Leaderboard

By far the best the best way is to fix whatever they are warning you about.

password_hash() and password_verify()

What do you mean, "remove"? What "other operations"? You've managed to post a whole bunch of code, but wouldn't you know, when asking for help with a thing, giving a description of what you want to do is more important than the code itself! One-time password. Like those 6-digit numbers you get from SMS or "authenticator" apps that cycle every 30 seconds. Such as this algorithm, $acct_otp = substr(number_format(time() * rand(), 0, '', ''), 0, 6); (which is terrible and should never be used by anyone for any reason)

They shouldn't be. The brand name is an attribute of the brand entity. That is the only place it should be stored in your database - not duplicated across dozens of records in other tables. Only id values should appear in other tables as foreign keys. Suppose Elon Musk takes over your company and decrees that, from now on, the name "EXCAVATOR" should appear on all company web pages and reports as "X-CAVATOR". Now ask yourself "in how many places in your spreadsheet-style db tables would you have change that spelling?" In my design that answer would be 1.

Because you exit before anything can be output?

If you use prepared queries correctly, with placeholders for user-supplied data, you don't need that code - the values will not be embedded in the SQL code.

Another option is to use the null coalesce operator (??), so if ($_GET["nsfw_options"] == "true") { $sfw = 1; setcookie("nsfw", "true"); $_COOKIE["nsfw"] = "true"; } if ($_GET["nsfw_options"] == "false") { $sfw = 0; setcookie("nsfw", "false"); $_COOKIE["nsfw"] = "false"; } becomes $nsfw = $_GET['nsfw_options'] ?? "false"; // if isset() use its value otherwise set default value ("false") $sfw = $nsfw == "true" ? 1 : 0; setcookie("nsfw", $nsfw); $_COOKIE["nsfw"] = $nsfw;

Yes, positively evil. You can easily display them like that on output but don't store them like that. For example... mysql> select * from project; +----+---------------+-----------+------------+ | id | project_name | client_id | start_date | +----+---------------+-----------+------------+ | 1 | Project Alpha | 4 | 2022-12-01 | | 2 | Proect Beta | 2 | 2023-01-15 | | 3 | Project Gamma | 4 | 2023-03-01 | | 4 | Project Delta | 1 | 2023-03-20 | +----+---------------+-----------+------------+ mysql> select client_id -> , group_concat(project_name separator ', ') as projects -> from project -> group by client_id; +-----------+------------------------------+ | client_id | projects | +-----------+------------------------------+ | 1 | Project Delta | | 2 | Proect Beta | | 4 | Project Alpha, Project Gamma | +-----------+------------------------------+

If you know that the form was submitted then you could take the absence of a value as proof that it was unchecked. But yes, there is a simple solution that lets you keep checkboxes: use hidden inputs. <input type="hidden" name="checkbox" value="off"> <input type="checkbox" name="checkbox" value="on"> When checked, the checkbox's "on" overwrites the hidden input's "off".

Checkboxes are only submitted in form data when they are checked.

"Simple" string interpolation only allows you to access a single level of an array. If you want multiple levels then use the "complex" syntax with braces: "value='{$rows[0]['itemName']}'>"

Do I take it that a new image is one that is less than 2 weeks old? $day = date('Y-m-d', strtotime("2023-08-30 16:03:32")); if($day > date('Y-m-d', strtotime('-2 weeks'))){ echo "img src='https://i.imgur.com/0rlIlUD.gif'"; } @requinix - I see what you mean

Then I think you want this method - using a LEFT JOIN to those bookings already made in the period and then the WHERE clause selects those that aren't matched SELECT r.room_id , r.number FROM room r LEFT JOIN room_booking_2 rb ON r.room_id = rb.room_id AND rb.departureDate > '2024-01-01' AND rb.arrivalDate <= '2024-01-05' WHERE rb.room_id IS NULL ORDER BY room_id; or an alternative method - using a subquery to find the rooms not available SELECT r.room_id FROM room r WHERE room_id NOT IN ( SELECT room_id FROM room_booking_2 rb WHERE departureDate > '2024-01-01' AND rb.arrivalDate <= '2024-01-05' );

Do your database , table and db connection all share the same utf8 encoding?

No, password_hash handles all the work for you. Including salting. Don't do anything extra.

You need to do something like this -> // Add an event listener to the edit form's submit event editForm.addEventListener("submit", async function (event) { // Prevent the default form submit behavior event.preventDefault(); // Create a FormData object from the edit form const formData = new FormData(editForm); //console.log("form data", formData); // Send a POST request to the edit_update_blog.php endpoint with the form data const response = await fetch("edit_update_blog.php", { method: "POST", body: formData, }); // Check if the request was successful if (response.ok) { const result = await response.json(); console.log(result); // If the response has a "success" property and its value is true, clear the form if (result.success) { resultInput.value = ''; // Clear the current value of the search input field resultInput.placeholder = "New Search"; // Set the placeholder to `New Search` image_for_edit_record.src = ""; image_for_edit_record.alt = ""; editForm.reset(); // Resetting the edit form searchForm.reset(); // Resetting the search form // Reset select box to default (first) option const selectBox = document.querySelector('select[name="heading"]'); selectBox.selectedIndex = 0; } } else { console.error( "Error submitting the form:", response.status, response.statusText ); // Handle error response } }); also using `console.log` helps in debugging, plus your `sql_connection.php` is expecting back json data back.

