dalecosp

Can't you use "soldOn", then? If so, this could be as simple as ORDER BY soldOn DESC LIMIT 1, right? (Forgive if I'm being thick ... my native language isn't SQL )

Your lines for $tn, $dep, and $des need to be after the while (above the conditional), because they're only being set once (they need to be set each $row, regardless whether the user is new or not...). You may also want to keep a counter, so that you don't have to hardcode the cell co-ordinates

You're overwriting the cells (A2, B2, etc.) They need to change for rows to be added

The ID field is empty, (or does it have a double quote all alone in it?) and that's an error.

Your DB is Oracle or MS or something that's padding the front-end of the Unix Timestamp. When you get the TS from the DB, do it something like this: select trim(leading '00' from $number_field) as $mynumber;

The current UNIX time is only 10 digits; as Barand observes, you have too many digits. Why are you doing this? That's where your extra digits are coming from. strtotime() returns a valid UNIX timestamp (well, usually) --- you don't need to change it, multiply it, etc.

Show this error would probably be helpful ;) Here's an idea: mysql_query($update) or die("Failed Updating Your Data. The SQL was: $update"); Then you can read the SQL and see what's wrong (it's usually a quoting problem or data in the wrong format, etc., but we can't know that without the text of the error message, as I noted above).

Don't call addSheet() unless you're on a new person. You could set a "last known person" type variable and only do addSheet() if it's changed?

m/ is "multiline mode". https://courses.cs.washington.edu/courses/cse190m/12sp/cheat-sheets/php-regex-cheat-sheet.pdf Not sure what you mean, either. It will create a list (array) of dirnames that have to do with airports, but not featured airports or London airport, or Glasgow or any dir with "opt" in it, more or less.

Bingo ... you beat me. Although the last part should probably say "push the name of the current directory into the array 'dirs'".

Well, you're gonna have to fix the permissions issue if you want the web-server to run this. Keep in mind, however, that PHP doesn't have to be run by a webserver. I use PHP CLI scripts to do similar things, actually, although the box that has those scripts on it isn't online right now because of a hardware issue. What I'm saying --- you could just create a CLI script that took the URL as its argument and run it in a terminal and skip the permissions issues.

This depends highly on "who makes the decisions" about what the site/project is able to do. If management is willing to accept that a module may not be available for the requested functionality, a framework should do fine. If management is NOT willing to be told this, you will either need a good customization module for the selected framework, or you'll end up turning your framework-based project into a hybridized installation that loses the benefits that you chose the framework for in the first place.... My two bytes

You can't ask for DISTINCT on multiple fields ... that's not logical.

The whole question is a bit fuzzy. OP, what's your reason for not wanting a client to access "process.php"? If it does something when accessed directly that you don't want it to do, rewrite the script. You can certainly keep people away from include files: <?php define(CALLER,"/path/to/caller.php"); $list = get_included_files(); if (in_array(CALLER,$list)) { echo "inc.php is included!<br>";} else { echo "I'm inc.php, but I'm dying because I was called by someone who isn't my caller."; exit;} // ... Form handlers are a bit tricky, but I'm not sure why this is a question. The form handler shouldn't "expose" anything if you don't want it to ... although usually it would do form checking and output an error report of some kind.

$_SERVER['SCRIPT_FILENAME'] $_SERVER['REQUEST_URI'] $_SERVER['HTTP_REFERER'] get_included_files() or get_required_files() But as he says, a sophisticated attacker is often able to spoof $_SERVER variables and bypass such things.

A lot of this appears to be inadequate permissions --- note that it's trying to create an ".ssh" directory in the webroot, for example (this directly normally contains the known_hosts file, and in the case of a Real Person would also contain keys, etc.) The inability to bind to localhost 9001 would also indicate inadequate permissions IIRC. All the certificate checks/key checks are returning "-1" because they don't exist. The final straw appears to be the system asking for a passphrase and not being able to obtain a terminal (because, obviously, the WWW daemon isn't using one). What are you trying to do, exactly? Are you attempting an SSH proxy? Offhand, I'd say you need a lot more command options (hard-coded paths to keys, for example).

Thanks. If you have HTML/Design knowledge, you can create a form page with "site, brand", etc. The trick there would be getting the right data to display on the page, tied to the DB. And then you'd need to write a handler which would search and display the correct results. I would advise that if this application is to be "public-facing", you may wish to consider hiring the work done, but if security from external bad guys is not of great concern (intraweb only), it would be a good learning experience for you. PHP is, indeed, well-suited for this task; a number of other server-side languages might also be acceptable (python, perl, ruby, ASP). PHP is generally seen as having the lowest barriers to entry. In my experience, Python isn't terribly difficult, either, but I did learn it after I'd already learned PHP. Depending on your learning style, a book, Youtube videos, web tutorials, or even the documentation at php.net will be valuable resources for you in learning what to do. Of course, your first task would be getting PHP up and running in your IIS. I wanted to say that PHP and IIS may require some hurdles to get working, but I don't *know* that for a fact (I've never installed IIS as a separate package and my professional admin experience is almost exclusively on 'Nix systems). It appears to me that I saw way more installation questions from Windows users than from *Nix users, but then, there *are* way more Windows users than *Nix users

Are we trusting users to not blow things up? I mean, if you just want to give DB access to users, something web-based like PHPMyAdmin has tons of features, but it's dangerous 'cause they can do anything (delete, drop tables/DB's, etc.) PHP is a server-side scripting language that goes well with SQL systems to create DB-driven web pages, so, yes, PHP could be what you need to create a "web page". But you haven't given us much to go on to decide what your needs are. Hope this helps,

According to the docs, a second array parameter should store the output line(s), and a third parameter the return code. exec ('sshpass -p my_pass ssh -L 9001:remote_server:80 user@shell.example.net -N',$myOutput,$returnCode); echo "SSHPass attempted with return code $returnCode. The program said: "; print_r($myOutput);

As we said above, "ToS" is "Terms of Service". Blogspot is a Google property. It would be a good idea to have your legal department, attorney, or supervisor understand what you are doing, and then read this.

Why are you not checking the output?

Would something as simple as str_replace( "></", ">\n </",$data); do the trick?

The code doesn't show the iframe ... is it in the same domain ... ("Same Origin Policy")....

MySQL will take care of the optimization for queries that use indexed columns. If you're not familiar with EXPLAIN in SQL, learn about that. As for space requirements, index files do consume storage space. Here are some links that might help. http://dev.mysql.com/doc/refman/5.0/en/myisam-storage-engine.html http://dev.mysql.com/doc/refman/5.0/en/innodb-storage-engine.html

What's the original image size? And what is around the IMG tag in the HTML? If it's being cut off, there's usually a container (DIV, P, TD, etc.) that's got its overflow attribute set to "hidden".