
   </tr>
</table>

Why use function?
By using function, you can utilize filter_var_array PHP function to filter the items going into the <th>.

that's it..

for some reason, you keep on putting back all those codes that i told you to remove.

change this

<html>
<body>
<?php echo ($error ? $error : '' );?>
<form action="index.php" method="post">
<head>
<!-- Basics -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Login</title>
<!-- CSS -->
<link rel="stylesheet" href="css/reset.css">
<link rel="stylesheet" href="css/animate.css">
<link rel="stylesheet" href="css/styles.css">
</head>
<!-- Main HTML -->
<!-- Begin Page Content -->
<div id="container">
<form>
<label for="name">Username:</label>
<input type="name" name="username" id="username">
<label for="username">Password:</label>
<p><a href="#">Forgot your password?</a>
<input type="password" name="password" id="password">
<div id="lower">
<input type="checkbox"><label class="check" for="checkbox">Keep me logged in</label>
<input type="submit" value="Login" name="login" id="login">
</div>
</form>
</div>
</body>
</form>
</html>

to this

<html>
<head>
<!-- Basics -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Login</title>
<!-- CSS -->
<link rel="stylesheet" href="css/reset.css">
<link rel="stylesheet" href="css/animate.css">
<link rel="stylesheet" href="css/styles.css">
</head>
<body>
<!-- Main HTML -->
<!-- Begin Page Content -->
<div id="container">
<?php echo ($error ? $error : '' );?>

<form action="index.php" method="post">

<label for="name">Username:</label>
<input type="name" name="username" id="username">
<label for="username">Password:</label>
<p><a href="#">Forgot your password?</a>
<input type="password" name="password" id="password">
<div id="lower">
<input type="checkbox"><label class="check" for="checkbox">Keep me logged in</label>
<input type="submit" value="Login" name="login" id="login">
</div>
</form>
</div>
</body>

</html>

you can create a new page and call it verified.php and put this code

<?php
    session_start();

if($_SESSION['loggeg_in'] && (isset($_SESSION['username']))){

    echo 'You are logged in as:'. $_SESSION['username'];

    }

Your modified codes should now look like this

<?php

session_start();
$con = mysqli_connect("localhost", "root", "", "numbers") or die(mysqli_error($con));
if(isset($_POST['login'])){

$myusername=mysqli_real_escape_string($con,$_POST['username']);
$mypassword=mysqli_real_escape_string($con,$_POST['password']);

$sql="SELECT username, password FROM admin WHERE username='".$myusername."' AND password='".$mypassword."'";
$check= mysqli_query($con,$sql);
$row = mysqli_fetch_row($check);
if($row[0]!="" && $row[1] !=""){

 ## set logged_in to true
$_SESSION['logged_in']= true;
 ## set username session
$_SESSION['username'] = $row[0]; 

header('location: verified.php');
exit();
}
else
{
$error="Your Login Name or Password is invalid";
//echo "$error";
//echo "<META http-equiv=' refresh' ;URL='index.php'>";
}
}
?>
<html>
<body>
<?php echo ($error ? $error : '' );?>
<form action="index.php" method="post">
<head>
<!-- Basics -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Login</title>
<!-- CSS -->
<link rel="stylesheet" href="css/reset.css">
<link rel="stylesheet" href="css/animate.css">
<link rel="stylesheet" href="css/styles.css">
</head>
<!-- Main HTML -->
<!-- Begin Page Content -->
<div id="container">
<form>
<label for="name">Username:</label>
<input type="name" name="username" id="username">
<label for="username">Password:</label>
<p><a href="#">Forgot your password?</a>
<input type="password" name="password" id="password">
<div id="lower">
<input type="checkbox"><label class="check" for="checkbox">Keep me logged in</label>
<input type="submit" value="Login" name="login" id="login">
</div>
</form>
</div>
</body>
</form>
</html>

We cannot have any <html> tags before redirect . The only place where you can do it is if you area coding inside the frameworks like CodeIgniter..