Your JavaScript code doesn't involve a request at all, other than the one to initially load the page which is going to be a standard stateless HTTP request. The only stateful protocol you would possibly end up using in JavaScript code is a WebSocket. The rest of the web revolves around stateless HTTP requests. That blog post has less to do with HTTP and more to do with applications. HTTP is stateless, but most web applications are not as they rely upon session data to track who is logged in or other details. That session data makes the application as a whole stateful even if the individual HTTP requests are not.

1. You're using XAMPP on Linux? 😆 Just install Apache, PHP, and whatever else you need through your package manager. Normally. 2. It's code. Singular. "Codes" are things you enter into videogames. 3. Don't reference w3schools. Sometimes they tell you the right thing to do, sometimes they tell you the wrong thing to do, and if you're learning then you won't be able to tell the difference between them. Where did you put main.js? /opt/lampp/htdocs/js/main.js? Then the first form you had is correct. If not then (a) why not? and (b) the second form was correct (except "js/main.js" - no ./ - is cleaner and means the same thing), however you might discover problems with this approach... And changing that won't affect any of your PHP code. The thing with file_put_contents is a completely separate issue. That error is telling you that /opt/lampp/htdocs/pages does not exist. It's also a red flag that you're using code to create this filesList.txt file, but I'm going to ignore it. Also, please tell me you're not running this as root. Use your user account - give it ownership of /opt/lampp/htdocs and everything inside it.

IMHO dense_rank() gives an exaggerated picture of performance. If you get 90% and the other 19 students in your class score 100%, your dense_ranking is 2nd, which is pure BS. If 19 people did better than you then you came 20th (which is what rank() would give. I have tried 2 or 3 times to install mysql version 8 with its window functions, but without success, so I had to do this the hard way. I sed two subqueries - one for the subject positions and the other for the class positions and joined them on REG. SELECT subj.reg , subj.subject , subj.total , subj.subject_rank+0 as subject_rank , clas.class_rank+0 as class_rank FROM ( SELECT reg , @prevrank := CASE WHEN subject <> @prevsub THEN 1 ELSE CASE WHEN total = @prevtot THEN @prevrank ELSE @prevrank + 1 END END as subject_rank , @prevsub := subject as subject , @prevtot := total as total FROM ( SELECT reg , subject , total FROM academic_result WHERE class= 'js1' AND term='1T' AND session='200/2001' ORDER BY subject, total DESC LIMIT 9223372036854775808 -- MariaDB bug workaround ) subj_sorted ) subj JOIN ( SELECT reg , @prevcrank := CASE WHEN tot = @prevctot THEN @prevcrank ELSE @prevcrank + 1 END as class_rank , @prevctot := tot as tot FROM ( SELECT reg , sum(total) as tot FROM academic_result WHERE class= 'js1' AND term='1T' AND session='200/2001' GROUP BY reg ORDER BY tot DESC LIMIT 9223372036854775808 ) cl_sorted ) clas USING (reg) JOIN ( SELECT @prevsub:=0, @prevtot:=0, @prevctot:=0, @prevrank := 0, @prevcrank := 0 ) init ORDER BY class_rank"; giving +-----+---------+-------+--------------+------------+ | reg | subject | total | subject_rank | class_rank | +-----+---------+-------+--------------+------------+ | 2 | bus101 | 90 | 1 | 1 | | 2 | chem101 | 85 | 1 | 1 | | 2 | csc101 | 90 | 1 | 1 | | 1 | bus101 | 70 | 2 | 2 | | 1 | chem101 | 75 | 2 | 2 | | 1 | csc101 | 85 | 2 | 2 | +-----+---------+-------+--------------+------------+

Two weeks later and you still can't show us the error message or describe the problem?

Here's an example to get you started <?php function svgHead($txt) { $svg = "<svg class='longhead' width='150' height='100'> <style type='text/css'> .headtext { font-size: 11pt; fill: orange; } </style> <path d='M 0 100 l 40 0 l 100 -100 l -40 0 Z' fill='black' /> <text x='35' y='95' class='headtext' transform='rotate(-45, 35, 95 )'>$txt</text> </svg> "; return $svg; } ?> <style type='text/css'> div.outer { border: 1px solid black; height: 105px; } svg.longhead { margin: -50px; position: relative; top: 35px; left: 50px; } </style> <div class='outer'> <?= svgHead('Long Heading 1')?> <?= svgHead('Long Heading 2')?> <?= svgHead('Long Heading 3')?> <?= svgHead('Long Heading 4')?> <?= svgHead('Long Heading 5')?> <?= svgHead('Long Heading 6')?> </div> output

In much the same way as Superman uses kryptonite.

One way is not to turn off the error reporting...

The code I gave you in your previous topic downloads the file.