[Need help with displaying MySQL data]

you use the fallowing code to set the data returned as a object var

example

$data = mysql_fetch_array($result);

then you can return the data as $data['item_code'] and so on and so on

[MySQL Database Error Disclosure Vulnerability]

it should but id make sire all post vars are cleaned and try it..

[\ Does not work!]

stripslashes(\"$desc\")

why do you have " here anyway you dont need them....

[Creating an Image in PHP: I need larger text!]

this is the function i use to combine images

function combineImage( $image,$filename,$x_loc,$y_loc )
{
	$info = getimagesize($filename);

	switch( $info['mime'] )
	{
		case 'image/jpeg' :
			$im_temp = @imagecreatefromjpeg($filename);
			break;

		case 'image/png' :
			$im_temp = @imagecreatefrompng($filename);
			break;

		case 'image/gif' :
			$im_temp = @imagecreatefromgif($filename);
			break;

		default:
			debugMode( $line,'Unhandled image type: ' . $info['mime'] );
	}

	// Get the image dimentions
	$im_temp_width = imageSX( $im_temp );
	$im_temp_height = imageSY( $im_temp );

	// Copy created image into main image
	@imagecopy( $image,$im_temp,$x_loc,$y_loc,0,0,$im_temp_width,$im_temp_height );

	// Destroy the temp image
	if( isset($im_temp) )
	{
		@imageDestroy( $im_temp );
	}
}

[Allowable Characters for Username?]

limiting there usernames is a good idea and not allowing char character that could be used as a sql or database query is allways a good thing

 

[Allowable Characters for Username?]

[a-zA-Z]{8,30} will work in preg match will alow any char a-z upper and lower min 8 max 30

 

[MySQL Database Error Disclosure Vulnerability]

try adding mysql_real_escape_string() around every car that is in the sql queries thsi shoudl saolve this issue

best way is to use a function

function escape( $string )
{
	if( version_compare( phpversion(), '4.3.0', '>' ) )
	{
		return mysql_real_escape_string( $string );
	}
	else
	{
		return mysql_escape_string( $string );
	}
}

 

then its just escape($value) and its cleaned for sql

[Creating an Image in PHP: I need larger text!]

http://php.net/manual/en/function.imagecopy.php

[Getting certain elements from RSS feed]

rss feeds are usaly xml try an xml parser

[MySQL Database Error Disclosure Vulnerability]

try using $_POST insted of $HTTP_GET_VARS

[Preg stuff]

preg_match('/[^a-zA-Z]{1,90}/i',$field)

 

should allow 1-90 letters no spaces or numbers or other none letter chars

[Enabling mod_rewrite]

RewriteEngine On

 

should turn it on for your site to test create a html file on your site called bob.html

add

RewriteRule  ^bob\.html$  john.html

 

after turning the engion on then go to yoursite.com/bob.html the address should change to yoursuite.com/john.html

 

 

[My First Function. now or never i guess]

this may help gen you addresses guessing you have given each symble a numerical value

 

function generateUniqueRandoms($min, $max, $count)  
{
	if($count > $max)  
	{  // this prevents an infinite loop
		echo "ERROR: The array count is greater than the random number maximum.<br>\n";
		echo "Therefore, it is impossible to build an array of unique random numbers.<br>\n";
		break;
	}    
	$numArray = array();
	for($i = 0; $i < $count; $i++)
	{        
		$numArray[$i] = mt_rand($min,$max);         // set random number

		for($j = 0; $j < $count; $j++)                 // for each number, check for duplicates
		  if($j != $i)                                 // except for the one you are checking of course
			if($numArray[$i] == $numArray[$j])
			{
				$numArray[$i] = mt_rand(1,39);         // if duplicate, generate new random
				$j = 0;                                // go back through and check new number
			} 
	}
	return $numArray;
}

 

then

$x = generateUniqueRandoms(1, 39, 6);

$r = implode('-',$x);

 

$r would return ex 12-25-16-24-9-6

your 7th is allways your origin

[delete only the entry with the specified id]

i wouldent put your post script in the while loop place it at the top of your screen and make a hidden input for the emp_id value and then you press delete it will only post 1 value because once you submit then refresh the post is still set and will delete your table

[strpos]

what is it you are trying to do exactly maybe this is the wrong function

 

[strpos]

http://php.net/manual/en/function.strpos.php rtfm ftw?

