AyKay47

What does a print_r() yield?

Use json_decode

Change both of those options as well as the memory_limit option. The memory_limit directive will need to be higher than the upload_max_filesize directive.

$found should read $found[$i] Note the addition of the variable denotation symbol $ before i As a side note, the use of a foreach loop to iterate through an array gives you access to both the keys and values of an array.

Also to add to CFs response, there should not be a need to escape HTML characters in data that is to be sent to a database because HTML should never be injected into a database, period. Not only is it a waste of resources and storage space, but it makes filtering/sanitizing for both inserting and reading data from a database more complicated and leaves room for more human error, which typically equates to more security holes. Business and presentation logic should always be separate from each other.

Only $100? Pff I charge $350.

It does work if everything is implemented correctly. Post the updated code along with any errors you are receiving.

You should be using the comparison == operator instead of the assignment = operator in the if statements. You also have some extra code that is not needed: function checkKey(e) { e = e || window.event; if(e.keyCode == '38') { if (document.getElementById("image1").src == "/images/image_blue.jpg") { window.alert('back to yellow') document.getElementById("image1").src = "/images/image_yellow.jpg"; } elseif(document.getElementByID("image1").src == "/images/image_yellow.jpg") window.alert('back to blue') document.getElementById("image1").src = "/images/image_blue.jpg"; } } As to the resizing question, use the height and width properties of the style object: document.getElementById("image1").style.height = '100px';

Did you set the image id attribute to "img"? Post the updated code if you are still having issues.

I see, I believe that you need only javascript if I am understanding your logic correctly. You can change the image source using an event listener and some checks. Since both of these files will be hard coded, I do not understand why you would nee to check if they exist. the below example will assume that you have set the image id to "img". function checkKey(e) { e = e || window.event; if(e.keyCode == '38') { document.getElementById("img").src = "yellow.jpg"; } if(e.keyCode == '40') { document.getElementById("img").src = "blue.jpg"; } }

I'm not quite following. What does the javascript have to do with the image?

Since javascript is executed by the client and PHP is executed by the server, communication between the two is tricky. In my opinion, using AJAX is the best method to communicate the two. What is your logic for using javascript and PHP together in order to determine if a file exists?

Are you sure that you are working in a php file and not an html file? Store the path to the file in a variable and check if the file exists on the server. $file = "/path/to/img.jpg"; if(file_exists($file)) { echo "The file $file exists."; } else { echo "The file $file does not exist."; }

t is a good idea to get into the habit of always properly debugging code throughout the development process. A good way of debugging SQL is to first store both the SQL statement and the actual call to the query in variables to be able to check their return values. It is important to check the return value of mysql_query to make sure that the query did in fact work and did not return a boolean false value. We can do this as follows: $sql = "INSERT INTO $tbl_name (votername, votecount) VALUES ('$votername', 1) ON DUPLICATE KEY UPDATE votecount = votecount + 1"; $result = mysql_query($sql); if(!$result) //query failed, output error(s) and SQL statement { echo "Error: " . mysql_error() . "<br>SQL: " . $sql; } This will output both any errors that were triggered and the SQL statement which will make it much easier to debug. In this case the second query is not needed as the first query already takes care of incrementing the votecount column if there is already a row for a particular voter. It is essential that you understand that arbitrary data from a user MUST be sanitized before it is used directly inside of an SQL statement. In this case, the mysql_real_escape_string function will do this for us: if(isset($_GET['votername'])) { $votername = mysql_real_escape_string($_GET['votername']); } Since your query relies on $_GET['votername'] being set, I would include the query in the if condition that checks for it being set. Also I must mention that the MYSQL extension is deprecated and should no longer be used. MYSQLi or PDO should be used instead, I recommend the latter. I believe that the actual error may be caused by the fact that you did not wrap $votername in single quotes inside of the SQL statement.

No advice on this topic will be given on this forum. Your IP is being blocked because what you are doing is most likely against their TOS.

No, the data itself is stored base 2, the address itself is hexadecimal.

It looks like a bunch of 1's and 0's allocated to a certain memory address in the stack. there is your answer. Since you are rude and clearly do not understand basic concepts like memory addressing.

An attacker could attempt a buffer overflow to retrieve sensitive data, while this is rare with an interpreted language such as PHP, it is possible. You can look at the PHP change log for bug fixes related to buffer overflow. As to the password example: The only version of a password that should be stored in RAM while PHP is using it should be a salted hash version of the password to be compared with the salted hash password stored in the database. Basically my point with that is, you don't need to worry about it.

You shouldn't accept it, that is horrible coding practice. Both the SQL statement and the mysql_query() return should be stored in variables and checked. But, to address you question, use that example without the looping logic if the query is to grab only 1 row.

Look at example #1 on the bindColumn() PHP manual page. PDO::FetchBound mode is what you are after.

No, I am not. Using str_replace() instead of preg_replace() in this case will save resources as well as execution time.

Using JQuery has already been suggested and the OP has chosen to ignore it, so we proceed with JavaScript.

str_replace is your friend

Try changing the AJAX call to a GET method and see if you are able to retrieve the data that way: xmlhttp2=new XMLHttpRequest(); xmlhttp2.onreadystatechange = function() { if(xmlhttp2.readyState == 4) { alert("success"); } } xmlhttp2.open("GET","li.php?q=" + userName + "&r=" + password, true); xmlhttp2.setRequestHeader("X-Requested-With", "XMLHttpRequest"); xmlhttp2.send(null); In the PHP landing page make sure to change $_POST to $_GET

<?php $path = "/path/to/image.jpg"; ?> <img src=<?php echo $src; ?> /> $path would be the path from the database