[How to stop google from flagging my site as Dangerous/Fishing.]

2 hours ago, SiteNotWorking said:

I am assuming it is getting flagged by the way I am saving information from the user.

Have you tried looking into whether your assumption is correct? What do you get if you plug your site into their reporting tool?

[Table column shorting]

...you mean sorting?

[include a php code within a forum description]

There are two approaches that aren't unreasonable:

1. Make your thing render as an image, and embed the image into the description (assuming it supports HTML). Then whoever sees the description will see the image. Not great for SEO or visually-impaired users.
2. Set up a cronjob that runs a script every X minutes (whatever makes sense to you). This script calculates what it needs, then goes into the database and manipulates the forum's description text.

[Why did not element.getAttribute() work?]

Congratulations: you've made this so much more complicated than it needed to be!

https://stackoverflow.com/a/21064102

[Why did not element.getAttribute() work?]

6 hours ago, eaglehopes said:

When I define width and height in CSS by var(--width) or var(--height), javascript does not understood it. Why?

Because you tried to "get attribute" and CSS is not attributes.

[Why did not element.getAttribute() work?]

1. Are you sure you don't mean to get the svg's width and height? Since that element actually has those two specified as attributes?
2. parentOfSVG is the same dimensions at its child.
3. getAttribute gets attributes defined on the element. You didn't define a width or height on the parent.
4. I think you want either clientWidth or offsetWidth.

[Need help with multiple submit buttons]

By the way, if you ever want a submit button with a value that's separate from the label - or want a button that is more than just text - then <button> exists to help you out:

<button type = "submit" name = "btnSub" value = "something"   id = "zz">Select</button>

where the btnSub value in $_POST will be "something".

[Setting up an account on Web app]

I'll go ahead and say that typically

16 hours ago, I-AM-OBODO said:

In like manner, one has a web app hosted. How to enable different user create their own account and setup their database etc

one does not do that. Because the users on your site are not actually setting up a web app.

When you signed up on PHPFreaks, you got an account. There's a "page" for you at https://forums.phpfreaks.com/profile/63588-i-am-obodo/ and you can create content in your personal space (so to speak).
None of that came with actual system accounts. You don't have a database dedicated to you, let alone a database account.

Because your ability to do those things is part of our application. You are not, in fact, setting up your own application. You're simply using ours.

If you literally want people to set up applications and write code that lets them connect to databases, that's one thing. But that's not what it sounds like you're describing.

What you're describing is basically like what happens on many other ecommerce sites: you sign up, you get a "store" you may or may not be able to customize (be that a URL or subdomain), and you start selling items. As a user, you don't want to spend your time dealing with databases, or installing WordPress, or updating extensions, or writing HTML, or really doing anything else except for putting items up for sale and fulfilling orders.

[Problem displaying database attribute inside a javascript popup]

What's the HTML being outputted, and how about a screenshot of what you're seeing?

[Need Help Adding an Items]

People typically don't like downloading attachments and having to sift through code looking for something. Especially when it's not clear what that "something" needs to be.

What's the relevant portion of the code involved? And in case it's not obvious from reading it, what do you mean by adding another option?

[PLS Help, How do i remove an OTP without affecting other Operations ?]

What do you mean, "remove"? What "other operations"?

You've managed to post a whole bunch of code, but wouldn't you know, when asking for help with a thing, giving a description of what you want to do is more important than the code itself!

 

30 minutes ago, ginerjm said:

Huh?  What's an OTP?

One-time password. Like those 6-digit numbers you get from SMS or "authenticator" apps that cycle every 30 seconds.

Such as this algorithm,

$acct_otp = substr(number_format(time() * rand(), 0, '', ''), 0, 6);

(which is terrible and should never be used by anyone for any reason)

[ODBC No Longer Working after TLS Encryption Update to Data Sources]

If your ODBC settings are correct, my first guess would be an outdated version of OpenSSL that doesn't support the TLS configuration you're trying to use.

What version of OpenSSL do you have, and what do your connection settings say about TLS?

[No speed difference found when running exec(scp) in the background]

8 hours ago, tirengarfio said:

But I cannot see any difference if I remove `2>&1 > out.log`'s from the scp commads.

Those. The things you removed. Those parts.

[No speed difference found when running exec(scp) in the background]

Do you know what those parts do?

[Using row_number on attribute to only return 5 rows]

WHERE rb.room_id IS NULL 
GROUP BY room_id
WHERE  row_num <= 5;

If I point out those three lines on their own, can you see the problem?

[Book about IIS and PHP?]

2 minutes ago, preWarp said:

The windows clients with Edge browser probably connect to Windows server. I believe it makes administration of the user area easier.

Ha, no. What makes administration easy is the experience and skills of the person/people administering it; drop a Windows person into a Linux environment and they won't do as well.

3 minutes ago, preWarp said:

I often imagine they are using Solaris as well. My guess on that is Solaris has more security features that profit driven organizations need.

