Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


ginerjm last won the day on March 28

ginerjm had the most liked content!

Community Reputation

215 Excellent

About ginerjm

  • Rank
    Handball player
  • Birthday 03/23/1952

Profile Information

  • Gender
  • Location
    Voorheesville NY

Recent Profile Visitors

57,206 profile views
  1. You have two posters telling you the same basic thing - you have a problem with your assumed values of things that needs to be addressed rather than ignored. Moreover - you state that you "do the normal $varX= $var1 + $var2". I"m not sure what you are really implying here but have to say that, as a rule, you are not validating your data most of the time if that arithmetic line is "normal" for you. That further indicates to me that you have some serious problems with this application that up until now have been ignored but now has to be resolved. Sorry to say but it does look like you have some thinking to do as to how to easily identify where these issues can arise. One solution might be to replace these kinds of lines with a function that analyzes the incoming values before doing the math. The hard part of course is finding these kinds of lines. Good luck!
  2. ginerjm

    Site Won't Submit Multiple Variables

    Looking at what you just posted: //First Page with Selector// <form id="main-search-form" method="GET" action="<?= $baseurl; ?>/_searchresults6.php" role="search"> The first line appears to be a PHP comment line - certainly not an HTML comment. Therefore your next line is confusing since it seems to be plain html that includes some php code which has to cause a syntax error at some point PS - why a GET? Most of the time it is better to use POST for retrieving form data. PS - your error messages refer to the use of "explode". I can't find an "explode" call in any of this code? Wassup?
  3. ginerjm

    bots and forms

    Apparently you don't understand how English works. My sentence did not quote the manual - it made a statement re: the issue you are having. The manual does however specifically tell you that a 0 or '0' will give a false answer - which is the problem you are having. Am I clearer now?
  4. It appears that your from address is correct, assuming that you are actually using a domain that your server recognizes. BTW - Earlier you stated that you were using PHPMailer yet the code you just posted is NOT using PHPMailer. What happened?
  5. ginerjm

    bots and forms

    That pesky PHP manual. It comes in SO VERY handy. If you looked up 'empty' in the manual's function reference you would see very clearly that you can't rely on empty if a 0 or '0' is a possible entry. It is explicitly mentioned there.
  6. Since nothing seems to be happening with this topic, let me ask this: Can you post the php code that is setting up your email headers for us to review? I basically want to see what the from address is set to since you never actually confirmed that for us.
  7. Is the 'from' address in the email a valid address of your domain name? Meaning, if you are paying a host to serve your domain/website and to handle emails for that same domain name, then the emails you send have to use that domain name in the "from" header of the email. That's the way it is always explained here.
  8. ginerjm

    php get url and pass it to a variable possible?

    Add a new field to the output form and use type='hidden'. Then when you received the POST'ed data, be sure to grab that field along with whatever other input fields you are grabbing. Ok? (Perhaps a quick check of your favorite HTML reference would be helpful here.)
  9. ginerjm

    Faking sessions

    Another thing you could do (OTW here) is create a random "value" to store in that uid that is NOT a true user id or anything resembling an important value. Then use that token to do a lookup on a table setup to just store login data and if you find that token value you will have whatever info you need - such as the true user's id. This way - nobody can alter the session value (good luck with that) to another value that could cause you harm since they are all random and not viewable at all by the hacker. This is an awful lot of work to do for something that is pretty darn safe as it is, but if you think that your appl/data is THAT super-sensitive, then go for it! Rather than read the articles that express fear about the safety of Session data, why not find the ones that tell you how sessions really work and how safe they can be?
  10. ginerjm

    browser history broken after form submit

    Let me say this: Double quotes are not responsible for a "variable to be executed". YOU are totally responsible for any "executing" of variables. Using double quotes rather than single quotes allows for a variable to be "interpreted" as in the following: $myvar = 'abc'; echo 'Myvar is now $myvar'; This will produce an output of : Myvar is now $myvar Using this string: echo "Myvar is now $myvar"; will output: Myvar is now abc which is what you usually want to have happen. There is no "executing" going on here. You use double quotes (or no quotes at all!) in order to have the contents of a variable read or interpreted properly. Many beginners run into this problem (single or double?) before they realize the difference. One rarely uses single quotes around php vars unless they are already wrapped inside another (outer) pair of double quotes. For example: echo "Myvar is now '$myvar' " will output the expected value of: Myvar is now 'abc' simply because the outer pair of double quotes takes precedence over the single ones surrounding the var. Of course you can skip using the quotes by using concatenation of your strings but many times it is easier to read the code when strings are properly using the correct quotes.
  11. ginerjm

    php coding to send email from html form

    Regarding the code here - I don't know why you are using the <button> tag in your form but you must have some reason. While the <input> tag is the much preferred method for submitting a form, you can use <button> but you need to actually specifiy the type='submit' clause in it since different browsers may have a different default when you don't specify what you want. Why are you using <button> anyway? PS - input syntax: <input type='submit' name='btn' value='Submit'> A simple example that does a submit for you. You can use any value for it - I just used Submit.
  12. ginerjm

    check if a file is exist in folder

    Or you could write your code like this: $count3 = count($scan3) - 3; if($count1 !== 0) { header('location:exist.html'); exit; } elseif ($count2 !== 0) { header('location:exist.html'); exit; } elseif ($count3 !== 0) { header('location:exist.html'); exit; } While the tabs in this forum are a bit wider than I would like to see, writing your code in simple straight one-command lines is much better to read. My personal choice is to use the curly braces each on their own line as well - again to make it easy on the eyes. NEVER put 2 commands on one line.
  13. ginerjm

    upgrade OR implimentation problem

    I think we would like to see your EXACT table definitions so we can see how you are storing things.
  14. Requinix - as usual you are "more right" than I. OP - sorry for my lack of understanding.
  15. I hate to sound rude and crude, but if you are 'new' then why are you in charge of such a serious project?

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.