devilsvein

Yeah there was another number_format in another page which was trying to format the same variable. I think its best i apoligise to use all for wasting your time on a stupid mistake I did. Really am.

I wouldn't have thought it could have been that but I did have a look. Below is the exact function of my code function Banner() { global $userid, $username, $level, $m, $g, $brave, $donator, $perc_energy, $shooting, $maxshooting, $perc_concen, $brave, $maxbrave, $perc_health ; //$m = "£" . $m; $d = $donator; if ($d >=1 ) { $d = "<img src='donator/donator.gif' width='12px' height='13px' title='You have $donator days remaining' />"; $username = "<font color='#4a3401'>$username</font>"; } else { $d = ""; } echo "<div class=bannimage> <img src='gameimage/newbann.png' /> <div class=text> <h3 style=margin-top:0px; margin-bottom:0px;>"; echo "["; echo $userid; echo "] " ; echo $username; echo $d; echo "</h3> <table cellspacing=0 cellpadding=0 width=190px border=0> <tr><td><small>Level:</small></td><td width=80px>"; echo $level; echo "</td></tr> <tr><td><small>Money:</small></td><td width=80px>"; echo $m; //Here we get 2,501 displayed.....its rounded up and not showing decimal echo "</td></tr> <tr><td><small>Gold:</small></td><td width=80px>"; echo $g; echo "</td></tr> <tr><td><small>Faction:</small></td><td width=80px>"; echo $brave; echo"</table> </div> <div class=stats> <table cellspacing=0 cellpadding=0 width=190px border=0> <tr><td><small>Energy:</small> </td><td width=80px>$perc_energy%</td></tr> <tr><td><small>Shooting:</small> </td><td>$shooting / $maxshooting</td></tr> <tr><td><small>Concentration:</small> </td><td>$perc_concen%</td></tr> <tr><td><small>Brave:</small> </td><td>$brave / $maxbrave</td></tr> <tr><td><small>Health:</small> </td><td>$perc_health%</td></tr> </table> </div> </div>"; } That $m is also displayed out of the function such as tables as echo $m; Again, same result. this is from the array in my database $m = (float) $row['money']; I have realised that the output has commas in it as if its already been number_format when I haven't placed any number formats. the database doesn't have a comma in. So i think if there's nothing wrong in the code I have, something somewhere is formatting my number and I think im trying to overide it. Im going to go through all my pages.

shows 250.54 Thats all the code that relates to £m ? I don't know what else to post...

Ok starting with the database column Its called money and is a decimal(11,2). Null is no. In the database php page I have: $sql = "SELECT * FROM users WHERE PlayerID='".$_SESSION['ID']."' LIMIT 1"; $result = mysqli_query($mysqli, $sql); $row = mysqli_fetch_assoc($result); $m = (float) $row['money']; var_dump($m); When its displayed its usually done by echo $m; Sometimes this is in a function like so... function Banner() { global $m, $g ; //$m = "£" . $m; //some code here... echo "</td></tr> <tr><td><small>Money:</small></td><td width=80px>"; echo $m; //some code here..... }

The final result should display 2 decimal places for example 250.54 When I apply number format and carry out a var dump it shows the float number back as being a string. It also only shows digits before the comma in number format

So i've done this: $m = (float) $row['money']; and var dump of $m produces => float(2500.54) however when I echo $m to screen without any further changes I get 2501

Thanks for that kicken. Var dump totally didn't come to mind... It returns null strangely. Sorry Ignore the above. I looked at it again and it showed the below: string(7) "2500.00" Im guessing that the string is the problem as it should be float?

Hey, I might not have the best answers but I'll give it a shot. 1) I think your fine there...if you have something like $username = .... and so on make sure you don't call them out when you don't need to. 2a) As far as I know sessions are unique on every websites and webpages on specific sites can only access the session if it has session_start(); at the top. For added security you could look into session hijacking and maybe encrypt sessions aswell. NEVER store passwords in sessions 2b) Its OK for temporary information. If you want to then store them for more future uses consider variables and also use html entities on the data to prevent any attacks. 3) For passwords you could use phpass. Thats one way which many people use as its highly encrypted. You could also use sha512 and add unique salts to passwords.

Sorry for unsolving this. It seems it didnt work -.- @jessica when the number_format does work it displays the commas and dots in the right place. Its only this particular column name which is causing issues. Even after i delete and readd it in phpmyadmin. I've saved it with decimal (11,2) and in the database it clearly shows the right amount with the decimal point followed by 2 digits. I get my number and store it in a variable like this $query = "SELECT * FROM users WHERE PlayerID='".$_SESSION['ID']."' LIMIT 1"; $result = mysqli_query($mysqli, $sql); $row = mysqli_fetch_assoc($result); $m = $row['money']; Even that the $m shows the number but no decimal.... I also have this in my code on another page. I think this might cause issues $m = "£" . $m; but even after commenting that out I still dont get the decimal points in. As mentioned earlier, if I bring into play number format only the first digit shows..

