Leaderboard

Not as it is now - if you want to tell the user which is taken you'll have to update the query. Right now it just returns a count of records that match either the username or the email. You'll have to actually select both and then check in PHP which one matches, or rewrite the query to return the offending column. However, I'd recommend just letting people know that one of the two has been taken. That way you're not confirming to an outside party which of the two actually exists in the database - a hacker that knows for a fact a username exists has less work to do and can focus only on figuring out a correct password.

here's a list of things i saw in the posted code - 1. don't put php variables inside of double-quotes if they are the only thing in the string. 2, don't use or die() for error handling. use exceptions and in most cases let php catch the exception. note: your use of mysqli_error(...) in the connection code won't work because there's no connection to use. 3. don't unconditionally output database errors onto a web page (this will go away when you get rid of the or die() logic.) 4. don't run queries inside of loops. learn to do JOIN queries. 5. if your code is tabbed that far over because it is located inside your html document, you need to put the php code that's responsible for getting/producing data before the start of your html document, fetch the data into appropriately named php variable(s), then use those variable(s) in the html document. 6. handling the negative/failure case is usually shorter then the positive/successful case. if you invert the logic tests and handle the negative/failure condition first, your code will be clearer. you won't have logic for the negative/failure case 10's/100's of lines later in the code. 7. don't use loops to fetch what will be at most one row of data. just directly fetch the single row of data. 8. don't put static calculations inside of loops. the various date values shouldn't change during one report (where they are at now, they will if the request spans midnight.) put them before the start of the loop. 9. don't put quotes around numbers. 10. don't selected things that are not used and don't create variables that are not used (given the amount of code, the cases i saw of this may not be accurate.) 11. if you are looping to do something (should go away with JOINed queries), don't evaluate count() statements in the loop. determine the loop count, once, before the start of the loop. 12. doing some of these things will simplify variable naming. you won't have to think up unique names for variables because you will only have one instance in the code. 13. the $AffID is probably from external/unknown data. you should NOT put eternal/unknown data directly into an sql query statement. use a prepared query, with a place-holder for each data value, then supply the data when the query gets executed. switching to the much simpler php PDO extension will make using prepared queries easy compared to the php mysqli extension.

Just my 0.02 worth ... 1. It is always a bad idea to place values provided by the user ($_GET, $_POST, $_COOKIE) directly into your SQL. A better way is this, which avoids doing that and also checks that only valid column names can be used $sort = $_GET['sort'] ?? ''; switch ($sort) { case 'recd_date': $orderby = 'location, recd_date, name'; break; case 'sent_date': $orderby = 'location, sent_date, name'; break; case 'birth_date': $orderby = 'location, birth_date, name'; break; default: $orderby = 'location, name'; break; } 2. Use prepared statements to place values into your query $result = $db->prepare("SELECT * FROM $company WHERE member = ? ORDER BY $orderby "); $result->bind_param('i', $member_number[$i]); $result->execute(); 3. The use of that [$i] index - are you running the query in a loop for different member_numbers? Don't. 4. You have a variable table name ($company) which suggests you have several tables, each for a different company. Better to have a single table and add an indexed "company" column.

Remove the period from in front of your relative paths. The location of the files should be relative to your site document root.

Your output depends on there being an input with the name "submit". There isn't one. As it is a bad idea to name an input "submit" rely on a button name to check for submissions of data (if you hit return the button name may not be sent depending on the browser) A better approach to test for posted data is if ($_SERVER['REQUEST_METHOD'] == 'POST' ) { // process posted data }

When you receive the form the first time (and every time after that) create an array of the 'values' that were checked. When you output the form again, as you build the html code check that array for the values that need to be re-checked and check them as they are built. easy-peasy.

assuming that you are dynamically producing the checkboxes (if not that would be your 1st step), you would test if the corresponding submitted post data isset() for the current checkbox you are outputting. to address that you are initially checking all the checkboxes, you would have a common program variable that you initially setup with the necessary data, then copy the submitted post data to the same variable once the form has been submitted. see the following example code - <?php // recursive trim call-back function function _trim($val) { if(is_array($val)) { return array_map('_trim',$val); } else { return trim($val); } } $post = []; // holds a trimmed, working copy, of the submitted post data or any initial data // post method form processing if($_SERVER['REQUEST_METHOD'] == 'POST') { // examine the submitted data echo '<pre>'; print_r($_POST); echo '</pre>'; $post = array_map('_trim',$_POST); // get a trimmed copy of the submitted post data. use elements in $post in the rest of the code on the page // the rest of the form processing code goes here... } // get method business logic - get/produce data needed to display the page // if you were editing existing stored data, you would initially (if the $post variable is empty) retrieve that here into the $post variable if(empty($post)) // note: this requires at least one non-checkbox/radio form field to be present in case all checkbox/radio fields are ever unchecked { // for a set of defined checkboxes that are initially set, the same as through you were editing existing data where all the checkboxes are initially checked, set that up here // loop over a 'defined' list of checkboxes. for demo purposes this is just a list of ids from 1-4 foreach(range(1,4) as $id) { $post['chk'][$id] = true; } } ?> <form method='post'> <input type='hidden' name='action' value='create'> <?php // loop over a 'defined' list of checkboxes. for demo purposes this is just a list of ids from 1-4 foreach(range(1,4) as $id) { // determine if checkbox is checked $chk = isset($post['chk'][$id]) ? ' checked' : ''; echo "<input type='checkbox' name='chk[$id]'$chk> Checkbox: $id<br>"; } ?> <input type='submit'></form>

The Chrome/Firefox dev tools are a great way to explore your understanding of these things. Basically HTTP has a request/response format. Client Makes Request to server ----> Server receives Request (GET or POST) Server processes request.... At this point your PHP code is running and can do whatever you want it to do. So if your goal is to redirect the user to a different page, then you have 2 ways to do that. Either set a location header or use the html meta refresh. In the case of the location header, once anything was echo'd to the client, the http header will have already been sent and it will be too late. Like session_start(), if you need to make header() calls, they have to come first. Of course that doesn't mean that you can't have done processing, stored data, sent email or anything else you require first.

