[[SOLVED] Fatal error: Cannot break/continue 1 level.....]

i get the same error, but the problem is that i dont have the bracket problem as iamz3r0 faced, i really have to use break.

and if i cant use break, what can i use?

[code to display images from directory not working]

This is the error

PHP Notice:  Undefined index: valid_user in /var/www/work/fns/display_images.php on line 3
<img src="./uploads/" />
PHP Notice:  Undefined offset: 1 in /var/www/work/fns/display_images.php on line 7
<img src="" />

 

i think its not accepting the session variable.

and i'll try hardcoding the username this time.

[code to display images from directory not working]

i have a script to allow each member to store images in a folder named after him, so that they are exclusive to that particular member only.

 

Now when i try to retrieve it, i get error.

any ideas what might be wrong here??

 

 

<?php
session_start();
$pictures = glob("./uploads/".$_SESSION['valid_user']."/");
$no_pictures = count($pictures);

for( $i = 0; $i <= $no_pictures; $i++)
{
echo "<img src=\"".$pictures[$i]."\" />\n";
}
?>

 

thanks

[Cant get image upload script to work]

i solved it

i used this script and applied the same modification and everything works fine now

[Cant get image upload script to work]

here is the script i am using

 

 

<?php
session_start();
define ("MAX_SIZE","10000");

function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}


$errors=0;

if(isset($_POST['Submit']))
{
for($i=0; $i<count($_files['image']['name']);$i++)
{

$image=$_FILES['image']['name'];

if ($image)
{

$filename = stripslashes($_FILES['image']['name']);

$extension = getExtension($filename);
$extension = strtolower($extension);

if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
{

echo '<h1>Unknown extension!</h1>';
$errors=1;
}
else
{

$size=filesize($_FILES['image']['tmp_name']);


if ($size > MAX_SIZE*1024)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}

$directoryPath = "images/".$_SESSION['valid_user'];
if (is_dir($directoryPath))
{
echo "exists<br>";
$image_name=time().'.'.$extension;

$newname="/images/".$_SESSION['valid_user']."/".$image_name;
}
else
{
echo "not exists";
$directorypaths = "images/".$_SESSION['valid_user'];
mkdir($directorypaths, 0755);
$newname="/images/".$_SESSION['valid_user']."/".$image_name;
}

$copied = copy($_FILES['image']['tmp_name'], $newname);
if (!$copied)
{
echo '<h1>Copy uunsuccessfull!</h1>';
echo "<a href=\"member.php\">Click</a>";
$errors=1;
}}}}}


if(isset($_POST['Submit']) && !$errors)
{
echo "<h1>File Uploaded Successfully! Try again!</h1>";
echo "<a href=\"member.php\">Click</a>";
}

?>

<form name="newad" method="post" enctype="multipart/form-data" action="image_upload.php">
<table>
<tr><td><input type="file" name="image"></td></tr>
<tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>
</table>
</form>

 

i copied this from somewhere and modified it a bit.

 

I want it to check if a directory of the name of current user is already in the /images folder, and if not, it should create a directory by the name of current user and save images in there.

So i added this part here

 

 

$directoryPath = "images/".$_SESSION['valid_user'];
if (is_dir($directoryPath))
{
echo "exists<br>";
$image_name=time().'.'.$extension;

$newname="/images/".$_SESSION['valid_user']."/".$image_name;
}
else
{
echo "not exists";
$directorypaths = "images/".$_SESSION['valid_user'];
mkdir($directorypaths, 0755);
$newname="/images/".$_SESSION['valid_user']."/".$image_name;
}

 

and i would take a guess that this part is not working.

Any help is appreciated.

[display images in two columns]

i doubt OP's coming back now

[regex to accept a whole number, or a decimal number]

cool its working now

thanks both of you

[hwo to i store decimal value in database?]

I just did

 

 

OK Here's the served-up-on-a-plate answer

 

Instead of VARCHAR(xx) use DECIMAL(8,3)

 

i thought it was a function of php

but kicken cleared it well and good.

[regex to accept a whole number, or a decimal number]

till now my guess was this

 

/^\d+\.?\d{1,2,3}$/

 

It should accept a whole number, like 123456 or a decimal, like 123.456, but should allow MAX 3 decimal places.

but this isn't seem to be working.

 

what's wrong with it??

[hwo to i store decimal value in database?]

can i have an example please?

[hwo to i store decimal value in database?]

silly me

 

varchar() works fine.

thanks for looking though

[hwo to i store decimal value in database?]

i already have the particular column as float, and input is of the form 9999.999

 

i dont think if number_format's going to be of much help here.

What should i use??

[How to convert links to anchor tags ?]

so this is a path

 

http://www.google.com

 

and everything after google.com is a param

 

https://www.google.c...iw=1855&bih=968

 

right?

[regex not working!]

oh ok

is there any way i can tell if there's a problem with a regex, or i just have to look at it?

[How to convert links to anchor tags ?]

@christian f

can you tell me the difference between URL path and URL param??

does URL parameters include GET values??

[regex not working!]

nevermind i found it.

 

function check_system($input)
{
$expr = '/^[0-9a-zA-Z ]+$/';

if(preg_match($expr,$input))
 {
   return true;
 }
 else
 {
   return false;
 }
}

[regex not working!]

following is the regex to match several words,letters and spaces, but it seems i got it wrong.

 

$expr='/^[a-zA-Z0-9 ]*{2,36}$/';

if(preg_match($expr,$input))
 {
   echo "good ";
 }
 else
 {
   echo "not good";
 }

 

can anyone tell me Whats wrong?

[what measures to protect website?]

thats more like it

thanks for this answer

[what measures to protect website?]

i havent salted the passwords but have used sha1

will salt them, that i had in mind

what i was asking for was what,apart from mysql real escape string, should i use>??

 

stripslashes, pregs

what am i missing?

apart from cross scripting and os injection and other big types of attacks

[what measures to protect website?]

thanks for the reply but both answers are above my head

link or a detailed explanation would be appreciated

[what measures to protect website?]

as the title suggests, what steps do i need to take to give a website a reasonable amount of security?

 

i know about mysql_real_escape_string and have googled a bit regarding this topic.

 

what else do i need to do??

[table with multiple columns or several tables with redundant data?]

thanks again

[how to implement posting a message and retrieving it?]

i know about the auto_increment field, was not using it cause it had to be primary....

anyways, i could store them alright, but how would i retrieve them???

 

consider there is a particular user, who has uploaded a photo.

Now, if someone comments on it, how would i know that "that" particular comment belongs to that photo ?

How would i assign id's to that thing?

[table with multiple columns or several tables with redundant data?]

so what am i doing is not the worst approach??

[how to implement posting a message and retrieving it?]

it is similar to posts on forums, or comments in wordpress.

 

What i was thinking, to have a table structure like this

 

username varchar,

actual_msg text,

post_id smallint

 

now when submitting the content to the database, i will run the query to increment the post_id, and hold it in a variable, say $var.

When it has been saved in the database, i will use the $var to fetch the message.

 

But, if a user submits the message and it is not submitted and the post_id is incremented, that row would remain empty.

And if a deadlock occurs, i dont know what will happen in that case.

 

Can anyone tell me what approach should i use?

Also, using locks in mysql is feasible?