Prismatic

The words change into ?? because your application doesn't support the language you've tried to display. Also, echo must be used with quotes, single or double. <?php echo Hello World!; //Parse error echo "Hello World!"; //Good echo 'Hello World!'; //Good ?>

<?php include 'dbconfig.php'; if(isset($_POST['b'])) { if($_POST['b']['search_text']) { $cleanText = mysql_real_escape_string($_POST['b']['search_text']); mysql_query("INSERT INTO searched (text) VALUES ('{$cleanText}')"); } } ?> You were open to injection taking the form data directly into the DB

Totally

<?php error_reporting(0); ?> <td> content of main page </td> <td><?php include "http://intranetserver/directory/test.php" or die (???);?></td> <td> rest of content from main page

<?php foreach($_SESSION as $key => $val) { echo $key ." => ". $val ."<br />"; } ?>

if ($ID == NULL) ID is not being set anywhere before in that script, and unless you have register_globals on it never hits the else. Change it to if ($_GET['ID'] == NULL) And try again

Since you're checking if the affected rows is 1, why is your query searching for ID's like ID? Just simply delete the ID <?php $con = mysql_connect("host","user","pass"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("db", $con); $query = "SELECT * FROM `awnings`"; $result = mysql_query($query); while($row = mysql_fetch_row($result)) { echo("<table border='1' wIDth='100%' align='center'> <tr> <td width='19%' align=center><em>Make: </em>{$row[1]}</td> <td width='19%'align=center><em>Model: </em>{$row[2]}</td>; <td width='19%'align=center><em>Size: </em>{$row[3]}</td> <td width='19%'align=center><em>Year: </em>{$row[4]}</td> <td width='19%'align=center><em>Price: </em>{$row[6]}</td> <td width=10px><font size=1><a href='used_caravan_awnings_edit.php?ID={$row[0]}'><font size=1>Delete Record</a></font> </table>\n"); } if ($ID == NULL) { //do notning } else { //get ID $ID = $_GET['ID']; print("ID: $ID"); $query = "DELETE FROM `awnings` WHERE ID = '{$ID}'"; $result = mysql_query($query); if(mysql_affected_rows() == 1) { print '<p>The stock has been deleted</p>'; } else { print "<p>Could not delete the entry because <b>" . mysql_error() . "</b>. The query was $query.</p>"; } } ?> Cleaned it up a bit, too.

You need to enable SQLite http://us2.php.net/manual/en/sqlite.installation.php

$xml = simplexml_load_file("./xml/users.xml") or die ("Fatal Error opening file");

That's a MD5 hash for the password, meaning you can't just send someone their password unless you either encrypt it somewhere or store it in plaintext (bad!) You may want to build a password reset system instead.

First, please use the [code][/code] tags when posting code PHP cannot parse Javascript. Javascript is client-side, PHP is server-side. Everything PHP does is done before the data is returned to the browser from the server. If you simply want to echo the javascript from PHP, escape any quote's in the javascript.

Do you mean comments in PHP like this <?php //Comment ?> Or do you mean allowing users to post comments to your website?

No, PHP is server side. What you want is Javascript

Use $_GET instead of $_POST so the form data is sent through the URL, that way you can link to any search you want

$loginPost = "user=".$this->tujuan($user)."&pass=".$pass."; to $loginPost = "user=".$this->tujuan($user)."&pass=".$pass;

You updated the CSS file also, right?

Are you double clicking your links?

Ok give this a try, first BACK UP the two original files Copy style.css and index.php from the warfare template into a backup folder, then replace them with the files I've attached. it should work fine, it's untested though. Zip has 2 files, index.php and style.css [attachment deleted by admin]

Taking a look..