try running this

<html>
<body>
<!-- End Page Content -->
<?php
$con = mysqli_connect("localhost", "root", "", "numbers") or die(mysqli_error($con));
if(isset($_POST['login']))
{
//$myusername = $_GET['name'];
//$mypassword = $_GET['password'];
$myusername=mysqli_real_escape_string($con,$_POST['username']);
$mypassword=mysqli_real_escape_string($con,$_POST['password']);
//$sql="SELECT * FROM admin WHERE username='".$myusername."' AND password='".$mypassword."'";
$sql="SELECT username, password FROM admin WHERE username='".$myusername."' AND password='".$mypassword."'";
$check= mysqli_query($con,$sql);
$row = mysqli_fetch_row($check);
if($row[0]!="" && $row[1] !="")
{
//echo "Successful Login";
//echo "<META http-equiv=' refresh' ;URL='form.php'>";
    echo 'you are login<br/>';
}
else
{
 $error="Your Login Name or Password is invalid";
echo "$error";
//echo "<META http-equiv=' refresh' ;URL='index.php'>";
}
}
?>
<form action="deletethis.php" method="post">
<head>
<!-- Basics -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Login</title>
<!-- CSS -->
<link rel="stylesheet" href="css/reset.css">
<link rel="stylesheet" href="css/animate.css">
<link rel="stylesheet" href="css/styles.css">
</head>
<!-- Main HTML -->
<!-- Begin Page Content -->
<div id="container">
<form>
<label for="name">Username:</label>
<input type="name" name="username" id="username">
<label for="username">Password:</label>
<p><a href="#">Forgot your password?</a>
<input type="password" name="password" id="password">
<div id="lower">
<input type="checkbox"><label class="check" for="checkbox">Keep me logged in</label>
<input type="submit" value="Login" name="login" id="login">
</div>
</form>
</div>
</body>
</form>
</html>

I don't recommend using it in production server, because of the weakness in login validation, but it is sufficient for practice purposes only.

I think you will get notified for Automatically Watch Articles I Post In? if checked, but I am not sure if when the watch this article button is clicked will trigger the notification.

I hope someone can make clarification on this. :).

let's retrace all these..

try this first

<?php

$dsn = 'mysql:host=localhost;dbname=hidden';
$username = 'root';
$password = '';
try {
$dbh = new PDO($dsn, $username, $password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
echo $e->getMessage();
}

if($dbh){

    echo 'connected<br/>';
}

try viewing the page on your borwser and see if it is working. If it is, include this file to this

<?php

    include_once('the_page_above.php');

    function test($dbh){

       echo ($dbh ? 'connection is persistent inside this function' : 'sorry not connected');   
   }

   $x = test($dbh);

try something like this

function getInfo($dbh,$user_row, $mcusername){

if($dbh){

try{

## put your stuffs here
    return $user_row;
}
    catch (PDOException $e) {
        echo $e->getMessage();
    }


}


}

do not wrap the entire function with try because there is no error to catch until the function is called. Besides the error will be occuring inside the function if there is any.

double check your usage of this

$user_row;

The error tells us that the $dbh is a non-object.

Where is the part of the code where it says something like this

   $dbh = new PDO('mysql:host=localhost;dbname=yourdb;charset=utf8', 'username', 'password');

Personally I think Python is better then ruby because it runs on the Django framwork and it can do more.

I do respect your affinity to Python. However, why is it that you only mentioned Django framework and not a single framework for Ruby. Have you ever tried writing web applications in Ruby utilizing these frameworks?

Padrino, Ramaze, NYNY, Sinatra, Nancy, Hobbit. I could go on and on with the list. Please feel free to let me know if you need more and I'll give you 6 to 8 more

Do you know how easy it is to write an application utilizing those mini frameworks I have mentioned above vs. writing a python web application in Django framework? The argument should not always focus on which language is better. Some languages are better on specific application, while others can't just deliver the anticipated results.

Before crossing to the Ruby side of Daniweb, make sure to do some research first about this subject.