Also no. Solaris is just another system out there. Business might adopt it because they hear "it's owned by Oracle" and think that's a good thing.

Over and over, it's been proven that open-source software is more secure than closed-source.

[Login and password hash]

Have you taken the email address you're trying to sign in with, queried the database manually to make sure there is a corresponding record, and checked that the password_hash stored in there looks like a hash?

[Login and password hash]

Seems fine.

What's the problem you're trying to solve? You didn't mention that. Can I assume it's not that you're unable to log in with a user that was created before you added the hashing?

[Login and password hash]

And what about the code that inserts the user records - specifically, that deals with setting the password? Because that part and this part need to work together.

[Php Require or Include inside of IF/ELSE statement]

8 hours ago, meOmy said:

When I look at that page, I think to myself, why not put all the validation in a separate file and then INCLUDE/REQUIRE the file that has the validation inside it? However, that doesn't work. I even thought maybe there's a way to do a function with all the validation in it and place that inside the IF/ELSE.

Or do both: put the validation inside a function, and put the function inside a file.

<?php

function is_valid_name($name) {
    return preg_match("/^[a-zA-Z\'\-\s]*$/", $name);
}

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    require_once "the other file.php";

    if (!is_valid_name($firstname)) {
        $firstnameErr2 = "Only letters allowed";
    }

    if (!is_valid_name($lastname)) {
        $lastnameErr = "Only letters allowed";
    }

 

8 hours ago, meOmy said:

The fact I can't seem to find an answer on the Internet is leading me to believe I'm going about it the wrong way.

Kinda. I'd say that you're going about it the naive and simplistic way. Which is typically the first step towards doing it in a smarter and more flexible way.

If you're doing this for a personal project then don't mind it. Unless you specifically want to learn how to do this better...?

But I will say one thing: don't validate people's names. Just don't. It's a bad practice because you're always going to end up rejecting the valid name of someone, somewhere. Additionally, separating names by first and last isn't even correct either: there are people with single names.
The right way to do names is to use a single full-name input and ensure it has something in it. Nothing more.

[Book about IIS and PHP?]

BTW the main trio of web servers is IIS, Apache, and nginx. They all work quite differently from each other, and they can get rather complicated if you want to learn them in depth, so I'd suggest your first decision be whether you want to focus on/start with the Windows stack (with IIS) or the 'nix stack (with Apache or nginx).

[Book about IIS and PHP?]

The world of technology moves too quickly for print books to be up to date: by the time they're published,
(a) The information is wrong because the technology has progressed in the time it took them to write, edit, and publish that book. PHP 8.3 is due in the next couple months but most books are only just now starting to talk about 8.0 or maybe 8.1.
(b) The information is wrong because, in their haste to publish a book as quickly as possible, they took shortcuts and jumped the gun. You'll find tons of books about PHP 6 out in the world, but guess what: there is no PHP 6.

Online resources are going to be the most accurate and most up to date.

But none of that matters because there is virtually no difference between PHP+IIS and PHP+Apache and PHP+nginx+fpm. It just doesn't matter that much. What can matter is whether you're using Windows or Linux, but even that makes very little difference in practice either.

[PHP 8 Socket_Write Broken Pipe]

1 hour ago, Tooncinator said:

1969-12-31 18:11:12: (../src/mod_fastcgi.c.449) FastCGI-stderr:PHP Warning: socket_write(): unable to write to socket [32]: Broken pipe in /program/www/classes/ipc.class.php on line 46

This means the remote end of the socket closed its connection while PHP was still trying to write to it.

Why? I can't tell you. Could be the remote code bailed and the program quit. Could be it closed the connection normally but your PHP isn't "smart enough" to recognize this happened. You'll have to look into why the Python side stopped.

1 hour ago, Tooncinator said:

PHP Warning: Trying to access array offset on value of type null in /program/www/main.php on line 246

That's a bug in the code: it thinks a value is an array when it's actually null - probably as a result of some other operation failing.

Improve the error handling in that area of code, then find out what the underlying problem is and fix it.

[Replace Into blanking some fields]

As the term would hopefully suggest, ON DUPLICATE KEY requires that you have a unique (or primary) key in your field list. That's how it knows there's a duplicate: you tried to insert something that exists. If you don't include any keys then you're simply going to insert new data.

I'm inclined to think that your min_qty, max_qty, and currency fields are not part of a unique key.

Put the ID back.

None of this helps me to understand why your form, which is clearly designed around editing an existing ID, will ever have to deal with a situation where the data to be edited does not exist yet.

[NSFW filter conditionals]

46 minutes ago, oz11 said:

Thanks.  Is there a workaround? Ps: Glad you said that, I thought I was ging mad (again).

If you know that the form was submitted then you could take the absence of a value as proof that it was unchecked.

But yes, there is a simple solution that lets you keep checkboxes: use hidden inputs.

<input type="hidden" name="checkbox" value="off">
<input type="checkbox" name="checkbox" value="on">

When checked, the checkbox's "on" overwrites the hidden input's "off".