gw1500se

Use var_dump() to see what $_POST contains: echo "<pre>"; var_dump($_POST); echo "</pre>"; You can find the variable you want from that.

Personally I would abandon trying to fix the code and instead rewrite it using PDO. Since it uses deprecated code that is going away in any case, it makes no sense to waste time trying to fix it.

Your curl code needs to be part of the loop. Not showing it makes it difficult to understand what you are trying to do.

You can't just copy code and expect it to work without understanding what it does. That you are using 'wp_redirect' indicates you are writing a WordPress application. What error are you getting? Also your coding is vary hard to read and not good programming practice. You should modularlize your PHP code. A process section and presentation section. Don't embed PHP into HTML like that, build the output string in then echo it.

Yes, when it comes from an HTML page. That is any time you are inserting user provided data.

I always have trouble using them in that context which is why I use my suggestion trouble free.

First please use the code icon (<>) to insert code and select PHP. It makes your code much easier to read. The main thing I notice is that you are using single quotes for your variaables when you build the query string. Single quotes tells PHP to treat the contents as literals. Had you used the code icon you probably would have seen that. mysqli_query($connection, "INSERT INTO comment_table (name, date_col) VALUES (".$name.", ".$date_col.")"); That being said never, ever use the above code. You leave it wide open to injection attack. Any time you want to insert HTML variables into a query you MUST use prepared statements.

Not for DNS assigned IPs. Static IPs are only a maybe. There is no way to capture that reliably without user interaction.

IP address locations are based on the ISP location not the assigned user location.

Uploading files is really not much of a security risk as long as you do a little due diligence. Since uploading files will never set the execute bit it cannot be executed unless the PHP programmer does something dumb with the file. This should help.

If you don't know your own schema then it is impossible to get anything to work.

You need to start with your schema. You seem to have mentioned what it is so show it.

No you're stuck at the basics. You have to upload the files either way so breaking it up in chunks changes nothing other than making it more complicated. The chunks would need to be reassembled into files so it would still be uploading the same volume of data. What does the client side code look like that breaks it into chunks? From a PHP perspective, here is no timeout issue for uploading files unless the client stops. In that case the client can simply resume where it left off when it reconnects but that is mostly a client side issue. There may need to be some PHP code added to handle a resume but without more information it would be hard to say what (probably a session list if the successful uploads).

This should get you started.

Perhaps it is just an exercise in string handling that has no useful purpose. It would not be the first time for such an assignment.

Since pathinfo() breaks is all down for you, just put it back together replacing the type. You can use implode or just concatenate the pieces (.).

Please explain why you want to change the file type? That makes no sense to me.

You can't just change the file type and expect it to work. A better method is to only allow 'png' file type. Use pathinfo() to check the file type and issue an error if it is not 'png'.

I suggest you start by restructuring your code. Use a try/catch for the exception and a separate 'if' block to test '$this->mode'.

First please edit your post and use the code icon (<>) for your code and select PHP as the type. It will make your code infinitely more readable. Second, tell use which line is 344.

I'll cross that off.

It will be more than just a script. You will need to set up a database as well to store the user login information. Try reading this to start.

Looks like the wrong code is posted.

Which is line 287?

What else would I mean? What are we discussing here? You probably removed something you shouldn't have, like a ";" somewhere.