wildteen88

It is erroring out due to 'int' being a mysql reserved keyword. To prevent the error . Change $href = "SELECT $field FROM urls WHERE id=$id"; to $href = "SELECT `$field` FROM urls WHERE id=$id";

When using/setting sessions makes sure you are calling session_start() at the top of all your PHP pages that use sessions. Also when you are setting a session variable do not use session_register(). This function is deprecated and should not be used. Instead use $_SESSION['myusername'] = $myusername; In replace of session_register("myusername") Now on every page you want to be protected. You place this at the top of the page <?php session_start(); if(!isset($_SESSION['myusername'])){ header("location:main_login.php"); exit; } ?>

Umm, seems your sql query is failing change this $qry = mysql_query($href); to $qry = mysql_query($href) or trigger_error(mysql_error()); Also you'll be better to code this if ($url=="usa") $href = "SELECT usa FROM urls WHERE id=$id"; elseif ($url=="uk") $href = "SELECT uk FROM urls WHERE id=$id"; elseif ($url=="aus") $href = "SELECT aus FROM urls WHERE id=$id"; elseif ($url=="can") $href = "SELECT can FROM urls WHERE id=$id"; else $href = "SELECT int FROM urls WHERE id=$id"; As a switch/case statement switch(strtolower($url)) { case 'uk': case 'usa': case 'aus': case 'can': $field = $url; break; case' int': default: $field = 'int'; break; } $href = "SELECT $field FROM urls WHERE id=$id"; Also this $url = intval($_GET['url']); Should be $url = $_GET['url'];

Where are you getting the images from? If they're from the the database then have a look at Multi-column results.

A better approach would be to check whether the variable $_SERVER['QUERY_STRING'] is empty // nothing in the query string. Show the div if(empty($_SERVER['QUERY_STRING'])) { echo '<div>whatever</div>'; }

You sure this is line 114 from index.php? if($_GET){}else{ echo hi; } I see no point in having that line of code as the $_GET superglobal variable will always be defined as an empty array, whether there isn't any query string variables being passed to the script.

Change // Upload Images while(list($key,$value) = each($_FILES[image][name])) { if(!empty($value)) { $filename = $value; $add = "upimage/$filename"; copy($_FILES[image][tmp_name][$key], $add); chmod("$add",0777); } } To // Upload Images $i = 0; while(list($key,$value) = each($_FILES['image']['name'])) { $_name = 'filename' . $i++; $$_name = ''; if(!empty($value)) { $$_name = $value; $add = 'upimage/'.$$_name copy($_FILES['image']['tmp_name'][$key], $add); chmod($add, 0777); } } Now change '$filename' '$filename2' '$filename3')"; to '$filename1' '$filename2' '$filename3')"; Note: If you are unsure what $$_name meas it is called a variable variable

That still not very clear. You'll need to post an example of what you're trying to do.

Where have you placed the .htpasswd file? I guess the most likely place would to put it in the private folder? If its in the private folder, and you're going to be calling the .htpasswd file from a .htaccess file within the htdocs/ folder, then you'd reference the file using ../private/.htpasswd ../ means to go one level higher in the directory tree.

Umm, Why another thread? You have already asked this question here http://www.phpfreaks.com/forums/index.php/topic,309147.0.html

Use the built in XPath function, starts_with() to select only the links that begin with 'CORPSEARCH.ENTITY_INFORMATION' So change this $hrefs = $xpath->evaluate("/html/body//a"); To $hrefs = $xpath->evaluate("/html/body//a[starts-with(@href, 'CORPSEARCH.ENTITY_INFORMATION')]"); Or it can be just this $hrefs = $xpath->evaluate("//a[starts-with(@href, 'CORPSEARCH.ENTITY_INFORMATION')]"); Now your loop will be for ($i = 0; $i < $hrefs->length; $i++) { $href = $hrefs->item($i); $url = $href->getAttribute('href'); echo '<p>Found:<br />' . $url. '<br />Adding it to the database... '; $sql="INSERT INTO links(cid, nlink)VALUES('$i','$url')"; $result = mysql_query($sql); echo (($result) ? 'Success!' : 'FAIL') . '</p>'; }

pornophobic told you what is wrong in in his post here

What is in inc/connect.php? You need to be connected to mysql and have a database selected before you can start quering tables. You do not appear to have a database selected. That is why you are getting this error:

The following should be placed outside of the while loop. if(empty($C_Error) and !empty($_POST['Submit'])) { mysql_query("UPDATE toplist SET name='". realEscape($_POST['name']) ."', descr='". realEscape($_POST['descr']) ."' WHERE id=$id") or die(mysql_error()); echo 'News Updated'; }

Change the javascript to <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script> <script type="text/javascript"> $('#ip_form').submit(function() { window.location = '/testkiller/Track/' + $('#ip').val(); return false; }); </script> This will be your .htaccess file RewriteEngine On RewriteRule ^Track/([a-z0-9.]+)/?$ track.php?ip=$1 [NC,L] RewriteRule ^Track/?$ track.php [NC,L] Go to http://site.com/Track/. Fill in the form with an ipaddress. It should redirect to http://site.com/Track/AA.BB.CC.DD

Then you need to specify the field to order the results by. If its the id field then your query should be SELECT * FROM blog ORDER BY id DESC That will order the results by the id field in descending order (eg 5, 4, 3, 2, 1). To order in ascending order (eg 1, 2, 3, 4, 5 etc) you'd change DESC to ASC

desc is a mysql reserved keyword. Either rename your column to description (I guess that is what desc is short for) or wrap it in back ticks, eg`desc`

This usually means there was a problem with your query. Change $result = mysql_query("SELECT * FROM blog ORDER BY desc"); to $result = mysql_query("SELECT * FROM blog ORDER BY desc") or trigger_error('Query Error: ' . mysql_error(), E_USER_ERROR); What error is shown now?

If you are dealing with passwords you should be encrypting them. You should either use MD5() or SHA1()

Just one more thing you can remove this line $id = realEscape($r["ID"]); I forgot to remove it.

How are you storing the passwords within your table? Are they in they plain text (eg the passeword is 'test') or are they encrypted (eg *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 - the results of 'test' being passed to PASSWORD()). If they are entrypted then you need to compare the entered password in its encrypted form. You cannot compare a plain text password with a encrypted password.

This should not be in your while loop if(isset($_GET['action']) && $_GET['action'] == 'delete') { $id = realEscape($r["ID"]); if( isset($id) && $id != "") { $sql_delete = sprintf("DELETE FROM blog WHERE ID='%s' ", realEscape($r["ID"]) ); echo "SQL is |$sql_delete|"; //remove after debugging mysql_query("DELETE FROM blog WHERE ID='$id'") or die(mysql_error()); echo "News Deleted"; } else { echo "name is empty"; }} Move it outside of the loop! You should pass the records id you want to delete within your link <a href='news.php?action=delete&id=$id'>Delete $name</a> Now change this if(isset($_GET['action']) && $_GET['action'] == 'delete') { $id = realEscape($r["ID"]); if( isset($id) && $id != "") { To if(isset($_GET['action']) && $_GET['action'] == 'delete') { $id = realEscape($r["ID"]); if( isset($_GET['id']) && is_numeric($_GET['id'])) { $id = (int) $_GET['id'];

That because PASSWORD() encrypts the password you give it. As you are encrypting your passwords when you insert them into your database you will need to compare the users password in its encrypted form.

Why? Variables do not get parsed within single quotes!

Where are you using this code to? Post your code here.