[Replace several words in HTML using str_replace before displaying it]

$htmlx =  str_replace('---replaceid---', nl2br($rows[0]), $html);

$htmlx =  str_replace('---replacetime---', nl2br($rows[1]), $htmlx);

$htmlx =  str_replace('---replacefrom---', nl2br($rows[2]), $htmlx);

$htmlx =  str_replace('---replacemail---', nl2br($rows[3]), $htmlx);

$htmlx =  str_replace('---replacehomepage---', nl2br($rows[4]), $htmlx);

$htmlx =  str_replace('---replacecomment---', nl2br($rows[5]), $htmlx);

echo $htmlx;

 

but why..... do it this way it would cause the page to load to slow.....

 

[Change password... Doesnt seem to work, just resets password]

gotta watch the name of your var's

 

$pass_conf = $_REQUEST['newpass'];

$email = $_REQUEST['passconf'];

should be

$pass_new = $_REQUEST['newpass'];

$pass_conf = $_REQUEST['passconf'];

 

or add in

if (isset($pass_conf) && $pass_conf !='' && isset($pass_new) && $pass_new !='')
{
if ($pass_conf == $pass_new)
{
$newpass = md5($pass_conf)
}
else
{
echo 'your passwords no not match';
}
}
else
{
echo ' one or more of your passwords are blank';
}

 

this is long code but it make sure the passwords are set lol

[Change password... Doesnt seem to work, just resets password]

mysql_query("UPDATE users SET password='$newpass' WHERE username='$user'")

insted of $user sjouldent it be $username?

[Image Upload not working]

try using move_uploaded_file insted of copy copy is when the file exists on the server allready ...

[Echo sql query to text box]

$query = "SELECT COUNT(id)  FROM `teamrosters` WHERE TEAM = '$team'  ";   

should be

$query = "SELECT COUNT(id) as idcount  FROM `teamrosters` WHERE TEAM = '$team'  ";   

 

then you would use $row['idcount']

 

COUNT(id) just counts but assignes it no name

 

then echo 'ROSTER COUNT: '. $row  [$COUNT];

would be

 

echo 'ROSTER COUNT: '. $row['idcount'];

[MYQLI ERROR]

us ither ... you are getting no sql or php errors?

have you tryed not using stmt

tryed making the changes in the database using myadmin and changing them back on the webpage?

have you tryed putting

error_reporting(E_ALL);

ini_set("display_errors", 1);

 

at the start of the page directly after the <?php ?

[two varible loop]

alot of code for only needing

 

echo "<li class='{$liclass[(((++$index)%2)+1)]}'>{$item_name}</li>";

but position 0 in the array has to be blank like in my example or this wont work...

[I read the md5 Sticky but.. process confusion arises]

thats sorrect bruteforce attacks can still occure

 

if you use a salt for hashing once you allways have to use the same salt every where that user logging in or the password will not match

 

making useres use casps and numbers in passwords helps alot

 

example bruting "apple" has 5 letters with 26 possabilitys for each letter 52 if upper case the more time it takes to crack a password the better but passwords can all ways be cracked or bruteforced

 

http://www.usewisdom.com/computer/passwords.html explanes this well...

 

most sites just use simple md5 no salt this is acceptiable but if you want more strength you can use salts...

[two varible loop]

i think this is what your trying to do ......

 

each menu item has a class asigned by its row "line striping" so each line is nto the same collor but it alternated between 2 classes

if im correct this is what you need...

 

$liclass = array('','ac_menu-item', 'menu-item-last');

$liclass[(((++$r)%2)+1)]

 

this will return position1 and position 2 in the array by each row looped i hope this helps...