i was able to edit correctly and get the characters to look how i wanted, i used start_time and start_date to get the version of those i needed, and i even added timezone for clearification further on the automation needs moving forward for reference. So i see how you used $i the i believe its $i++ was that to say count incrementally higher ? and if so is this same thing possible only using a-z intead of 0-9

This is what I was looking for: $jsondata = file_get_contents("https://kalebdf.com/flo/api.php?url=events%2Fnow-and-upcoming%3Flimit%3D70%26tz%3DAmerica%2FNew_York%26live_only%3D1%26site_id%3D1%252C2%252C3%252C4%252C5%252C6%252C7%252C8%252C9%252C10%252C11%252C12%252C13%252C14%252C15%252C16%252C17%252C18%252C19%252C20%252C21%252C22%252C23%252C24%252C25%252C26%252C27%252C28%252C29%252C30%252C31%252C32%252C33%252C34%252C35%252C36%252C37%252C38%252C39%252C41%252C43"); $json = json_decode($jsondata, true); var_dump($json['data']); Now that we can see your source json, this is obviously a huge result. I'm not sure that turning this into a gigantic array is helpful because it's such a large json data structure with many keys. However, in general you can determine what is going to happen based on whether the json has an array structure ie [ ] or a property "somename": "some_value" The original json has many of these properties. If something is inside a json array, then it will be turned into a numerically indexed array: $var[0], $var[1] etc. Unless you know which specific array element you need, typically you're going to foreach() loop through them. If the original json is a property then the property name is going to be turned into an array key, with the associated value stored in the array element. That value could be a nested object: { }, a single value, or an array. And in each case there is possible nesting. If you understand the basics of this, you should be able to look at the original json and figure out how it will be converted. In your case, when we var_dump($json['data']) the top level is revealed to be a giant numerically indexed array: You are foreach()ing through this array. So to get an idea of what just one looks like, it's helpful to var_dump the first one: var_dump($json['data'][0]); This shows the nested structure for each array element you'll get when you foreach through the outer structure: array(41) { ["id"]=> int(6251309) ["should_show_read_more"]=> bool(true) ["ad_set_code"]=> NULL ["slug_uri"]=> string(33) "/events/6251309-2019-giro-ditalia" ["title"]=> string(18) "2019 Giro d'Italia" ["short_title"]=> string(13) "Giro d'Italia" ["seo_description"]=> string(122) "Tune in to FloBikes for complete editorial coverage and to watch every stage of the 2019 Giro d'Italia live and on demand!" ["author"]=> array(10) { ["profile_picture_url_small"]=> string(86) "https://res.cloudinary.com/diznifoln/image/upload/w_100,h_100/oz7rkl8ihbds5yb20ujn.png" ["profile_picture_url_medium"]=> string(86) "https://res.cloudinary.com/diznifoln/image/upload/w_125,h_125/oz7rkl8ihbds5yb20ujn.png" ["profile_picture_url_large"]=> string(86) "https://res.cloudinary.com/diznifoln/image/upload/w_150,h_150/oz7rkl8ihbds5yb20ujn.png" ["id"]=> int(1625830) ["username"]=> string(10) "JoeBatts75" ["first_name"]=> string(3) "Joe" ["last_name"]=> string(9) "Battaglia" ["gender"]=> string(1) "m" ["created_at"]=> string(24) "2014-04-10T14:03:26+0000" ["modified_at"]=> string(24) "2019-02-04T16:24:23+0000" } ["asset"]=> array(14) { ["id"]=> int(6456733) ["title"]=> string(53) "El-Giro-de-Italia-2018-comenzará-en-Jerusalén.jpg" ["description"]=> NULL ["credit"]=> NULL ["source"]=> string(71) "//flo30-assets-prod.s3.amazonaws.com/uploads/FloBikes/5ba8fda8b17eb.png" ["site"]=> array(13) { ["domain"]=> string(16) "www.flobikes.com" ["id"]=> int(37) ["name"]=> string(8) "FloBikes" ["code"]=> string(8) "flobikes" ["host"]=> string(23) "http://www.flobikes.com" ["active"]=> bool(true) ["type"]=> string(4) "site" ["version"]=> int(3) ["color"]=> string(7) "#FF8200" ["hero_image"]=> string(86) "https://d6fm3yzmawlcs.cloudfront.net/mobileVerticalBackground/mobile_bg_flocycling.jpg" ["modified_at"]=> NULL ["show_on_mobile"]=> bool(true) ["sport_name"]=> string(7) "Cycling" } ["url"]=> string(55) "https://d2779tscntxxsw.cloudfront.net/5ba8fda8b17eb.png" ["library"]=> bool(true) ["status_code"]=> int(200) ["path"]=> string(77) "https://flo30-assets-prod.s3.amazonaws.com/uploads/FloBikes/5ba8fda8b17eb.png" ["copied"]=> bool(true) ["duplicated"]=> bool(false) ["created_at"]=> string(24) "2018-09-24T15:07:21+0000" ["modified_at"]=> string(24) "2018-10-13T08:09:22+0000" } ["logo"]=> NULL ["slug"]=> string(17) "2019-giro-ditalia" ["publish_start_date"]=> string(24) "2018-09-24T15:26:00+0000" ["publish_end_date"]=> NULL ["status"]=> int(1) ["status_text"]=> string(18) "Active - Published" ["status_color"]=> string(7) "#CDEB8B" ["premium"]=> bool(false) ["node"]=> array(13) { ["categories"]=> array(3) { [0]=> array(5) { ["id"]=> int(605) ["name"]=> string(4) "Road" ["parent"]=> array(5) { ["id"]=> int(602) ["name"]=> string(10) "Discipline" ["parent"]=> NULL ["created_at"]=> string(24) "2018-02-02T17:47:21+0000" ["modified_at"]=> NULL } ["created_at"]=> string(24) "2018-02-02T17:47:34+0000" ["modified_at"]=> NULL } [1]=> array(5) { ["id"]=> int(612) ["name"]=> string(12) "Professional" ["parent"]=> array(5) { ["id"]=> int(603) ["name"]=> string(11) "Rider Level" ["parent"]=> NULL ["created_at"]=> string(24) "2018-02-02T17:47:21+0000" ["modified_at"]=> NULL } ["created_at"]=> string(24) "2018-02-02T17:47:53+0000" ["modified_at"]=> NULL } [2]=> array(5) { ["id"]=> int(621) ["name"]=> string(8) "UCI 2.WT" ["parent"]=> array(5) { ["id"]=> int(604) ["name"]=> string(10) "Race Level" ["parent"]=> NULL ["created_at"]=> string(24) "2018-02-02T17:47:21+0000" ["modified_at"]=> NULL } ["created_at"]=> string(24) "2018-02-02T17:48:48+0000" ["modified_at"]=> NULL } } ["primary_event_association"]=> NULL ["primary_event_or_series_association"]=> NULL ["people"]=> array(0) { } ["teams"]=> array(0) { } ["id"]=> int(6251309) ["current_revision"]=> NULL ["site"]=> array(13) { ["domain"]=> string(16) "www.flobikes.com" ["id"]=> int(37) ["name"]=> string(8) "FloBikes" ["code"]=> string(8) "flobikes" ["host"]=> string(23) "http://www.flobikes.com" ["active"]=> bool(true) ["type"]=> string(4) "site" ["version"]=> int(3) ["color"]=> string(7) "#FF8200" ["hero_image"]=> string(86) "https://d6fm3yzmawlcs.cloudfront.net/mobileVerticalBackground/mobile_bg_flocycling.jpg" ["modified_at"]=> NULL ["show_on_mobile"]=> bool(true) ["sport_name"]=> string(7) "Cycling" } ["view_count"]=> int(100740) ["legacy_id"]=> NULL ["search_indexed_at"]=> string(24) "2019-05-22T12:13:40+0000" ["created_at"]=> string(24) "2018-09-24T15:27:50+0000" ["modified_at"]=> string(24) "2019-05-22T12:13:40+0000" } ["enable_interstitial_ad"]=> bool(true) ["enable_pre_roll_ads"]=> bool(true) ["shareable_link"]=> string(57) "https://www.flobikes.com/events/6251309-2019-giro-ditalia" ["created_at"]=> string(24) "2018-09-24T15:27:50+0000" ["modified_at"]=> string(24) "2019-05-22T12:04:37+0000" ["has_schedule"]=> bool(true) ["preview_text"]=> string(217) "<p>The 2019 Giro d’Italia is a UCI World Tour event. Tune in to FloBikes for a complete editorial coverage and to watch every stage of the 2019 Giro d'Italia live and on demand, available in the U.S. and Canada.</p>" ["description"]=> string(225) "<p>The 2019 Giro d&rsquo;Italia is a UCI World Tour event. Tune in to FloBikes for a complete editorial coverage and to watch every stage of the 2019 Giro d&#39;Italia live and on demand, available in the U.S. and Canada.</p>" ["city"]=> string(7) "Bologna" ["region"]=> NULL ["country"]=> string(2) "IT" ["venue"]=> NULL ["start_date"]=> string(10) "2019-05-11" ["end_date"]=> string(10) "2019-06-02" ["schedule_tab_label"]=> string(8) "Schedule" ["participant_tab_label"]=> string(7) "Entries" ["live_updates_tab_label"]=> string(12) "Live Updates" ["info_tab_label"]=> string(4) "Info" ["live_event"]=> array(33) { ["event_ids"]=> array(1) { [0]=> int(6251309) } ["start_at"]=> string(20) "2019-05-22T11:05:00Z" ["end_at"]=> string(20) "2019-06-03T03:59:59Z" ["id"]=> int(8778) ["title"]=> string(18) "2019 Giro d'Italia" ["short_title"]=> string(13) "Giro D'Italia" ["stream1"]=> string(26) "cyp8778_2019_giro_d_italia" ["stream2"]=> string(26) "cyp8778_2019_giro_d_italia" ["stream_list"]=> array(2) { [0]=> array(7) { ["stream_id"]=> int(18633) ["stream_name"]=> string(18) "2019 Giro d'Italia" ["stream_code"]=> string(26) "cyp8778_2019_giro_d_italia" ["stream_active"]=> bool(true) ["stream_hls"]=> string(68) "http://flocasts-hls.videocdn.scaleengine.net/flocasts-florigins/play" ["stream_type"]=> string(8) "multiple" ["stream_mode"]=> string(6) "normal" } [1]=> array(7) { ["stream_id"]=> int(25651) ["stream_name"]=> string(13) "Giro d'Italia" ["stream_code"]=> string(21) "cyp8778_giro_d_italia" ["stream_active"]=> bool(false) ["stream_hls"]=> string(68) "http://flocasts-hls.videocdn.scaleengine.net/flocasts-florigins/play" ["stream_type"]=> string(8) "multiple" ["stream_mode"]=> string(6) "normal" } } ["slug"]=> string(18) "2019-giro-d-italia" ["description"]=> string(79) "<p> <span style="background-color: initial;">2019 Giro d'Italia</span> </p>" ["premium"]=> bool(true) ["ppv"]=> bool(false) ["disable_bumping"]=> bool(false) ["disable_login"]=> bool(false) ["enable_ott"]=> bool(true) ["status"]=> string(4) "LIVE" ["status_message"]=> NULL ["type"]=> string(6) "STREAM" ["start_date"]=> string(10) "2019-05-22" ["end_date"]=> string(10) "2019-06-02" ["start_time"]=> string(8) "07:05:00" ["end_time"]=> string(8) "23:59:59" ["timezone"]=> string(16) "America/New_York" ["start_date_time"]=> string(24) "2019-05-22T11:05:00+0000" ["end_date_time"]=> string(24) "2019-06-03T03:59:59+0000" ["start_at_next"]=> string(24) "2019-05-22T11:05:00+0000" ["background_url"]=> NULL ["live_event_url"]=> string(34) "https://www.flobikes.com/live/8778" ["player_version"]=> string(3) "3.0" ["dvr"]=> bool(false) ["created_at"]=> string(24) "2019-05-22T12:04:56+0000" ["modified_at"]=> string(24) "2019-05-22T12:04:56+0000" } ["watchable"]=> bool(true) ["replay_video_count"]=> int(10) ["replay_preview_vod"]=> NULL ["type"]=> string(5) "event" } Sometimes it's useful in such a large structure just to see the list of top level array keys. PHP has a helpful array_keys() function for this. Also, print_r has a slightly different output format from var_dump that omits the variable types. Just to get some clarity, I ran this: $json = json_decode($jsondata, true); $t = array_keys($json['data'][0]); sort($t); print_r($t); And got this output: Array ( [0] => ad_set_code [1] => asset [2] => author [3] => city [4] => country [5] => created_at [6] => description [7] => enable_interstitial_ad [8] => enable_pre_roll_ads [9] => end_date [10] => has_schedule [11] => id [12] => info_tab_label [13] => live_event [14] => live_updates_tab_label [15] => logo [16] => modified_at [17] => node [18] => participant_tab_label [19] => premium [20] => preview_text [21] => publish_end_date [22] => publish_start_date [23] => region [24] => replay_preview_vod [25] => replay_video_count [26] => schedule_tab_label [27] => seo_description [28] => shareable_link [29] => short_title [30] => should_show_read_more [31] => slug [32] => slug_uri [33] => start_date [34] => status [35] => status_color [36] => status_text [37] => title [38] => type [39] => venue [40] => watchable ) You had determined previously that the 2 top level elements you were interested in were 'title' and 'live_event'. 