scootstah

davidannis solved your problem, but you have several other issues that need attention. 1. First and foremost: if you run stripslashes() after mysql_real_escape_string(), then you aren't escaping anything. $name=mysql_real_escape_string($name); $name=stripslashes($name);This is not escaped, and leaves your script vulnerable to SQL injection. 2. Don't rely on $file["type"] to determine the file's mimetype. Instead, use finfo_file or mime_content_type (this is deprecated). 3. You're not sanitizing the final $target_path to remove a directory/file path or other bad things. 4. if (in_array($file["type"],$valid_types)) return 1; return 0;This is confusing, use brackets or proper indentation. For example, this is much more readable: function is_valid_type($file) { //This is an array that holds the valid image MIME Types $valid_types=array("image/jpg","image/gif","image/png","image/swf","image/jpeg","image/x-ms-bmp","image/x-png"); if (in_array($file["type"],$valid_types)) { return true; } return false; }Also, if you're intending on returning a boolean, then you should use a boolean and not 0 or 1. This can also be simplified to: return (in_array($file["type"], $valid_types)); Hope that helps.

I can't really figure out what you're trying to do. Are you just trying to truncate the string to a specificed length? If so, you're making it far more complicated than it needs to be. Also, what is $subjects? Where does that come from?

You could either use AJAX to periodically poll for changes and then update the DOM, or you could look at WebSockets.

So what is in curldata.php?

Regex in the preg_ functions need delimiters. So try this: if (preg_match("/\r/",$_POST['your_email_address']) || preg_match("/\n/",$_POST['your_email_address'])){ By the way, you can simplify this to: if (preg_match("/\r|\n/",$_POST['your_email_address'])){

'$base'' You have an extra single-quote here.

Hmm sorry, the problem was staring at me the whole time. So the issue is that you did not quote any of the strings. Only numerical data and MySQL functions may be used without quotes. '$name','$startDateTime',$baseID,'$base', and so on. You're also not protected from SQL Injection. You should be running mysql_real_escape_string on all input that touches your database.

You didn't post $query. echo "$query<br /><br />"; mysql_query($query) or die(mysql_error());

Can you do this for me? Replace your mysql_query("INSERT ... line with: $query = "INSERT INTO membertracking (characterID,name,startDateTime,baseID,base,title,logonDateTime,logoffDateTime,locationID,location,shipTypeID,shipType,roles,grantableRoles) VALUES ($characterID,$name,$startDateTime,$baseID,$base,$title,$logonDateTime,$logoffDateTime,$locationID,$location,$shipTypeID,$shipType,$roles,$grantableRoles)"; mysql_query($query) or die(mysql_error()); And then include $query and the full, actual error in your reply.

You have the concatenation backwards. It should be " . $var . " (not . "$var" . ).

Are you using session_start anywhere?

Have you tried the manual?

You use an FTP application as a text editor? Huh? I use PHPStorm for projects and Sublime Text 2 for small stuff or quick edits. Neither are free, both are well worth the money. If you want free, Eclipse with PHP Developer Tools is a good IDE, and Notepad++ (on Windows) is a decent text editor. If you're on a Mac or Linux you could try Emacs. EDIT: By the way, most decent text editors have built in FTP support. But, working directly on the live server like that is not the best of ideas.

Are you using shared hosting? Shared hosts typically only allow certain outgoing ports. If it is a VPS or something in which you have complete control, check the firewall configs.

You can use is_home() to check if the current page is the index.

Sites that sell templates (such as http://themeforest.net/) usually have plain ol' HTML templates that are easy to implement. Though really you can use templates made for Wordpress, Drupal, etc as well. You'd just have to either figure out the HTML structure and re-code the layout, or just pick out the CMS stuff.

I think this will do what you want: <h4><span class="value" style="display:none" >5</span><span class="best" style="display:none">5</span><span class="rating" style="display:none">5"</span><span class="votes" style="display:none">(\d+)" </span>(\d+%)</h4>

You have two opening brackets for this if(): if(isset($_SESSION['dealer_id'])){ { This would have been easily spotted with a decent text editor with syntax/bracket highlighting.

Yes, there is a "Mark Solved" button at the top of this thread.

Check out strtotime strtotime('-1 day'); strtotime('+1 day');

MySQL Workbench works fine in Windows, but it's a heap of crap in Ubuntu. You can't select multiple data rows, it's slow, it crashes every 5 minutes... Is there a good alternative? I like the functionality and features that MySQL Workbench offers, but I need something a bit more stable. The features I'm looking for are: - Connect via SSH Tunnel - A nice query executor - Able to save SQL snippets (not so important, but nice) What do you guys use?

You are doing that. However, I think what you fail to realize is that in the script you provided, once you set the session, it will always echo "same". Once you set a session, it is set for the "session" - which is a configurable time period, but by default it means it will be set for the duration of your browsing visit. If you close your browser, it will clear the session. If this is not the behavior you were looking for, you need to just use a simple variable instead. A variable will only exist for the duration of the script.

Just because you have a Captcha doesn't mean you won't get spam. It will filter out the most basic/generic bots, but bots are increasingly good at solving Captcha.

That is going to be horribly inefficient. Use Regular Expressions.

You can simply use foreach here. Also, you should construct a multi-row INSERT query, instead of running a query in a loop. Try this out: $club_id=mysql_insert_id(); $insert = array(); foreach($_POST['age'] as $value) { //explode $value to insert into allocations $allocations=explode(".",$value); foreach($allocations as $allocation) { if (!empty($allocation)) { $insert[] = "('$club_id', '$allocation')"; } } } if (!empty($insert)) { mysql_query("INSERT INTO allocations (club_id, group) VALUES " . implode($insert)); }