cyberRobot

I've never looked into removing cookies created by other websites. In my mind that would be a potential security risk. If a website can access another website's cookie to delete; there would also be the potential for that website to read or modify that cookie. With that said, I really don't know if it's possible or not.

This should work if I understand your question correctly: // Print out result while($row = mysql_fetch_array($result)) { echo "There are " . $row['COUNT(activate)'] - 2 . " members.<br />"; } Note that I've never seen a column referred to like "$row['COUNT(activate)']". Does that work? I usually build the query like: $result = mysql_query("SELECT activate, COUNT(activate) AS numMembers FROM customers WHERE activate='y'"); while($row = mysql_fetch_array($result)) { echo "There are " . $row['numMembers'] - 2 . " members.<br />"; }

If all you need to do is count the members, non-members, and get the total; you could also do something like: //CONNECT TO THE DATABASE $con = mysql_connect("localhost", "xxxxxxxxxx", "xxxxxxxxxx") or die(mysql_error()); mysql_select_db("xxxxxxxxxx") or die(mysql_error()); //INTIAILZE VARIABLES $numMembers = 0; $numNonMembers = 0; //FIGURE OUT HOW MANY MEMBERS THERE ARE if($result = mysql_query("SELECT activate, COUNT(activate) FROM customers WHERE activate='y'")) { $numMembers = mysql_num_rows($result); echo "There are $numMembers members.<br />"; } //FIGURE OUT HOW MANY NON-MEMBERS THERE ARE if($result = mysql_query("SELECT activate, COUNT(activate) FROM customers WHERE activate!='y'")) { $numNonMembers = mysql_num_rows($result); echo "There are $numNonMembers non-members.<br />"; } //FIGURE OUT HOW MANY TOTAL MEMBERS THERE ARE $totalMembers = $numMembers + $numNonMembers echo "There are $totalMembers total users.<br />"; //CLOSE DATABASE CONNECTION mysql_close($con);

Maybe I missed something, but is there a reason you need to open and close the database connection so many times? You should be able to do something like this: //CONNECT TO THE DATABASE $con = mysql_connect("localhost", "xxxxxxxxxx", "xxxxxxxxxx") or die(mysql_error()); mysql_select_db("xxxxxxxxxx") or die(mysql_error()); //GET AND DISPLAY THE NUMBER OF MEMBERS $result = mysql_query("SELECT activate, COUNT(activate) FROM customers WHERE activate='y'"); while($row = mysql_fetch_array($result)) { echo "There are ". $row['COUNT(activate)'] ." members."; echo "<br />"; } //GET AND DISPLAY THE NUMBER OF NON-MEMBERS $result = mysql_query("SELECT activate, COUNT(activate) FROM customers WHERE activate!='y'"); while($row = mysql_fetch_array($result)) { echo "There are ". $row['COUNT(activate)'] ." non-members."; echo "<br />"; } //GET AND DISPLAY THE NUMBER OF TOTAL USERS $result = mysql_query("SELECT activate, COUNT(activate) FROM customers WHERE activate!='0'"); while($row = mysql_fetch_array($result)) { echo "There are ". $row['COUNT(activate)'] ." total users."; echo "<br />"; } //CLOSE THE DATABASE CONNECTION mysql_close($con);

You'll need to place the include statement on every page that needs to use those functions. Do you have any other file that's already being included on every page? For example, do you have a header or footer file being included? If so, you should be able to add the include statement for functions.php in one of those files.

Are you talking about removing cookies set by other website (Google, Yahoo, etc.) or just the ones set by your own?

Will not stop the massive SPAM I don't think that will stop any spam, that code is meant to help prevent SQL injections.

FYI, this isn't an SQL injection attack. This sounds like plain old comment spam. There are several techniques you can use to limit the amount of spam you get. For more information on some of the techniques, check out: http://webaim.org/blog/spam_free_accessible_forms/

Are you hosting the website with a company? If so, do they have an admin panel? They may have an option to create a sub-domain there.

I'm not sure what the above echo statement is doing, but it seems like all you should need to do is a somewhat simple date comparison. You could try to do something like this: //ARRAY OF DATES USED TO TEST DATE COMPARISON $dateArray = array('2010-05-14', '2000-11-02', '2010-04-15', '2010-06-15', '2010-05-10', '2010-05-01', '2010-04-30', '2010-04-29'); //GET CURRENT DATE INFORMATION $currentYear = date('Y'); $currentMonth = date('m'); $currentDay = date('d'); //GET DATE USED TO DETERMINE IF AN ENTRY SHOULD BE STYLED $oldDate = mktime(0, 0, 0, $currentMonth, $currentDay-14, $currentYear); //subtract 14 days from the current date $oldDate = date('Y-m-d', $oldDate); //LOOP THROUGH THE ARRAY OF DATES foreach($dateArray as $dateToTest) { if($dateToTest < $oldDate) { echo "<p>$dateToTest needs to be styled; it's more than 14 days old.</p>"; } else { echo "<p>$dateToTest doesn't need to be styled.</p>"; } } Note that all of your dates will need to be formated as YYYY-MM-DD for this to work.