Thanks for the answer. It didn't help BUT it did lead me to find the correct solution. I was using something like (32,0) when it should have been (32,4) in the database size and $m is a number m is for money!

Basically I've got a table in my database where I have a row called 'm' and its a decimal with 32 character length. when i call it out the data it shows the correct result on screen and even after i've applied the abs function it still works. However when number format comes in to play......it only shows the first digit! Regardless of the decimal places I out in. Yet it works for other results I have from my table. There displayed correctly withs abs and number format. By debugging what I have found is that any number before the colon is displayed. So if we had 5,500 in the table => 5 would be displayed to screen. If 55,000 was in the database, only 55 would show $m = number_format(abs($row['Money']), 2);

Think it was working. I tried <font color red>Name</font> with and without htmlentities and 1 made it red whilst the other just diplayed the markup codes? But it didn't go through the if statement?

function securevar($var) { $var = htmlentities($var, ENT_QUOTES); if ( strlen ($var) >= 9) { $var == "401"; } return $var; } $username = securevar($row['Username']); Basically what Im expecting to happen is that $row['username']; goes into the function and gets sanitized to prevent xss attacks. it then returns to the same variable the result which is now sanitized. If after being sanitized it has more then 9 digits I print 401 instead of the sanitized name. This then gets stored in a new variable for ease of remebering which is $username

$emailrow = mysqli_query($mysqli, "SELECT * FROM TABLE WHERE email = '" . mysqli_real_escape_string($mysqli, $loginemail) . "'"); $row = mysqli_num_rows($emailrow); if ($row != 0) { echo "Email taken"; } [/php

That was suppose to seperate the double and single apostrophies lol But i've tried the & < > and still nothing gets replaced. its displayed exactly the same

I was also wondering why doesnt my htmlentities work? It dont want to convert " / ' or other symbols when i look at the display =/

Thanks for that jessica. Honestly wouldn't know what I would have done without you. Stupid mistake on my behalf. Was too busy looking at the void functions in c++

Trying to create a function to sanitize some variables. What I have done so far is: function securevar ($var) { $var = htmlentities($var, ENT_QUOTES); if ( strlen ($var) >= 9) { $var == "401"; } } database results perfectly come and work if I dont use the above function but as soon as I do: $username = securevar($row['Username']); It returns blank and no error message. Aslo forgot to say var_dump on $username returns NULL

For some security I would use htmlentities on your php self form action

If I followed correctly you would have something like: 1) table header.....so simple html <table border=1 width=500px><tr><td>List/code</td><td> Year</td><td> Count</td></tr> 2)Create a while loop that executes each row of your table until it reaches a set amount. While loop would be something like while (condition) { echo "<tr><td>003EL</td><td>$year</td><td>$count</td></tr>"; Then echo out the </table>

Lol I appreciate your quick help and support! Thanks a lot

First mistake i found should been $mysqli and not $query. PHPMYADMIN does show a syntax error. Get confused on that sometimes.... Thanks Jessica, ill see how it goes now isit because ++ isnt recognised? i tried UPDATE Persons SET daysold=daysold+1 and this worked

Hi, I'm using crons for the first time and have done a bit of research around the web.I'm using crons on a php file of mine at the momment. In my cron jobs I've added this line, as I want this onemin.php file to run on a daily basis. (sorry for name confusion) 0 0 * * * php /home4/******/public_html/crons/onemin.php the actual code on my onemin.php is as so... <?php require "corefolder/globe.php"; //db require "corefolder/gamecore.php"; //Updating days old mysqli_query($query, "UPDATE Persons SET daysold=daysold++"); ?> The issue im having is that it doesn't increment daysold as ive checked it after 24 hours and well its still 0. Secondly I wanted to see if anyone could explain the difference between using php and curl in the cron command and whether theres a suitable alternative. Lastly how can i tell what time this cron is running at due to the fact theres many different timezones around the planet and my webhost is in the states.

Ok i see, i think its best that i keep to one long table. I thought you could break down data this way into smaller tables.

Started to use foreign keys for the first time and have come across a problem I have a table called A_table in which I have a column there which auto-increments named P_ID. I have another table called B_table and have a column called P_ID and i believe I have also set this to foreign key and referenced it to that in A_table. (p_id is the row number) i then have two queries in a page of signup of mine mysqli_query($mysqli, "INSERT INTO A_table (Username, Password, Email, Gender, ip) VALUES ('$euser', '$hash', '$eemail', '$gender', '$ip')"); mysqli_query($mysqli, "INSERT INTO B_table (Energy, Shooting, concentration, brave, health) VALUES (100, 100, 100, 5, 100)"); The foreign key is my B_table doesnt have the same id of that in my A_table? It starts at 0, and the query executes and inserts fine