'title' is a single value, however live_event is another nested structure. To figure out what that looks like: var_dump($json['data'][0]['live_event']); And you get: array(33) { ["event_ids"]=> array(1) { [0]=> int(6251309) } ["start_at"]=> string(20) "2019-05-22T11:05:00Z" ["end_at"]=> string(20) "2019-06-03T03:59:59Z" ["id"]=> int(8778) ["title"]=> string(18) "2019 Giro d'Italia" ["short_title"]=> string(13) "Giro D'Italia" ["stream1"]=> string(26) "cyp8778_2019_giro_d_italia" ["stream2"]=> string(26) "cyp8778_2019_giro_d_italia" ["stream_list"]=> array(2) { [0]=> array(7) { ["stream_id"]=> int(18633) ["stream_name"]=> string(18) "2019 Giro d'Italia" ["stream_code"]=> string(26) "cyp8778_2019_giro_d_italia" ["stream_active"]=> bool(true) ["stream_hls"]=> string(68) "http://flocasts-hls.videocdn.scaleengine.net/flocasts-florigins/play" ["stream_type"]=> string(8) "multiple" ["stream_mode"]=> string(6) "normal" } [1]=> array(7) { ["stream_id"]=> int(25651) ["stream_name"]=> string(13) "Giro d'Italia" ["stream_code"]=> string(21) "cyp8778_giro_d_italia" ["stream_active"]=> bool(false) ["stream_hls"]=> string(68) "http://flocasts-hls.videocdn.scaleengine.net/flocasts-florigins/play" ["stream_type"]=> string(8) "multiple" ["stream_mode"]=> string(6) "normal" } } ["slug"]=> string(18) "2019-giro-d-italia" ["description"]=> string(79) "<p> <span style="background-color: initial;">2019 Giro d'Italia</span> </p>" ["premium"]=> bool(true) ["ppv"]=> bool(false) ["disable_bumping"]=> bool(false) ["disable_login"]=> bool(false) ["enable_ott"]=> bool(true) ["status"]=> string(4) "LIVE" ["status_message"]=> NULL ["type"]=> string(6) "STREAM" ["start_date"]=> string(10) "2019-05-22" ["end_date"]=> string(10) "2019-06-02" ["start_time"]=> string(8) "07:05:00" ["end_time"]=> string(8) "23:59:59" ["timezone"]=> string(16) "America/New_York" ["start_date_time"]=> string(24) "2019-05-22T11:05:00+0000" ["end_date_time"]=> string(24) "2019-06-03T03:59:59+0000" ["start_at_next"]=> string(24) "2019-05-22T11:05:00+0000" ["background_url"]=> NULL ["live_event_url"]=> string(34) "https://www.flobikes.com/live/8778" ["player_version"]=> string(3) "3.0" ["dvr"]=> bool(false) ["created_at"]=> string(24) "2019-05-22T12:04:56+0000" ["modified_at"]=> string(24) "2019-05-22T12:04:56+0000" } So finally we can see, that 'stream_list' is the key for an array of streams. Being that this is a numerically indexed array of 1..n items, you need to do a nested foreach() to iterate through the internal array elements. You've stated that you are only interested in the 'stream_id' element. So hopefully at this point, you can understand that you have an outer foreach() through the data elements, and then the requirement to do an inner foreach to get the individual stream_id elements from stream_list. <?php $jsondata = file_get_contents("https://kalebdf.com/flo/api.php?url=events%2Fnow-and-upcoming%3Flimit%3D70%26tz%3DAmerica%2FNew_York%26live_only%3D1%26site_id%3D1%252C2%252C3%252C4%252C5%252C6%252C7%252C8%252C9%252C10%252C11%252C12%252C13%252C14%252C15%252C16%252C17%252C18%252C19%252C20%252C21%252C22%252C23%252C24%252C25%252C26%252C27%252C28%252C29%252C30%252C31%252C32%252C33%252C34%252C35%252C36%252C37%252C38%252C39%252C41%252C43"); $json = json_decode($jsondata, true); foreach($json['data'] as $data) { echo "Title: {$data['title']}\n"; echo "Event Time: {$data['live_event']['start_time']}\n"; echo "Streams:\n"; foreach($data['live_event']['stream_list'] as $i => $stream) { $i++; echo " $i. {$stream['stream_id']}\n"; } echo "\n"; } Output: Title: 2019 Giro d'Italia Event Time: 07:05:00 Streams: 1. 18633 2. 25651 Title: 2019 Japan vs United States | Women's VNL Event Time: 08:45:00 Streams: 1. 24691 Title: 2019 Serbia vs Korea | Women's VNL Event Time: 09:45:00 Streams: 1. 24692 Title: 2019 Thailand vs Italy | Women's VNL Event Time: 10:15:00 Streams: 1. 24695 Title: 2019 Brose Bamberg vs Rasta Vechta | easyCredit BBL Event Time: 12:00:00 Streams: 1. 25885 Title: 2019 Bulgaria vs Belgium | Women's VNL Event Time: 12:15:00 Streams: 1. 24697 Title: 2019 Netherlands vs Turkey | Women's VNL Event Time: 12:45:00 Streams: 1. 24698 Title: 2019 Poland vs Germany | Women's VNL Event Time: 13:15:00 Streams: 1. 24699 Title: 2019 Kirolbet Baskonia vs Divinas Seguros Joventut | 2018-19 La Liga BB Event Time: 13:30:00 Streams: 1. 24555 Title: Here's The Deal Event Time: 14:30:00 Streams: 1. 17181 Title: 2019 China vs Russia | Women's VNL Event Time: 14:45:00 Streams: 1. 24700 Title: 2019 TSSAA Outdoor Championships Event Time: 17:00:00 Streams: 1. 23950 Title: Going Brooklyn: In Studio With Bowling's Big Names Event Time: 16:00:00 Streams: 1. 19566 Title: 2019 USAC Sprints at Terre Haute Action Track Event Time: 17:30:00 Streams: 1. 20891 2. 21547 3. 21850 Title: 2019 Brazil vs Dominican Republic | Women's VNL Event Time: 17:45:00 Streams: 1. 24701 Title: 2019 D.C. United vs Real Betis Event Time: 18:45:00 Streams: 1. 25324 2. 25961 Title: 2019 Sassari City Matteo Pellicone Memorial Event Time: 03:00:00 Streams: 1. 22004 Title: 2019 Canadian Gymnastics Championships - Artistic Event Time: 08:30:00 Streams: 1. 22977 Title: 2019 Belgium vs Japan | Women's VNL Event Time: 08:45:00 Streams: 1. 24702 Title: 2019 CAN vs SUI | IIHF World Quarterfinals Event Time: 09:15:00 Streams: 1. 25647 2. 25958 Title: 2019 Netherlands vs Korea | Women's VNL Event Time: 09:45:00 Streams: 1. 24703 Title: 2019 Italy vs Germany | Women's VNL Event Time: 10:15:00 Streams: 1. 24704 Title: FloTrack TV Event Time: 12:00:00 Streams: 1. 24624 Title: 2019 United States vs Bulgaria | Women's VNL Event Time: 12:15:00 Streams: 1. 24705 Title: 2019 Turkey vs Serbia | Women's VNL Event Time: 12:45:00 Streams: 1. 24706 Title: 2019 Thailand vs Poland | Women's VNL Event Time: 13:15:00 Streams: 1. 24707 Title: 2019 CZE vs GER | IIHF World QuarterFinals Event Time: 13:15:00 Streams: 1. 25959 Title: 2019 DI NCAA West Preliminary Round Event Time: 12:00:00 Streams: 1. 23835 2. 25953 Title: 2019 DI NCAA East Preliminary Round Event Time: 15:30:00 Streams: 1. 23834 2. 25954 Title: 2019 China vs Dominican Republic | Women's VNL Event Time: 14:45:00 Streams: 1. 24708 Title: 2019 MPSSAA Outdoor Championships Event Time: 16:00:00 Streams: 1. 24005 Title: 2019 NHSRA Louisiana State Finals: RidePass PRO Event Time: 15:15:00 Streams: 1. 25111 etc.