I wrote applications in Python utilizing Django, the same application I wrote in Ruby under Padrino. I wrote the very same application in PHP with three different frameworks namely Symfony2, CodeIgniter, and Fuel PHP. Still, I am not sure which one is better. The reason is that all of them did the job as I expected them to be. However, if someone will ask me, if I can write the same application I wrote in PHP in different language, then my answer would be yes, but …

I understand that you can use c# with it to develop web apps, but I can already do everything I need and more in a webapp with python and sometimes ruby.

but those languages that you mentioned are among of the .NET languages e.g iron python, iron ruby and C# . It appears to me that you can do pretty much everything on them, you should not have any problem.

As far as

"Is ASP.NET a good language to know for web development",

ASP.NET is not a language. It is rather stands for Active Server Page or to make it short and easy to remember it is a framework that can work with the .NET languages. I highly favor C# over iron python and iron ruby, only for the reason of better community support.

I hope I did not create any confusion..

Upload is not working because your php.ini settings for the upload related directives are pretty low.

Can you copy, past, save as info.php

<?php

    phpinfo();

direct your browser to this page. On this page, look for the Server API directives or value.

is it fast CGI?
or is it Apache 2.0 Handler?

Also, look for the value of this

**Loaded Configuration File **

Give me those values and I will tell you what to do next.

try this

if($_FILES['image']['name'] != ""){
$filename = $_FILES['image']['name'];
$ext = strrchr($filename,".");

//$imagename = $student_id;
//$imagename .="_". $filename;
if($ext ==".jpg" || $ext ==".jpeg" || $ext ==".JPG" || $ext ==".JPEG" || $ext ==".gif" || $ext ==".GIF"){
$size = $_FILES['image']['size'];

if($size > 0 && $size < 1000000){
$archive_dir = "images";
$userfile_tmp_name = $_FILES['image']['tmp_name'];

    if(move_uploaded_file($userfile_tmp_name, $archive_dir .'/'. $student_id .'_'. $imagename .'.'. $ext)){

copy, paste and save as inisettings.php

<?php

echo 'Maximum Execution Time : '. ini_get('max_execution_time').'<br/>';
echo 'Maximum Input Time : '. ini_get('max_input_time').'<br/>';
echo 'Upload Max File size : '. ini_get('upload_max_filesize'). '<br/>';
echo 'post_max_size : '. ini_get('post_max_size') .'<br/>';  

direct your browser to this file post the result on your response.

change this

if(move_uploaded_file($userfile_tmp_name, "$archive_dir))

to this

if(move_uploaded_file($userfile_tmp_name, $archive_dir ."/". $LRCardname.$ext))

another alternative is to do it like this.

if(move_uploaded_file($_FILES['image']['tmp_name'], $archive_dir ."/". $LRCardname.$ext))

Close your eyes and open your mind.

Should solve the puzzle.

line 11, should read

if(move_uploaded_file($userfile_tmp_name, $archive_dir)){

Because I am way so much younger than the majority, I can't say much about my experiences in life. However, why worry about age? I thought humans are like fine wine, we get better with age :).

Android Apps are pretty much written in JAVA compiled in android SDK. The only thing that the PHP can help achieving the mobile apps is to provide the API in the form of RSS or XML. Even so, XML and RSS are not always a good source of data. What I have seen in the past was a complete parsing of the URL and the harvested data are then translated into the JAVA compliant xml file.

There is an rss feed reader on github of which I believe can help you start with this project. The script will read any rss feed from daniweb.

You can pretty much make this work by downloading the Android SDK or the Android STudio and then just import the source codes from the linked git hub source codes above.

It all depends on the quality of codes you can deliver. If you can write an application pretty close or at least at the same quality as the application written in Django framework, you can get paid pretty high. In my area, the minimum Object Oriented Programmer with MVC framework experience have a minimum starting salary of 65,000 dollars per year. But that's pretty low I think.

I know it is unfair, but for procedural programmers, they get paid around 10 to 20 thousand dollars less.

There is no Doubt PHP is a great language. Over the years, it has proven itself to the world that it can move forward and it can continue to evolve for the better. However, PHP is the only language where anyone can call themselves as a programmer after few hours of exposure to the language.

In my Humble opinion, there are many levels of PHP programmers and developers. I just made all these level for myself, because I went through all of these levels.

