SaCH

The function file_get_contents() is used to get the content of a webpage. But if you use the function it will not work anymore action on the result page. I mean after displaying the contents of an webpage suppose that there will be some links & if you click on that link it won't work.... Even i suggest you to use <iframe> option to do this.

What is the logic behind that? I thought you *always* used HTMLEntities when you are *outputting* User's data/input?? And regardless, what is causing the <br />'s to appear?? Debbie Let me know the problem is solved with my code ?

remove the htmlentities() function while you previewing the comment. then code will be something like this.. <!-- PREVIEW COMMENT --> <?php if (!empty($preview)){ echo '<div id="boxPreview"> <h3>Preview</h3> <p>' . nl2br($preview, ENT_QUOTES) . '</p> </div>'; } ?>

Sir, that means my example which is used by stristr() is not sufficient ?

Code will be this $query = "SELECT `flights_no` FROM `flights` WHERE `flights_no` = '$flights_no'"; $result = mysql_num_rows(mysql_query($query)); if($result == "0") { //Value is not existing do something.. } else { //value already existing, do something }

Since mysql_real_escape_string and htmlentities won't stop the type of sql injection that occurred in your case, the answer would be that casting the id value to an integer will be a lot safer. You mean that mysql_real_escape() string is only make sense in the case of a string. Right ?

Try this if (stristr("http://mysite.com", "GOBBLYBLUETEXTHEREBLABLAH")) { echo "A match was found."; } else { echo "A match was not found."; }

@ seito My new version of code worked ? or still error ?

Try to make the coding yourself. if you have any problems in your coding please post the code here & you will get it answered shortly.

Try my new version of code if (in_array(strtolower($country), $my_countries)) { foreach($allowed_spiders as $s){ list($val1,$val2) = explode(";",$agent_name); list($check) = explode("/",$val2); if(!stristr($s,$check)){ header('Location: www.REDIRECT URL.com'); } } exit; } [code]

Its was my forum signature Lolz!!!

I think it will be the right code <?php $id = $_GET['id']; if (!trim(ctype_digit($id)) { echo "Invalid ID"; } else { $sql = "UPDATE content SET views=views+1 WHERE id=$id''; mysql_query($sql) or die (mysql_error()); $sql1 = "SELECT * FROM content WHERE id LIKE $id LIMIT 1"; $result=mysql_query($sql1); while($rows=mysql_fetch_array($result)){ //something. } } ?>

Use this code to turn on error reporting. Put it at the bottom of <?php tag ini_set('error_reporting', -1);

You need a basic idea about the coding.. Please follow my simple steps. 1. Create a html form to upload image file. 2. Get the image file 3. Get the size info/dimensions by using the uploaded image. 4. Resize it with your function 5. Display the image

try my code $id = mysql_real_escape_string($_GET['id']); $id = trim(htmlentities($id)); if(!ctype_digit($id)) { echo "Invalid ID"; } else { $sql = mysql_query("UPDATE content SET views=views+1 WHERE id='$id'") or die (mysql_error()); }

Try this code if (in_array(strtolower($country), $my_countries)) { foreach($allowed_spiders as $s){ if(!stristr($s,$agent_name)){ header('Location: www.REDIRECT URL.com'); } } exit; }

You can also use htmlentities() function to prevent certain kinds of sql attacks..