you would initially create an array of the dates (Y-m-d date format) you want to highlight and store this array in a class property. at the point in the code where it is producing the css class selector and the cell content, you would use in_array() to find if $this->currentDate is one of the dates in the array. note: the author of that script should have produced a $today value in the Y-m-d format and just directly compared it with $this->currentDate in the existing css class selector code.

Just use the index hierarchy down to the item you want echo $array['data'][0]['attributes']['title']

There are a few issues here: echo'<form method="POST" action"'.getLocations($conn).'"> 1. getLocations() is a function that does not return anything. You can't use it with a string like that. 2. The form action is supposed to be a URL. If you want to submit the form to the same page it's on you can leave the action empty or missing. 3. There needs to be an equals sign with that action. <!--foreach($zip as $zip) : --> 4. That's PHP code. If you need to comment it out, keep it inside the <?php tags and use a PHP comment, not an HTML comment. 5. $zip that was set inside the getLocations() function is not going to be available to use outside the function. You should make the function return the value, then when you call it assign the returned value to a variable. 6. The function is only set to do anything when the form is submitted. Make sure that everything still works even when the form hasn't been submitted yet. 7. Don't iterate over a variable and then use that same variable name for the individual values. You'll confuse yourself. Perhaps use $zips and $zip? echo $address['address']; 8. $address is never defined anywhere. Did you mean $zip? But... echo $zip['zip']; 9. Since you commented out the foreach loop, and because of #5, there is no $zip to use. if (isset($_POST['submit'])){ 10. Your form's submit button is not named "submit". function getLocations($conn) { 11. This function requires that you pass it an argument for the database connection (which you have also named $conn). You aren't doing that.

In order to use $_GET you need to understand what links look like and what the query string is. Research that and you should have an idea of what you need to do next.

the users table should only hold unique/one-time user information - first name, last name. this would produce a user_id (auto-increment integer column.) you would store any repetitive user information, such as the weight/date data in a second table, related back to the user through the user_id value. once you have properly stored the data, you can write sql queries to get any user(s) information for any date or date range.

Create a table subquery to calculate the total points for each user and join that to the rewards table using the points total. (In my example I assume you have a table called points. SELECT first_name , last_name , total_points , reward FROM { SELECT first_name , last_name , SUM(points) as total_points FROM user u JOIN points p ON u.userID = p.userID GROUP BY u.userID } tot LEFT JOIN rewards r ON tot.total_points = r.valuePoints

htmlentities/htmlspecialchars are output functions. they are used when you output dynamic values in a html context (web page, email.) they are not used when data is received by a script.

Your binary representation is full of regular patterns, I'd wager it being indices (the alphanumeric text like $0<(4@LX`) preceding any compressed data (the unrepresented characters �) for each entry. Just a shot in the dark. It doesn't mean what is under it isn't encrypted. Wow, I haven't logged in for a decade, and Ignace you're a moderator, congrats!