1. The first group are the mixers ( the spaghetti coders as we call them).

2. The hammer bearers. After learning how to write a reusable functions, they focus more in using all functions on pretty much everything.Everything to them looks like nails.

3. The separatists. These are the more advance programmers that does not believe in the mixing of the business logic and presentation logic.

4. The object orienters. These are the second level of advance programmers who want to take the separation …

We can pretty much do anything with PHP :). Just the thought of it, makes you feel proud writin high quality codes in PHP.

Yes, it is possible in Phalanger and ASP.net environment.

I lifted these codes from this website.

<b>Camels created: </b><?= Class1::$CamelsProcessed ?><br/>
<b>Previous camel: </b><?= Class1::$LastCamel ?><br/>

<?php
    $x = new Class1;
    $growncamel = $x->MakeCamelFromGet(); // $x->Camel( $_GET['babycamel'] );
    if ($growncamel):
    ?><h2><?= $growncamel ?></h2><?
    endif;
?>

Noticed, how seamlessly the PHP instantiate the C# class named Class1? I think that is pretty cool...

Your form tag is way above the <body> tag. It should stay below the <body> tag. There are many great websites out there where you can read about proper html syntax.

remove form tag in line 3 and replace the form tag in line 19.

On your form.php, Replace this

<input type="submit" value="Login" id="login">   

with this

<input type="submit" value="Login" name="login" id="login">   

replace

if(isset($_GET['login'])){

## codes here

}

with these

if(isset($_POST['login'])){

    ## codes here responsible for login validation

    }

    elseif{

            ## remind the user of any error 

       }

    else{

        ## show them the login form or redirect to the login page

        }

pretty much those are the basics...

Exactly, you don't fetch the password from the database using the user's password input. Only the user's inputted username.

Example: Make sure to use PDO or Mysqli. In this example, I will use shorthand PDO. Please make sure to follow the long form PDO connector suggested in PHP.net website

$username =  trim(filter_var($_POST['user_name'],FILTER_SANITIZE_STRING));
$password = trim(filter_var($_POST['user_name'],FILTER_SANITIZE_STRING));

## check the existence of the user in your database

$this_db =  new PDO('mysql:dbname=db_name;host=db_host', 'db_user', 'db_pass');

$this_stmt = $this_db->prepare("select  UserID, Username, Password FROM users WHERE Username = :username");

$this_stmt->execute(array(':username' => $username));
$res = $this_stmt->fetch();

## validate the password given by user

if(password_verify($password, $res['password'])){

        ## password is valid
        ## you can set the session here for logged_in and username
        ## $_SESSION['logged_in'] = true;
        ## $_SESSION['username'] = $res['Username'];
}
else{

       ## password is not valid, you can redirect to login page again.

}

don't forget to put session_start()....

How many images are allowed per student?

More than one?
you need to create an image database table

+-----+----------+---------+
+ id  + owner_id + img_url +
+-----+----------+---------+

one only?
follow the recommendation above.

password_hash for PHP version 5.5.x can verify the password from the user's input.

for example, we have user submitted form data

$password = $_POST['password'];
$username = $_POST['username'];
## don't forget to sanitize everything.

$your_query = "select username, password from USER_TABLE WHERE username = '".$username."'";

## execute your query  here and fetch the result



## and let hashed_pass equal to the row password

$hashed_pass = $row['password'];

## verify the password

if(password_verify($password, $hashed_pass)){

    ## password is valid

    }

    else{

        ## password is not valid

        }

The most important is that the $password from the user's input is not being included in the database query. The verification is occuring in the password_hash function and not in the database query itself.

My first <HTML></HTML> page was created when I was 9.

Wow, that's pretty big investment right there. The last time I heard it was up for $185,000 per TLD..

Good luck to you.

PyCharm looks promising, but the features I like to have are all in the paid version only. Community version should help beginners and intermediate programmers/developers.

for this

mdEnc.update(source.getBytes(), 0, source.length());

not sure if you can get away with it using the PHP function called ord .

Again, I am pretty much speculating here trying to mimic that iteration effects against the length of the input string.

