hitman6003

Change your AND condition to an OR condition... This: if (!(isset($_SESSION['session_name']) && $_SESSION['session_name'] != '')) { should be: if (!(isset($_SESSION['session_name']) || $_SESSION['session_name'] != '')) {

have a test to make sure it's an array... if (is_array($array)) { foreach($array as $key => $value) { // line 21 if(!is_numeric($key) && $key != "id") { echo("<td id=\"header_$key\">$key</td>\n"); } } } else { echo '<td>There were no rows returned</td>'; }

always the same code for each relative day though? Today will always have the same code. When tomorrow is today, it will have the same code as today, and the day after tomorrow will have the same code as tomorrow when tomorrow is today (whew...that's confusing). <?php $today = 'abc'; $tomorrow = 'def'; $day_after_that = 'ghi'; echo 'Today is: ' . date("Y-m-d") . ' and the code is: ' . $today; echo 'Tomorrow is ' . date("Y-m-d", mktime(null, null, null, date("m"), date("d") + 1, date("Y"))) . ' and the code is ' . $tomorrow; echo 'The day after tomorrow is ' . date("Y-m-d", mktime(null, null, null, date("m"), date("d") + 2, date("Y"))) . ' and the code is ' . $day_after_that;

Interesting. Seems to be missing the top part. Oh, and a question...

Why aren't you using Zend_Auth to get the user's ident? $auth = Zend_Auth::getInstance(); if ($auth::hasIdentity()) { print_r($auth::getIdentity()); }

Without really checking to see what your code is trying to do, try this: $RowCount = ($RowCount == 0 ? $SetRows : $RowCount--);

Will today's date always have the code "FIRST"? Or does the code for today change every day?

Ummm, www.reunion.com?

Why are you creating two arrays with the inverted keys/values? You don't even use the $store array... $store[$EDUCATION] = $value; $mystore[$i] = $store[$EDUCATION]; As fenway said, why are you unioning a "SELECT *" with a subset of that same table? Also, why are you looping through each $mystore when you could simply use an IN clause? $eduresult = "SELECT * FROM profile"; for($i = 0; $i < $lines; $i++) { $edu = "SELECT * FROM profile WHERE EDUCATION = '$mystore[$i]'"; $eduresult = mysql_query(".$eduresult.UNION.$edu.")or die(mysql_error()); } Better way...? <?php // apply mysql_real_escape_string to all the elements... array_walk($_POST['EDUCATION'], 'mysql_real_escape_string'); // generate the query... $query = "SELECT * FROM profile WHERE `EDUCATION` IN('" . implode("', '", $_POST['EDUCATION']) . "')"; $result = mysql_query($query) or die("Query: " . $query . "\n\n" . mysql_error()); while ($row = mysql_fetch_assoc($result)) { echo $row['NAME'] . " " . $row['EMAIL']; }

Provide more details.

Pretty sure it has to do with this line: $RowCount = ($RowCount==0)?$SetRows)?:$RowCount--;

If you can generate the documents to be printed in html, you can create a pdf, or rtf, that has is all of them together...print one document, but that document has all of the letters in it. An alternative would be to generate a CSV using php, then use MS mail merge to generate the letters for printing.

Not sure what you're trying to accomplish...why wouldn't you just generate the code based off of the current date and then you wouldn't have to update it constantly? Why do you need a start date to base future values off of?

You have some misplaced single quotes. Also, it may help to put the expression in parenthesis: <?php echo ($req_user_info['type_market'] == "sto" ? 'selected="selected"' : ''); ?>

Short open tags is probably disabled.

That's because inserting javascript is not SQL injection...the closest term I know is "cross site scripting". Anyway, the reason for using sprintf is because it forces the data types to be what you want them to be. In other words, if you have a query: $int = 4; $string = 'abc'; $query = "INSERT INTO tablename (intcolumn, charcolumn) VALUES (" . $int . ", '" . $string , "')"; You want to make sure that the values being inserted are treated as the correct data type...you want $int to be an integer and $string to be a string. In the above example, if $int were actually a string, e.g. $int = 'four', then it would cause an SQL error when the query was executed. You can get around this two ways: Typecasting: $int = 'abc'; $string = 4; $query = "INSERT INTO tablename (intcolumn, charcolumn) VALUES (" . (int) $int . ", '" . (string) $string . "')"; Or using the printf functions: $int = 'abc'; $string = 4; $query = sprintf("INSERT INTO tablename (intcolumn, charcolumn) VALUES (%d, '%s')", $int, $string); With either of the above solutions, the query would still be incorrect...the inserted data would not be what was intended("abc" converted to an integer doesn't produce 4), but an SQL error would not be generated, which helps prevent an attacker from gaining additional information about your database schema.

Remove the implode function... file_put_contents($filename, array_slice($file, $num_to_remove));

Isn't that the definition of spam?

Have an error condition created if the "contents" of the file is empty...this will let you know that the problem is before the writing of the file... // IF the contents is empty lets just make it one space if ($contents=='' || empty($contents)) die("File " . $file . " was sent to be written, but it's empty"); If that occurs, then you the problem is probably in the retrieving of the attachment from the mail server.

That's the worst idea I've ever heard. The method you are suggesting is to do: $query = "SELECT id FROM table"; $result = mysql_query($query); echo "Number of rows in table is " . mysql_num_rows($result); What if there is 100000 rows in the table? That query is now returning everyone one of them to php which then must count them to get the result...at a minimum it would take 15-20 seconds to do the retrieve and then send the rows to php, not counting any other processing. It makes much, MUCH more sense to do the counting in the database: $query = "SELECT COUNT(id) FROM table"; $result = mysql_query($query); echo "Number of rows in table is " . mysql_result($result, 0); If the table is a MyISAM table, then the latter query's result is near instant. If it's InnoDB, and you are counting on an indexed column (and you should be), then it is again, near instant.

Don't do this: $submit = "$_POST[submit]"; $user = "$_POST[username]"; $pass = "$_POST[Password]"; Do this: $submit = $_POST['Submit']; $user = $_POST['Username']; $pass = $_POST['Password']; If you want to see the raw contents of $_POST use print_r: echo '<pre>' . print_r($_POST, true);

Check to see if the logged element exists...if not, redirect: if (!$_SESSION['logged'] || $_SESSION['logged'] == false) { header('location:http://www.url.org/auth/login.php'); }

Use a JOIN query... SELECT Request_Group.group, Request_Measure.measurement FROM Request_Run RIGHT JOIN Request_Group ON Request_Run.RequestId = Request_Group.RequestId RIGHT JOIN Request_Measure ON Request_Run.RequestId = Request_Measure.RequestId WHERE Request_Run.TimeRunEnd BETWEEN '...' AND '...' ORDER BY Request_Run.RequestId

http://www.apachelounge.com/forum/viewtopic.php?p=5373

If the Windows firewall is enabled, you will need to enable port 80. Also, check the error log to see if it had any errors.