It's... no, moving it outside the root isn't going to change anything for the better. If the script needs to be run at user request, like yours, then moving it outside the root is irrelevant. The only reason for files to be outside the root is so that the user can't plug in some URL into their browser and execute files they aren't supposed to. But here, you want the user to execute ajax.php. So not only is there no point to moving it, you're actually hurting yourself in the process. Leave it where it was. It's fine.

No, it's not a burden. It's how 95% of the web works now.

You have single quotes arond "time" so it is being treated as a string literal. Use backticks like you have around the previous one.

They are the same. Note the github url on the packagist page. Generally speaking in these situations I start by designing the PHP interface I need and then try and code the necessary drivers to match that interface. As drivers are built it may be necessary to change the interface to accommodate. For example you may start with: interface DeviceController { public function start() : Promise; public function stop() : Promise; public function open() : Promise; public function close() : Promise; //... } Then, foreach device you have to support make a driver that implements that interface, for example: class ModbusRtuDevice implements DeviceController { private $socket; public function __construct(SocketClient $socket){ $this->socket = $socket; } public function start() : Promise { return $this->send('start'); } public function stop() : Promise { return $this->send('stop'); } public function open() : Promise { return $this->send('open'); } public function close() : Promise { return $this->send('close'); } private function send($action) : Promise { $command = json_encode([ 'action' => $action , 'arguments' => [] ]); return $this->socket->sendCommand($data); } } The just code the rest of your application according to the DeviceController interface. I'd focus first on just creating an interface that you'd ideally want. Then focus on implementing a driver for it for whatever your most common device type is. Adjust the interface design where required as problems arise. Once that is working, move on to implementing a driver for the next most common devices. Again, adjust the interface as required but keep in mind your first driver. If a change is needed and avoid just adding some driver specific method/parameter. Adjust the interface to something that works for both devices and make the adjustments to the original driver as needed to accommodate the new interface design. A lot of this is sometimes easier said than done, I know. Sometimes it may take quite a few iterations to really get things in a good place.

First step is to logs the contents of $data somewhere so you can look at what is in it.

A security group shouldn't prevent DNS from working. Yes, you can do multiple websites. Guide

Attribute which are arrays (like "image" are ignored, as are attributes with no values. Where no heading translation is provided the raw attribute name is output. <?php $headings = [ 'attribute_pa_pack-quantity' => 'Pack&nbsp;Qty', 'attribute_pa_variation' => 'Variation', 'sku' => 'SKU', 'variation_description' => 'Var&nbsp;Desc', 'variation_id' => 'Id', 'price_html' => 'Price' ]; $systems = []; foreach ($variations as $var) { $atts = array_values($var['attributes']); $key = $atts[0]; $kv = count($var); $ka = count($var['attributes']); if (!isset($systems[$key])) { $systems[$key] = []; } $systems[$key][] = array_merge(array_slice($var['attributes'], 1, $ka-1, 1), array_slice($var, 1, $kv-1, 1)); } echo '<pre>', print_r($systems, 1), '</pre>'; ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Example</title> <style type='text/css'> body { font-family: calibri, sans-serif; font-size: 10pt; } .system { width: 30%; float: left; margin-right: 30px; } .item { padding: 5px; margin-bottom: 15px; } .hdg { display: inline-block; width: 150px; font-weight: 600; } </style> </head> <body> <?php foreach ($systems as $sys => $sdata) { echo "<div class='system'><h3>$sys</h3>\n"; foreach ($sdata as $item) { echo "<div class='item'>\n"; foreach ($item as $h => $v) { if ($v && !is_array($v)) { $hd = $headings[$h] ?? $h; // use attribute key if no translation available echo "<div class='hdg'>{$hd}</div>$v<br>\n"; } } echo "</div>\n"; } echo "</div>\n"; } ?> </body> </html>

You are building your foreign keys the wrong way round, EG ALTER TABLE `programs` ADD FOREIGN KEY (`program_id`) REFERENCES `deal_type` (`program_id`); should be ALTER TABLE `deal_type` ADD FOREIGN KEY (`program_id`) REFERENCES `programs` (`program_id`); program_id is the primary key of the programs table. When it appears in another table (such as deal_type) it is, therefore, a foreign key linking back the programs record. Also CREATE TABLE `deal_type` ( `deal_type_id` int AUTO_INCREMENT, `affiliate_id` int, `program_id` int, `affiliate_deal_id` int, PRIMARY KEY(deal_type_id,affiliate_id,program_id,affiliate_deal_id) -- really? PK should be deal_type_id );

mssql_connect was removed from Php http://php.net/manual/en/function.mssql-connect.php PDO is how you will want to do it. http://php.net/manual/en/book.pdo.php

It is really incredible how MANY different problems you encounter and have to post for us to puzzle over. So much stuff I have never imagined could be in existence and you seem to come up with reasons why they don't work for you. Do you just spend 24x7 researching things to learn about? Or do you have such a diverse workload that you have to learn all of this "stuff"? All of the things you have posted can't possibly all be connected, can they? If so it must be one heck of a project!

The only difference between the "OOP" and "procedural" versions is that one uses $object->function_name($arguments) and the other uses similar_function_name($object, $arguments). I didn't look hard at what you did but I did see you did more than just change the function calls.

Since PHP doesn't actually "do" color, I would suggest that you use CSS. Setup a set of colors in your CSS area and then as you loop thru the numbers and create the HTML that will output those, assign a CSS classname. First the CSS <style> .color_1_10 {color:red;} .color_11_20 {color:blue;} .color_21_30 {color:green;} .color_more {color:black;} </style> Now the PHP for ($i=20; $i<=49; $i++) { switch ($i) { case <= 10: $clsname = 'class_1_10'; break; case <= 20: $clsname = 'class_11_20'; break; case <= 30: $clsname = 'class_21_30'; break; default: $clsname = 'class_more'; break; } echo "<span class='$clsname'>$i</span><br>"; } Note that I used a different range of numbers, but I think you get the idea.

There won't be any "affected rows". It is not an update, delete or insert query.