<?php /** * Run the MySQL query selecting only the rows with $usernamd and $password * mysql_real_escape_string escapes special characters to prevent SQL injection */ $sql = mysql_query("SELECT * FROM users WHERE username = '". mysql_real_escape_string($username) ."' AND password = '". mysql_real_escape_string($password) ."'"); /** * mysql_fetch_row will return the row as an array or FALSE if no row is * found in the query we ran above */ if(mysql_fetch_row($sql)) { // A row was returned so the user data is valid $response = "ok"; } else { // No row was returned so the user data was NOT valid $response = "invalid details"; } print "&response=".$response."&"; ?> In the code above you can swap out mysql_fetch_row with mysql_num_rows as they perform the same function in these circumstances. It's not generally the best idea to tell someone either the username or password was incorrect. You should simply tell the user the information they provided was incorrect. Reason being a potential attacker trying to brute force their way in wouldn't know if they had a valid username or not if you just returned incorrect information.

<?php $sql = mysql_query("SELECT * FROM users WHERE username = '". mysql_real_escape_string($username) ."' AND password = '". mysql_real_escape_string($password) ."'"); if(mysql_fetch_row($sql)) { $response = "ok"; } else { $response = "invalid details"; } print "&response=".$response."&"; ?> This is assuming you have a users table with a username and password field

Quick php.net search http://us.php.net/manual/en/function.imagecopy.php#61693

Why can't you just read in a certain number of bytes at a time?

it only looks like noise. Each pixel of an image can hold 3 ASCII representations of a character (R, G and B channels) The script loads in the target file, convert each character it encounters in the file into it's ASCII counterpart, and assign 3 at a time to a single pixel. Here's a script to reconstruct a picture generated by the script in the OP. There are some bugs which I think may be due to it not correctly translating some characters into ASCII. <?php $filename = "hw.png"; if (file_exists($filename)) { $img = imagecreatefrompng($filename); $img_y = imagesy($img); $img_x = imagesy($img); $i = 0; for($y = 0; $y <= $img_y; $y++) { for($x = 0; $x <= $img_x; $x++) { $rgb = @imagecolorat($img, $x, $y); $r = ($rgb >> 16) & 0xFF; $g = ($rgb >> & 0xFF; $b = $rgb & 0xFF; echo chr($r).chr($g).chr($b); } } print_r($Reconstruct); } ?> Again it's not noise

So a while ago I ran across a script on a person's blog that would load a file in, any file, and convert it to a grayscale PNG, each pixel consisting of one ASCII value representation of a character from the loaded file. I really wish I could remember where I found it but I cant, unfortunatly, to give credit for the original idea. My plan was to take the file and read in 3 characters at a time, converting each character into an ASCII value and assigning that to the R, G and B fields of the pixel. Here's our source photo next to the image generated from the original script, and finally after my modifications -> -> And the script, <?php $filename = "anomymous.jpg"; if (file_exists($filename)) { /** Load the file */ $fs = fopen($filename, "r"); $data = fread($fs, filesize($filename)); fclose($fs); $i = 0; $d = 0; $key = 0; /** * Loop through and create an array with child arrays each containing * 3 entries, which will be our R, G and B values later on */ $file = str_split($data); for ($y=0; $y < count($file); $y++) { /** * Place the 3 values inside our array, * We'll later be going back through this array to * create our image from the data inside it. */ if($d <= 2) { $pixelData[$key][] = ord($data[$i]); $i++; $d++; } else { $key++; $d = 0; $pixelData[$key][] = ord($data[$i]); $i++; $d = 1; } } /** * Now we want to create the image, we'll use a modified pagination system * to split the array up into equal parts, except for the last row.. We'll pad * it out with black pixels */ $rows = count($pixelData); $xlen = 100; $xlen_last = ceil($rows/$xlen); $im = imagecreatetruecolor($xlen, $xlen_last); $i = 0; for($y = 0; $y <= ceil($rows / $xlen); $y++) { for($x = 0; $x <= $xlen; $x++) { imagesetpixel($im, $x, $y, imagecolorallocate($im, $pixelData[$i][0], $pixelData[$i][1], $pixelData[$i][2])); $i++; } } if($_GET['debug'] == true) { print_r($pixelData); } else { header("Content-Type: image/png"); imagepng($im); imagedestroy($im); } } ?> It's messy but works What I do in my spare time