-
Posts
3,404 -
Joined
-
Last visited
-
Days Won
55
Everything posted by Ch0cu3r
-
You dont need PHP for this. Use HTML/Javascript/CSS. Live Example Set this variable to the url to your signature image imageUrl = 'http://yoursite.com/signauture.php',
-
You mean to say you have a signature image being generated by PHP and you want to generate the HTML/BBCode for it so users can paste it in their signature?
-
Why did you remove Download</a> from your link? The code I gave was to show you what you opening anchor tag needed to look like when adding the class Line 167 needs to be <td><a href="<?php echo $userList[$i]["cv_path"]; ?>" class="cv-download">Download</a></td>
-
No, task_id in the task table should be primary key( set to auto increment). When you insert a new task call mysqli_insert_id after executing the query to get the task id for the row that was just inserted.
-
TOPICS MERGED PLEASE DO NOT START NEW TOPICS FOR THE SAME PROBLEM/QUESTION
-
What do you mean by that? By the time you see the HTML form PHP has done processing, the data would of already been inserted into your database. PHP runs on the server, what you see in the browser is the output of your PHP code. The form action is there so the web browser knows where to submit the form data to. Setting the action to a blank value will make the browser submit the form data to itself (the current page you are on - You will have to include the PHP processing code in same page).
-
No, I said add that class to you cv download links. If you want to have it in an external javascript file, then first remove the <script></script> tag from my code, then save the code in a new file, name it notify.js (or whatever you want to name it). You will then link to the file using the following in the your HTML <head> tag <script src="notify.js"></script> Otherwise just place the code I posted within the <head></head> tags
-
PHP can not create popups you will need to use JavaScript. First add a class to your cv links, example <a href="<?php echo $userList[$i]["cv_path"]; ?>" class="cv-download"> Now in javascript apply a click event handler to all elements that contain the cv-download class <script> window.onload = function() { // this function is called by the onclick event handler function notify(e) { // use this to prevent the link from working e.preventDefault(); // show an alert alert("Please contact admin to download CV's"); } // attach onclick event handler to all links with class cv-download links = document.getElementsByClassName('cv-download'); for(i = 0; i < links.length; i++ ) { links[i].addEventListener('click', notify); } } </script>
-
No, nl2br has nothing to do with sanitizing. I just telling you not to manually convert the newlines to HTML line break tags. Sanitizing is where you are escaping user input to make it safe to use within SQL queries. Typically this is done either by using mysqli_real_escape_string or using prepared statements. Are you not doing neither of those? If not then that is most likely the issue. Failure to do so will make your code prone to SQL Injection attacks I suspect the reason your code works on godaddy is because they have a setting enabled called magic quotes, which automatically escapes any quotes in user input being submitted. This was removed as of 5.4 and so your quotes are not being escaped on 1&1 which is leading to syntax error in your SQL query. If you sanitize your user input properly then quotes within user input should not have any affect on your queries.
-
Can you also post the bit of code which is inserting your data into the database? and also post how you are sanitizing your user input too No, you should not be doing that. Newlines should be converted to HTML line break tags when you go to display the content not when storing it. And rather that do the conversion manually use PHP nl2br function instead.
-
Did your other topic not help? http://forums.phpfreaks.com/topic/293633-running-smart-in-opensuse-132-or-on-gparted-live-dvd/
-
1) You have not assigned this $_POST['update']; to a variable. I presume that line is meant to read as $update = $_POST['update']; 2) Open the file use append mode $file = fopen($file1, "a"); Then there is no need for this $contents = file_get_contents($file1); file_put_contents($file1, $contents); 3) fwrite takes the file handler as the first argument and the value to be written as the second argument (needs to be $update not $file1) fwrite($file, $update); The alternative is not use fopen/fwrite/fclose but to use only file_put_content using the FILE_APPEND flag if(isset($_POST['update'])) { $file = "file.txt"; $update = $_POST['update']; file_put_contents($file, $update, FILE_APPEND); // append $update the file.txt }
-
These two lines are doing nothing by the way $_SESSION['username']; $_SESSION['passname']; If you want to store the username in the session variable then you need to assign it a value. Just like the example I have in your other topic. Password should not be stored in the session, so drop the password session variable. To see if the user is logged in all you need to do is to check if $_SESSION['username'] exists, If it does then the user is logged, display the webpage. If it does not exist then they are not logged in, then redirect them to your login page. You logout page should be destroying the session and unsetting the $_SESSION variables.