Those variables are likely to have come from a tutorial on connecting to a MySQL database. I've seen a lot of scripts which declare their variables first: $hostname = "test.net"; $username = "test"; $password = "test"; Then, use the variables to connect to the database: $con = mysql_connect($hostname, $username, $password); This is my preferred method also since it makes the code a little cleaner. Therefore easier to maintain.

Everything appears to be working great. I have however found that the solution doesn't work if the method attribute is set to 'get'.

Yep, just click the button that has the # on it or . Both will place the selected code into a box that looks different from the rest of the message.

Yep, the action attribute is required to be valid XHTML.

Awesome, thanks andrewgauger and Mchl! That makes the process so much simplier...now I don't need add variables everywhere.

@liamloveslearning Are you familiar with JavaScript? If so, you should be able to do something like this: <form name="myForm"> <label for="intraartapproval">Art Appr. Date</label> <input type="text" name="intraartapproval" id="intraartapproval" size="32" onchange="myForm.intraestimatedinstall.value = Number(this.value) + 14;" /><br /> <label for="intraestimatedinstall">Est. Install</label> <input type="text" name="intraestimatedinstall" id="intraestimatedinstall" size="32" /> </form> Note that the above code only works with integers. You'll need to modify the code to work with dates. It looks like it may be a little bit of work, but you should be able to use some of the JavaScript functions found here: http://www.elated.com/articles/working-with-dates/

I'm not sure what you mean? Are you asking why I'm using single quotes around the action attribute value (action='$redirect') instead of double quotes (action="$redirect")? If so, I'm using single quotes because I'm already using double quotes around the entire <form> tag: echo "<form method='post' name='form' action='$redirect'>"; I could use double quotes again, but I would need to escape them: echo "<form method='post' name='form' action=\"$redirect\">";

Is there anything I need to be careful of with using REQUEST_URI? I'm updating a login script so that it works with URLs that contain variables. What I want to do is create a variable: $redirect = $_SERVER['REQUEST_URI']; Then for the part which displays the login form as needed, I'll add the following code: if($redirect != '') { echo "<form method='post' name='form' action='$redirect'>"; } else { echo "<form method='post' name='form' action='$_SERVER[php_SELF]'>"; } //...display the rest of the form Basically the $redirect variable will only be created for pages that require someone to be logged in before they can view the page content. Also, the GET variables will be sanitized as needed after they log in.

Is there a reason why you need to redirect to the thank you page? I usually prefer to have the thank you message in the same script. . . . if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } //SEND E-MAIL MESSAGE TO USER AND WEBMASTER /* add code to send message here */ //DISPLAY THANK YOU MESSAGE echo "<p>Thanks, your information has been added to the database.</p>"; mysql_close($con) ?> </body> </html>

The header function needs to be called before anything is printed to the screen.

I have the same problem with one of my scripts. I haven't gotten around to coding any kind of solution, but here is what I plan to do. Run a quick test against the database for exact duplicates (first name, last name, username, etc.) If a record is found, do nothing Else, add the new record

A simple solution to at least highlight the code would be: <form> <textarea name="code" onfocus="this.select();"> <?php echo '<html>'; echo '<body>'; echo '<p>Hello World</p>'; echo '<body>'; echo '</html>'; ?> </textarea> </form> Of course this solution doesn't do the copy part. I would need to brush up on my JavaScript to figure that out.

<form> <textarea name="code"> <?php echo '<html>'; echo '<body>'; echo '<p>Hello World</p>'; echo '<body>'; echo '</html>'; ?> </textarea> </form>

Awesome, using an array is so much cleaner than the if version! Thanks

Is there an alternative form of the if statement that I can use for validation? What I want to do is to shorten code that looks like this: if($memType!='Regular' && $memType!='Student' && $memType!='Retired') { //invalid membership type, display error } Is there any way to rewrite the if statement so that I don't need to repeat $memType? In the past, I've used a switch statement: switch($memType) { case 'Regular': case 'Student': case 'Retired': //do nothing default: //invalid membership type, display error } ...but I feel a little weird using switch for this scenario. I would also like to avoid using regular expressions since that seems like overkill.