Deepzone

I debugged it and found the slash was generated by real_escape_string function. I use this function to sanitize the capture to prevent sql injection. So shall I use the stripslashes after this function? But then if user does need to input a slash, what do I do?

Can anyone tell me how to prevent a slash from auto-generated when inserting a string that has a apostophe. Example can't become can\'t. Thanks,

I'm trying to use ajax to show upload progress bar. I downloaded a plugin and created a single php file and it works fine. However it doesn't work if the code is being included by another php file. Does anybody have an idea what the problem might be? Thanks.

I have the following code the lookup data from a database. It runs okay on my llocal machine but it give me "Fatal error: Allowed memory size of 33554432 bytes exhausted" whenit runs on hosting server. It indicates fatal error at line of $r[field3]); I googled the error and found the response for similar situation is to re-code to prevent memory leak. Can anyone point out how the following can be improve to prevent the error from happening. Thanks a lot. $stmt = $database_connection->stmt_init(); if ($stmt->prepare("SELECT keyA, field1, field2, field3 FROM tableA JOIN tableB ON tableA.field1 = tableB.keyB JOIN tableC ON tableA.field2 = tableC.keyC WHERE field3 LIKE ?")) { $stmt->bind_param('s', $likeString); $stmt->bind_result($r['keyA'], $r['field1'], $r['field2'], $r['field3']); if (!$stmt->execute()) { echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error; exit(); } while($stmt->fetch()){ foreach( $r as $key=>$value ) { $row_tmb[ $key ] = $value; } $r[] = $row_tmb; } return $r;

Hi there, I have a PHP site development on Windows XP. I'm currently using XAMPP 1.8.1 php 5.4.7. I tried to install APC to php extension but either getting message and system hung. Can anyone tell if this is possible and which version should I download? Thanks a lot.

Hi there, I use ACTION="xxx.php" in form tag to move to another page. Is it possible, in php, for me to remain on the same page if error occur else then post to xxx.php page? Thanks.

Hi my php is coded to handle two situations. One is to show all records without a parm and the other is to narrow down the number of records if parm is supplied. My problem is not able to clear the content of the $_GET after the page is rendered. So everything there is a postback, it still picks up the value in $_GET to. I googled the solution and people said use unset but it doesn't seem to be working. Can anyone help

okay, I decided to use javascript.

Is this the only way? What happened if javascript is disabled?

Hi there, Is it possible to do a postback (without click on a button) as soon as user selected a value from a dropdown list? Thanks.

Is that right? ... I've posted somehow to ask if mysql and mysqli can co-exist but most people said no. As I'm new in both, I greatly count on support from such forum. Thanks a lot.

Sorry, I don't get it. Whats that mean?

Thank you. That's the problem.

How am I be able to get the errors?

I have the following to update database but somehow it is doing so. Anyone has an idea? I added break point inside this function to check the parms passed in and they are correct. function edit_book($book_id, $book_title) { $conn = mysqli_connect('localhost', 'user', 'pwd', 'db') or die('Could Not Connect' . mysql_error()); $book_id = (int)$book_id; $book_title = $conn->real_escape_string($book_title); $stmt = $conn->stmt_init(); //***************** Break point - examine the value of book_id and book_title if ($stmt->prepare("UPDATE book SET book_title=? WHERE book_id=?")) { $stmt->bind_param('si', $parm_book_id, $parm_book_title); $parm_book_id = $book_id; $parm_book_title = $book_title; $stmt->execute(); $stmt->close(); } mysqli_close($conn); }

oh, yes. I did. That's the reason? Thanks.

I use te following to grab the value from parm:$func_num_args = func_num_args(); $func_get_args = func_get_args(); if ($func_num_args > 1) { $column = $func_get_args; } Note: I always ignore the first parm.

Thanks for your reply. As you can see, the one I got it from parm starts from element 1 (I guess [1] means element 1) so I just worry if there will be any difference between two. Any idea why wasn't it filled by element 0?

I use print_r to show display the content of two arrays. Apart from starting element (I guess), would there be any difference in terms of looping through the array. Please see the sample below: Content of $col (from parm using $func_get_args) Array ( [1] => a [2] => b [3] => c ) Content of $colarray (hardcoded) Array ( [0] => a [1] => b [2] => c )

I have problem to fetch data into an array. The following code was original written in mysql and I need to convert it to use mysqli. Question 1: Do I need to have $stmt->bind_result ? Question 2: How do I convert from mysqli_fetch_assoc to mysqli_ ? Thanks for any help. if ($func_num_args > 1) { unset($func_get_args[0]); $fields = implode (', ', $func_get_args) ; $stmt = $database_connection->stmt_init(); if ($stmt->prepare("SELECT $fields FROM category WHERE book_id=?")) { $stmt->bind_param('i', $parm_book_id); $parm_book_idt = $book_id; $stmt->execute(); } // the following needs to be changed to use mysqli $data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM user WHERE id_user = $id_user")); return $data; }

Thanks for reply. I ran this chunk of code and database update didn't occur until I commented out if (strcmp($res, "VERIFIED") == 0). And I trace the output return from Paypal but don't see anything like $res.

I use the following IPN code from Paypal to trigger my database update. if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); // $res=stream_get_contents($fp, 1024); $res = trim($res); if (strcmp($res, "VERIFIED") == 0) { if ($payment_status === 'Completed') { $txn_id_check = mysql_query("SELECT txn_id FROM log WHERE txn_id = '".$txn_id."'"); if (mysql_num_rows($txn_id_check) != 1) { if ($receiver_email=='[email protected]') { if ($payment_amount == '0.09' && $payment_currency == 'CAD') { // add txn to database $log_query = mysql_query("INSERT INTO log (txn_id, email) VALUES ('".$txn_id."', '".$payer_email."')"); // update premium to 1 $update_premium = mysql_query("UPDATE users SET premium = 1 WHERE user_id = '".$user_id."' "); } } } } } else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation } } fclose ($fp); } The updating has never kicked in. I tried to debug it and found it has been blocked at if (strcmp($res, "VERIFIED") == 0) . From other post of this forum I learned to trace the IPN return script and found $res doesn't exist. Does anyone know how to fix it?

Hi, I have the similar problem. I looked at the content of POST array and couldn't find $res which is supposed to have "VERIFIED". Can you tell me how did you end up fixing the problem? Thanks a lot.