-
Your code is sending the email for when a new record has been inserted into the database, at this point the $id variable is not defined. It is only defined if you are performing the edit action. I assume the id column in your repairs table is set to auto increment? It is this id value you want to display in your email, in that case you will need to use mysqli insert id after the query has inserted the new to get the (auto increment) id value
-
session_register() function is deprecated and removed as of PHP5.4. You should not be using this function for registering session variables at all. Instead you should be assigning the value to the $_SESSION superglobal variable $_SESSION['user'] = $username; // add the username to the session variable, named user Make sure you are calling session_start() at the top of all your pages which uses $_SESSION variables, in order for session values to persist between pages.
-
No, that is not what hansford meant You still need to to have the code you used in post #7 for handing the ajax request, except rather than doing this $id_itens = filter_input(INPUT_POST, 'item'); $delItem = filter_input(INPUT_POST, 'delItem'); if ($delItem != null) { $ret = $user->delItem($id_itens); echo json_encode($ret); } it'll now be $id_itens = filter_input(INPUT_POST, 'item'); // get the action passed for ajax request $action = filter_input(INPUT_POST, 'action'); // do this if action is set to delItem if ($action == 'delItem') { $ret = $user->delItem($id_itens); echo json_encode($ret); }
-
With the textareas whatever is between the opening and closing tags is treated as the value. This is why you are having lots of whitespace before (and after) the php value that is being outputted. I would suggest to remove the whitespace/code indentation inside the textarea tags, with addition of applying trim to $comments. <strong>Comments:</strong> <br> <textarea name="comments"><?php echo trim($comments); ?></textarea>
-
Sadly, yes. See topic in the Announcements Forum
-
If you are getting the COuld not work message then that means your query is failing, use mysqli_error to find out why your query failing $result = mysqli_query($Garydb, $log) or die("could not work. MySQL Error: " . mysqli_error($Garydb));
-
QuickOldCar has answered your question. Read his reply again. You should take the advise given seriously. Your code is very outdated, yes it runs but it is not very insecure.
-
Of course it wont print that value. Why? Because mysqli_query does not return the results of the query. It only returns the mysqli result object. To get the actual results from the result object you need to fetch them, see the following manual pages http://php.net/manual/en/mysqli-result.fetch-all.php - fetch all results from the result object, return as a multi dimensional array http://php.net/manual/en/mysqli-result.fetch-array.php - fetch the next row from result object, a single row is returned an associative array.
-
How to redirect users when no files are found
Ch0cu3r replied to bambinou1980's topic in PHP Coding Help
Use Apache's ErrorDocument directive? http://httpd.apache.org/docs/2.4/mod/core.html#errordocument https://httpd.apache.org/docs/2.4/custom-error.html -
Are you serious? You got to be trolling me right?
-
WHAT!? How did you come up with that? Was my post not clear enough?
-
You have a malformed if/else syntax, The lines highlighted in red need to be within the braces { } if ($xcatname) $resa = mysql_query("SELECT catdesc FROM `$t_cats` WHERE `catname` LIKE '".$xcatname."'"); $rowa = mysql_fetch_array($resa); $desc_msg = $rowa['catdesc']; { echo '<div id="showad-textbox">'.$rowa['catdesc'].'</div><br>'; } elseif($xsubcatname) $resa = mysql_query("SELECT subdesc FROM `$t_subcats` WHERE `subcatname` LIKE '".$xsubcatname."'"); $rowa = mysql_fetch_array($resa); $desc_msg = $rowa['subdesc']; { echo '<div id="showad-textbox">'.$rowa['subdesc'].'</div><br>'; }