Jump to content


Staff Alumni
  • Posts

  • Joined

  • Last visited

Everything posted by GingerRobot

  1. 1.) You seem to have the arguments to in_array() the wrong way around: http://php.net/manual/en/function.in-array.php 2.) Unless this is a simplification, why use in_array() anyway? Surely this would suffice: if($i >= 1 && $i <= 16){ //valid }else{ //invalid }
  2. In general, it looks like you're getting there but you still appear to be missing the braces around the code to be executed only when the form has been submitted. You want to structure your code along the lines of: if(form submitted){ //validate form if(validated){ //Try emailing if(email sent ok){ //Tell user it was successful }else{ //Tell user there was a problem, try again later, alternative contact method etc } }else{ //Tell user there's a problem with their input } } //Display form Indenting your code properly will help to identify the flow of control you want.
  3. Not really sure I understand the question. Do you mean you wish to define the array on one page (load) and use them on another? If so, you should investigate the use of sessions. I'm sure Google can help and there's also a good tutorial on phpfreaks. Edit: Tutorial link: http://www.phpfreaks.com/tutorial/sessions-and-cookies-adding-state-to-a-stateless-protocol
  4. The text inside a textarea goes between <textarea> and </textarea>, not set as a value of the tag. See: http://www.w3schools.com/tags/tag_textarea.asp
  5. You should place the backslash (\) before the character you wish to escape.
  6. This topic has been moved to PHP Regex. http://www.phpfreaks.com/forums/index.php?topic=353729.0
  7. Looks like it, but try making the changes and see what happens
  8. The use of a prepared statement or parameterized query will protect you from SQL injection*. Of course, that doesn't mean that you definitely don't require any other form of input validation. You should still check that the query being executed contains expected values. For example, you would still need to check a value is positive, within some range etc, etc. In other words, the use of parameters or prepared statements avoids the need for separate sanitation (e.g. with mysql_real_escape_string() ), but you shouldn't just forget about validation entirely. *Assuming it has been implemented properly
  9. It looks like you've neglected to include braces around the code you wish to be executed conditionally. The syntax is: if(condition){ //code to execute if the condition is true //more code to execute if the condition is true } Note that if you omit the braces, this is still legal syntax. However, only the single next statement after the if statement will be executed conditionally -- all subsequent code will be execute regardless of the value of the condition. In general, this usually means the next line after the if statement will be conditional. So, for example: if(condition) //This line executed conditionally //This line executed unconditionally Although it is a matter of personal taste and coding convention, many people (including myself) advise against omitting the braces of an if statement even if you do not need them. In general, the braces make the code clearer.
  10. It's not very clear what the problem is. What is that you are trying to do? What is not working? Are you getting any error messages?
  11. Aside from the fact that it would probably be more efficient to do this inside a query (so you don't have to keep re-querying the database!): Why don't you try printing out the result of getContent() each time around the inner loop. This should help you find out why you're getting bogus results.
  12. Edit: kicken beat me to it, but I'd already typed this out so you may as well have it too (our approaches are essentially the same). Personally, my approach would be as follows: 1.) Leave the users table alone 2.) Create a new table, lets say, password_resets, with 3 fields: user id, request_time, uniqueToken. 3.) When someone wishes to reset a password, ask for the email address. 4.) Send the user an email something like: "To reset your password, click this link (or copy/paste): http://example.com/resetpassword?token=307gjhse03a0924njf08u234hjg 5.) Ensure reset password checks that the token was created recently (say, within the last 30 minutes). If so, let the user pick a new password. Note that until step 5 happens, their old password works ok (which is good, as it means someone can't lock you out and if you remember your password you can ignore the reset email). As noted above, this also removes the need for the user to copy/paste a temporary password which adds nothing to security. It also removes any issue with real vs temporary passwords and salting and shouldn't be too tricky to implement. Just make sure the unique token isn't guessable.
  13. It's a little difficult to tell without seeing all of the code, but my suspicion is that you're not resetting your $checked variables as the beginning of each loop iteration. This means that the second time around the loop, one of the $checked variables is already set. For example, try adding $checked1= ""; //repeat To the beginning of the loop.
  14. Another reason for not actually changing a user's password is that they then may not remember to update their password once they log in -- if you force them to via a temporary password/specific link then you don't have this issue. This is both nicer from a user's perspective and more secure; the time frame in which the password/url that was sent in plain text works is definitely limited. I am doing that in essence, except I make them paste in the temporary password. Why? I don't believe this adds any security but it is definitely more frustrating from a users point of view.
  15. You may want to look into Ajax if you're doing anything which requires interaction with something on the server (such as a database)
  16. When debugging unexpected results from a query, the following two thing should nearly always be your first steps: 1.) Execute the query in PHPMyAdmin/the MySQL console. You may have to 'echo' your query if you're using any variables in it, so that you can execute the exact same query your script is. 2.) Add an "or die" statement to mysql_query() ( or better, use trigger_error() ). E.g. mysql_query($sql) or die (mysql_error()); See my tutorial for more details. Once you've verified that your query returns the correct results and no errors are being generated, you can then start to point your finger at your code and investigate the problems.
  17. Well the first thing I notice is that you're suppressing errors on the function calls. Are you sure you wanted to do that? What happens if your query is not executed successfully?
  18. 1.) We're probably going to need to see how you're trying to read the data. I presume you're reading based on column names -- if those names are common on both tables, there's going to be an issue 2.) Have you tried the query inside a MySQL console/PHPMyAdmin and verified it outputs what you expect? 3.) Try using tags around your code 4.) Welcome to the forums
  19. The problem is that you've opened your string with single quotes and closed it with doubles. Try: header('Location: ../application/'.$org.'/display/trackingboard.php');
  20. Err, yes. filesize. You should probably try looking in the manual if you want to find out what functions are available. Contrary to popular belief, it is actually a pretty good source of information.
  21. IMHO, if your question isn't being answered fast enough then I can almost guarantee it's because it was a crap question. The speed at which answers pop up here amazes me.
  22. AFAIK, there's no way to do that...just assign the returned value to a variable and then read the index. It would be a bit of a strange thing to do anyhow; if you want to read both indexes then you'd have to do the computation twice...and if you don't want to read both values, why return them? Edit: Forgot about list(). You could do this: list(,$var) = ReturnArray(); My point still stands though -- why repeat the function call?
  23. Try: $array = unserialize(file_get_contents('file.txt')); echo '<pre>' . print_r($array,true) . '</pre>';
  24. The header() function can send a variety of data to the browser. As the the manual page illustrates, you must tell the browser what data it is you are sending. For example: header("Location:http://www.example.com");
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.