davidannis

I think Paul meant do this: if (substr(strtolower($list), -3) == "txt"){ echo "<option value=\""; echo $list; echo "\">"; echo $list; echo "</option>"; } The case in $list won't be changed by the if.

Let me explain what I am after a little better. I have a live database which I exported to my development machine. While it was there I added a few new tables, a few fields in existing tables, and deleted a bunch of really old records that nobody will ever need. I'd love to be able to export from the development machine, import to my test server, have the new tables added (easy), have the tables with new fields updated, and have the junk records deleted. I think that I need to actually write SQL myself to do the last two things though. Am I wrong?

the first page would look like this: <form action="http://mysite.com/myscript.php" method="POST"> Input your key: <input type="text" name="keyfieldname"> <input type="submit> </form>

sure: header ('Location: http://mysite.com/dl.php?key='.$_POST['keyfieldname']) ; should work

There are lots of ways that your username and password could be filled. Most likely it is stored in your browser. Looking at the preferences for Firefox there is an option to save passwords for websites.

Am I correct that there is no option that will delete a record if it no longer exists in the copy that is being imported?

If you have magic quotes gpc set on your server (inot that I recommend it) you could have things double escaped if you then use mysqli_real_escape_string so you can use stripslashes in a conditional like this: if (get_magic_quotes_gpc()) { $mystrippedvar = stripslashes($user_inout_var); } before you do the mysqli_real_escape_string

When you accept input from a user that you will redisplay on the website you need to make sure that they can not put in something like <script> my malicious code </script> because if you display that to another user it could compromise their computer or your website. Use php's htmlspecialchars or htmlentities to avoid that problem. To store passwords securely, salt (add some characters to the begining and end, preferably something you can easily figure out to add but a hacker with just a password list wouldn't) and then encode like this function hash_my_pass ($pass, $date_account_created) { $salt1 = 'SEcret2@'; $salt2 = 'Phrase'; return hash('sha512', $salt1.$pass.$salt2.$date_account_created); }

I am trying to be a good coder and free the mysqli result set after I no longer need it, but I get a Warning: Here is the code: $query="INSERT INTO `".DATABASE."`.`competitors` (`company_id`, `competitor_id`, `name`, `description`, `print_order`, `buildfrom`) ". "VALUES ('".$company_id."', NULL, '".$name."', '".$description."', '', '')"; $result=mysqli_query($link,$query) or die ("FAILED to insert into competitor table"); mysqli_free_result($result); and I get the following warning: Warning: mysqli_free_result() expects parameter 1 to be mysqli_result, boolean given in /usr/local/zend/apache2/htdocs/NewFolder/Overview/competitors2.php on line 25 Is the reason that I I am trying to free a result set after an insert instead of after a SELECT?