AyKay47
-
Posts
3,281 -
Joined
-
Last visited
-
Days Won
1
Posts posted by AyKay47
-
-
Just for shiggles, here is an example using while loops:
$mArr = array( 0=>array(1, 2, 3, 4, 5), 1=>array(7, 20, 43, 44, 25) ); $i = 0; $c = count($mArr); while($i < $c) { $j=0; $c2 = count($mArr[$i]); while($j < $c2) { echo $mArr[$i][$j] . PHP_EOL; $j++; } $i++; }
But, using a foreach loop is best.
-
Also, you are trying to compare the superglobal array $_POST instead of one of its elements.
-
You are receiving an empty document because you are outputting an empty string.
Force a download using readfile
Ex:
if(file_exists($name)) { header("Content-length: " . filesize($name)); header("Content-type: application/msword"); header("Content-Disposition: attachment; filename=" . basename($name)); ob_clean(); flush(); readfile($name); exit; } else { //file cannot be found }
As a side note, your script is vulnerable to SQL injection. Validate $_GET['id'] before using it in a query.
-
Please post the query you are currently using as well as the relevant database table structure. Typically, you would have a row for each keyword instead of separating them with a space in fewer rows.
-
This has already been answered.
-
You need to append the path relative to the web root onto the value of $_SERVER['DOCUMENT_ROOT']
$path = $_SERVER['DOCUMENT_ROOT']; $path .= "/path/relative/to/webroot.php";
-
Let's focus on finding the error. Insert this snippet into your code and post the output.
$sql = "SELECT * FROM student WHERE student_id like '%$term%' or ic_number like '%$term%'"; $query = mysql_query($sql) or die("Error: " . mysql_error() . "<br />In Query: " . $sql);
-
Posting all relevant code will really help in resolving this.
-
Perhaps you can use preg_replace instead of str_replace() to capture the checksum character as well.
-
-
UPDATE quote_tbl SET contact_id='733', F1='', contact_contact='colin2 value=', contact_FirstName='colin2', contact_LastName='zepping', contact_Phone='5195504946', contact_phone2='5195504946', contact_Fax='', contact_Street1='545 bekmont ave west', lawn_size='500x500', quote_visitFee='35', quote_visitsPerDay='12', quote_hoursPerDay='9', quote_timePerVisit='', quote_gasCostPerDay='0', quote_smallMaint='2'', quote_largeMain='0', quote_largeMainPerYear='1200', quote_speader='2', quote_tank='2', quote_wands='2', quote_Ins='0', quote_insCostPerYear='1300', quote_vehicle='0', quote_vehicleCostPerYear='8000', quote_liabilityIns='0', quote_liabilityCostPerYear='1000', quote_WandTDay='0', quote_WandTperVisit='', quote_LabourPerJob='', quote_managementAdmin='', quote_PervisitCost='0' WHERE contact_id='733'
The above should show where the problem is occurring.
-
That's a bold statement.
An .exe file can be uploaded as a .jpg and renamed back to .exe on the server (with gained permissions) and executed. It is quite possible, so I am not absolutely wrong about that.
Simply checking the extension is not enough... if you care about system integrity.
However, I am a bit off-topic here as I thought he was addressing files that currently resided on the server. So, for simple URL validation, simply checking the extension should suffice.
A user would only be able to tamper with uploaded files if permissions allowed it, which they shouldn't.
An MIME type can easily be spoofed.
-
Outputting the query will make it much easier to see what is going wrong.
You should really look into database normalization.
-
Just checking the file extension does not offer any real additional security.
You want to check the signature/MIME type.
You're absolutely wrong about that. The server uses the extension to determine what to do, not the MIME type.
-
I was wondering if the single quotes were needed for the values or not ?
For string values, yes.
does the form need: enctype="multipart/form-data"?
If the form passes type file data, yes.
-
$path_arr = pathinfo('http://www.xxxx.com/abc.exe'); $path_extension = $path_arr['extension']; //exe
note that you will want to check for an empty string or null value returned if an extension cannot be found.
-
On the products page, you are receiving a wrapper error. Enable the allow_url_include directive in the master php.ini file.
Using developer tools, a front end error is triggered when the "Add to Cart" button is clicked:
Uncaught TypeError: Cannot set property 'value' of undefined
I believe this is because when you add the shopingcart.php code to products.php, you have two forms with the same name "form1". In order for the js code to work properly, these forms should have unique names.
-
Also, relying on a submit button's value being passed on form submisison is unreliable. Instead use either a hidden input value or $_SERVER['REQUEST_METHOD'] to check for form submission.
This code needs to be tweaked a little. You need to verify that the text input actually has a value being outputting its value.
-
The error is pretty obvious. Also, post the code onto this thread as many people will not download a file given by a random person.
Post the definition of the custom function "image_resize" because the way you are using it's return value; it should be returning a string with the path to the file instead of an object.
-
Not exactly sure what you are asking, but a php file can parse both html and php.
-
You answered your own question here, store the users address in a session and output it as the textarea's default value.
-
Classes are meant to group related data and the functions that operate on that data together. Why are you using classes to begin with here?
-
The above post is incorrect and misleading. Until further noted this thread is solved.
-
Hello,
I wanted to bring to your attention a possible bug in the notifications module. At times I have been receiving notices that a certain member has replied to a post, when that user has never replied to that post. Also sometimes I am notified 4 or 5 times that a member has replied only once to a thread.
Thanks
Retaining Drop Down Select Values After Submitting A Form
in PHP Coding Help
Posted
A nice and concise example above. I cleaned up Psyco's code a bit from the rough example:
The above code will work if you follow psycos' advice and go with the decimal scheme, which will make your life much easier.