Have you got php error reporting turned on in your php.ini file? (You have ann error in the PDO options)

I see a form with no inputs, just a button to submit. Then I see a block of code that builds a query and executes it to insert a record with a static id and static name, neither of which comes from any form. And it happens just once. Despite your poorly written post I'm concerned that you have a poorly designed methodology here as well. And where are these other "quarries" (a place to find rocks?) that you want to have executed as well? From your post I half-expected some kind of input form with values that you then wanted to repeatedly post to a database using a unique key for each. Quite an easy exercise. That was not what you presented.

in order to put an array variable inside a string, it needs to be enclosed by {} however, there are a few things wrong with what that line of code is trying to do - 1) the mysqli_query() statement doesn't return data, it returns a result object, so, a variable holding the submitted password will never be equal to the value returned in that line. you would need to fetch the data first. 2) you should NOT store plain-text passwords. you need to use php's password_hash() and password_verify(). you would need to fetch the stored password hash and use password_verify() to test if the submitted password matches the hash. 3) you should NOT put external/unknown data directly into an sql query statement (and for those cases where it is safe to do so, string data must be enclosed by single-quotes.) you instead need to use a prepared query, with a ? place-holder in the sql query statement for each data value, then supply the data when the query gets executed. unfortunately, the php mysqli extension is overly complicated and inconsistent when dealing with prepared queries and you need to switch to the much simpler php PDO extension. doing this will actually simplify the sql query statement since the place-holder being put into the sql query statement eliminates the php variable, any {} around the variable, any single-quotes around the variable, and any concatenation dots.

I think this is what you are trying to do do { ${$row_Recordset1['bd_variable']} = $row_Recordset1['bd_desc']; } while (...) echo "$company_full_name - $company_small_name"; //--> Some Company Pvt, Ltd - Some Company

Not that I'm aware of. With that said, docker only uses the .env file to set variables that are used during the docker-compose pre-processing stage. You also might be well advised to have some directory structure where your laravel app code is not in the root of the project where it would conflict with docker files. I would also suggest taking a look at how Laradock does things.

If you copy paste the URL from the browser you will see that the space is transformed to %20. You should not have the spaces in the first place. Spaces are considered unsafe according to the RFC.

The answer to this is two-fold. 1) Make sure your tokens are random and long. This makes the likelyhood of guessing a token so small it may as well be considered impossible. 2) Have a monitoring system in place that can detect a potential brute-force attempt and ban the source IP address. I suspect, like many do, you're under-estimated just how long such a brute-force attempt would take. Lets take your example and assume a fixed 32-character hex value with the attacker starting at 00000000000000000000000000000000 and working toward ffffffffffffffffffffffffffffffff. Assuming they have a great connection and your server has a great response time permitting a guess every 1ms, by the time they got to the value cb1d797808ad9cd9a67e6657398b9191 they would already have been guessing for 8,561,210,154,550,000,000,000,000,000 years (if my math is correct, no guarantee there). Sure, there's a chance they happen to guess one just after it was created along the way, but that chance is tiny. Hopefully before that happens you've realized what is going on and blocked them via your monitoring system.

Your <option> tags should ech have a correponding </option> closing tag. Your name="MM_Balance should have closing quote. No need to do the months manually: <?php function monthOptions($current) { $opts = ''; $dt1 = new DateTime('2018-01-01'); $dp = new DatePeriod($dt1, new DateInterval('P1M'), 11); foreach ($dp as $d) { $sel = $d->format('m')==$current ? 'selected' : ''; $opts .= sprintf("<option value='%d' $sel>%s</option>\n", $d->format('m'), $d->format('M') ); } return $opts; } ?> <select name="MM_Balance" style="width:60px"> <?=monthOptions(12)?> </select>

Long question short reply: No, the argument does not need to be casted from int to string. PHP will do it automatically.

Why am I not surprised. Sanitizing, validating, and escaping are three different things. Sanitizing is changing the user's input because you didn't like it. Almost always means removing characters from it. You shouldn't do this except for minor issues like spaces because you're altering what the user wrote and they won't like it. Validating is detecting whether the input looks correct and usable. It never changes the value, only examines it. Always do this. Escaping is taking some input and making sure it can't be interpreted as anything other than the plain value it is. Almost always means adding characters to it, like backslashes. Always do this. Sanitizing and escaping can both protect you from XSS and SQL injection. Sometimes people get "sanitize" and "escape" backwards, like saying that mysqli_real_escape_string "sanitizes" the input by adding backslashes, but if you look above you'll see that sanitizing means removing and escaping means adding so what they really mean is that mysqli_real_escape_string escapes the input. Count your parentheses. Because there are occasional times when sanitizing is the right thing to do. However the web industry has mostly decided that you should not do so with user inputs and that validation and error messages are better. I don't know what you are expecting from me. Sanitization period? Yes, I have accidentally written code that was susceptible to XSS or SQL injection. No, when it's happened nobody on the internet ever abused it as far as I know.

Don't. It is not a "waste" to let your script continue executing. Trying to kill it early is the wrong answer. The only normal reason anyone should ever exit/die in a script is because they're redirecting with header(). No. They both get the same result so it doesn't matter. Perhaps the author didn't know you can have the action empty.

you are likely getting that same error when the the login works, but it is probably being hidden by a redirect. since you only use mysqli_stmt_free_result() if you are using mysqli_stmt_store_result(), which you aren't in the posted code, doesn't that mean that you shouldn't be using mysqli_stmt_free_result() at all? you need to switch to the much simpler PDO extension and use exceptions to handled db statement errors. it only takes 4 lines of code to replace the 11 lines you have from the sql query statement through to the fetch statement. $query = "SELECT id,recruits_number,sponsor_username,account_activation_status,id_video_verification_status,id_verification_video_file_url,username,password,primary_domain,primary_website_email,registering_country,registering_ip,registering_browser,registering_os,registering_isp,age_range FROM users WHERE $querying_column = ?"; $stmt = $pdo->prepare($query); $stmt->execute([$login_username_or_email_or_domain]); if(!$row = $stmt->fetch()) { // the email/username was not found // set up the failed login message } else { // the email/username was found, check the activation status and then verify the password hash to finish logging in // the fetched data is in the associative array $row }

You aren't using mysqli_stmt_store_result so you don't need mysqli_stmt_free_result. Most of the time PHP scripts run quickly, and since PHP will clean up resources for you automatically at the end you often don't need to worry about cleaning them up yourself.