In PHP the lenght of the string can be determine by strlen function. Now, there is a problem with the strlen function in PHP, because all spaces are considered or treated like strings. Therefore " hello + 4 spaces ", will have a strlen value of 10 ( one space before the h and 4 spaces after the o). To alleviate this trouble, PHP offers a solution called trim.

So, now everything are in place. You just need to realize the output of the getBytes() in Java ( I know what it is, I just want you to be resourceful in finding much information about the problem on hand). If the getBytes() returns an ASCII code then, ord is the perfect replacement of it in PHP.

To be able to produce the same results in PHP, you will have to iterate through the input string and process each character with ord.

for example, if we have a "hello_world" string input the ORD output will be somthing like this ( all in ASCII)

Array ( [0] => 104 [1] => 101 [2] => 108 [3] => 108 [4] => 111 [5] => 95 [6] => 119 [7] => 111 [8] => 114 …

The first thing I always learn and get myself familiarize with is the language construct. Regardless of what programming language it is, their language construct is the most important.

Let me give you the hints first...

line 29, 35, and 38 are not valid statements.

Line 36, you've used COMMIT which is the last query segment in trasactional. The BEGIN query should be intiated first and then your update query followed by the COMMIT to finalized the transaction.

IMPORTANT! Transaction only work with the table engine set or equal to innoDB. It will not work on MyISAM.

example of transaction

$this_begin = "BEGIN";
mysql_query($this_begin) or die (mysql_error());

followed by the update query immediately

$this_update = "UPDATE ....";
mysql_query($this_update) or die (mysql_error());

lastly, the commit query

$this_commit = "COMMIT";
mysql_query($this_commit) or die (mysql_error());

there are many ways in setting up statements for this..

if(mysql_query($this_begin)){
    // this is true if the begin query was successfule
    }
    else{
        //die or define something as false
        }

If you are lazy like me, this will work also , but THERE IS A BIG BUT.. you need to learn how to do it in the old fashion way first, then you go crazy on the shorthand.

$flag = (mysql_query($this_updatee) ? 'success' : 'error');

On a side note why the hell does the vanilla install of codeigniter force you to set an encryption key but doesn't force you to set cookie_encrypt to be TRUE.

Isn't that just plain stupid? Or am I again missing something.

I think it was An overlooked negligence in plain sight.

No, you don't have to do any of my protocol examples those are semi paranoid. Just use a pretty good encryption and you should be good to go.

You could try something like this.. something pretty easy without function and no object..

$option_block = ''; //this actually prevent the error just in case it is zero results.

$query=mysqli_query($rcon,"SELECT userid FROM registration");
    while ($row=mysqli_fetch_array($query)){

    $option_block .= '<option name="to">'.$row['userid'].'</option>';
}

then on your page witht he form, you can do like this.. I am guessing on the file structure here, because I don't where the actual query result is coming from.

require_once('connect/registerdb.php');
require_once('messages/list.php');

To:<select name="respondto">
        <?php echo $option_block;?>
</select>

that's pretty much it...good luck to you.

Still confused about that one. Seriously, there should be a massive disclaimer about using CI sessions! It's ridiculous.

I do understand your frustration.

For once more, please allow me to dissect what is really going on inside the CI session class. I also do understand the assumptions and analysis of the programmer assigned to write this class.

First and foremost, how did this important piece of information made it to the user's cookie bin?

The answer is simple. Because of the method called _set_cookie and this is how it was done

setcookie(
        $this->sess_cookie_name,
        $cookie_data,
        $expire,
        $this->cookie_path,
        $this->cookie_domain,
        $this->cookie_secure
    );

We can encrypt all we want in every possible means, the tiempo of the tango will never change. Why? Because, we are only encrypting the name of the session and the cookie name. Encrypting my name, while exposing the most critical information in the open does not and will not equate to security as they call it.

The screenshot below is the product of the method above

and this is the edited version of what the cookie says. I removed 90% of it, because it is getting pretty detail and I don't intend to be teaching or enticing people on cracking on these things that are supposedly "secret".

I purposely did the screenshot, because I don't want people copy and pasting this stuff running around the web to decode it. The point I am trying to make here …

try this.