@gizmola, You seem to be a drill-sergeant an loving father all in one?! I am very interested in learning how to do all of that, but I also stick to what I said (or implied) above... That being, I have a very large code-base I as working on a couple of years ago for a couple more years, and when I was 95% done, life happened and my work got tabled. My goal is to "finish what I started" and get my existing environment, tools, approach and code-base into prod so I can get my website up and try to make some $$$ while I regroup. (Starting to re-organize a Terabyte of crap on my old Macbook and laying it down in a way that I can actually find things on my new MacBook made total sense. But getting fancy with anything else is likely an unnecessary distraction...) And I am interested, but it was quicker to change a few lines of code in my httpd.conf file then do what you suggested. (For v2.0, I will check that and your other advice out.) There is nothing more than I want moving forward to learn how to code like a modern professional, and start being EFFICIENT, because that is what sunk me the first go around. (I have solid code that works, but it takes me 10 times longer to do and maintain things than it should for me to be successful. And, NO, that has nothing to do with tools, but has a s***load to do with architecture and coding styles!)) MAMP des what I need it to do for now. Took me an evening to research, and a few minutes to type the code to make it adapt to my new filing system. Now on trying to find all of my old code and notes and get my website working in my new dev environment on my new macBook. Thanks for the thoughts!

I fail to see the point of creating a list of the columns you don't want then writing a shed load of code to stop them displaying. It's far easier and more efficient to do it the correct way (as @requinix told you) and specify the columns you do want in the SELECT list.

SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = 'members' AND TABLE_NAME = 'users' Don't do that. Basically never do that. You shouldn't have to query information_schema for anything remotely resembling normal usage of your database. Write the query the way it should be, listing the columns you want it to return.

It won't be deciding this value ahead of time. You're basically copying and pasting code. Whatever code childprints.php will use, you copy that into the menu. You'll end up with <?php if($_GET["page"] == "childprints" && /* the logic from childprints page */): ?> <li> <a href='flogin.php?page=childprints'>Print</a> <?php endif; ?> I think. Suddenly I'm not sure about the page name anymore.

OK, I've donned my red costume and white beard. Here's an example of displaying more or less text Data CREATE TABLE `product` ( `product_id` int(11) NOT NULL AUTO_INCREMENT, `description` text, PRIMARY KEY (`product_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; INSERT INTO `product` (`description`) VALUES ('Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Maecenas porttitor congue massa. Fusce posuere, magna sed pulvinar ultricies, purus lectus malesuada libero, sit amet commodo magna eros quis urna. Nunc viverra imperdiet enim. Fusce est. Vivamus a tellus. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Proin pharetra nonummy pede. Mauris et orci. Aenean nec lorem.'), ('In porttitor. Donec laoreet nonummy augue. Suspendisse dui purus, scelerisque at, vulputate vitae, pretium mattis, nunc. Mauris eget neque at sem venenatis eleifend. Ut nonummy. Fusce aliquet pede non pede. Suspendisse dapibus lorem pellentesque magna. Integer nulla. Donec blandit feugiat ligula. Donec hendrerit, felis et imperdiet euismod, purus ipsum pretium metus, in lacinia nulla nisl eget sapien.'), ('Donec ut est in lectus consequat consequat. Etiam eget dui. Aliquam erat volutpat. Sed at lorem in nunc porta tristique. Proin nec augue. Quisque aliquam tempor magna. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nunc ac magna. Maecenas odio dolor, vulputate vel, auctor ac, accumsan id, felis. Pellentesque cursus sagittis felis.'); Example code <?php include('db_inc.php'); $db = pdoConnect("test"); // connect to "test" database // // this bit handles the AJAX request to get the full or partial description // if (isset($_GET['ajax'])) { $stmt = $db->prepare("SELECT description FROM product WHERE product_id = ? "); $stmt->execute( [ $_GET['id'] ] ); $descrip = $stmt->fetchColumn(); switch ($_GET['ajax']) { case 'more': $less = "<span class='less' data-id='{$_GET['id']}'> (less)</span>"; exit($descrip.$less); // send back the description in the ajax response case 'less': $words = explode(' ', $descrip); $partial_descrip = join(' ', array_slice($words, 0, 25)); $more = "<span class='more' data-id='{$_GET['id']}'> ...more</span>"; exit($partial_descrip.$more); } } // // select the product details from the table // $res = $db->query("SELECT product_id , description FROM product "); ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="generator" content="PhpED 18.0 (Build 18044, 64bit)"> <title>Example</title> <style type='text/css'> .descrip { font-family: verdana, sans-serif; font-size: 10pt; margin-left: 50px; width: 50%; } .more, .less { color: blue; cursor: pointer; } </style> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script> <script type='text/javascript'> $().ready( function() { $(".more").click( function() { var id = $(this).data('id') var target = $(".descrip[data-id="+id+"]") // find descrip div with matching data-id $.get ( "", // send request to "self" { "ajax" : "more", "id" : id }, function(resp) { target.html(resp) // put returned description in target div enableLess() }, "TEXT" ) }) }) function enableLess() { $(".less").click( function() { var id = $(this).data('id') var target = $(".descrip[data-id="+id+"]") // find descrip div with matching data-id $.get ( "", // send request to "self" { "ajax" : "less", "id" : id }, function(resp) { target.html(resp) // put returned description in target div }, "TEXT" ) }) } </script> </head> <body> <?php // // display the data, putting description in its own div // foreach ($res as $row) { $words = explode(' ', $row['description']); $partial_descrip = join(' ', array_slice($words, 0, 25)); // show first 25 words of description $more = "<span class='more' data-id='{$row['product_id']}'> ...more</span>"; echo "<div class='product'> <h3>Product {$row['product_id']}</h3> <div class='descrip' data-id='{$row['product_id']}'> <h4>Description</h4> $partial_descrip $more </div> </div>\n"; } ?> </body> </html> Sample output