btherl

The reason anything between <> must be treated is a tag is that HTML is designed to be backwards compatible. That is, an old HTML parser must be able to ignore newer HTML tags invented later. So if it finds a tag it doesn't know, it will assume that it's a tag from some future version of HTML, and skip it.

I didn't notice you were running a 64 bit mysql there .. yes I would believe that there may be bugs in the 64 bit version, even some serious ones. When Mysql (and most other mature software packages) were written, ints were 32 bits and that was that.

Can you give more details? Do you want to copy files? Database? php scripts?

I tried that code you posted, and it works fine. Perhaps the error is elsewhere in your code?

You need a while loop $taken_slots = array(); while ($row = mysql_fetch_array($taken)) { $taken_slots[] = $row['time']; } That will give you an array of times, suitable for use with in_array(), as you have in your existing code. Give that a go If it's not working, add this immediately after you generate $taken_slots array: var_dump($taken_slots); That will show you what's in the array.

Could it be data corruption causing the query to crash? You can try the query on an identical table (Same structure, indexes and content) in the same environment and see if that works. If it does, then replacing the old table with that new one should fix it. But if that does work, I would worry about how it got corrupted in the first place.

Can you try this: $request = mysql_query($MyQuery) or die("Error in $MyQuery: " . mysql_error());

No problems A left join keeps everything in the left side of the join. So since you want to keep everything from time, that will be the left table. $taken_sql="SELECT time, date, patientID FROM timeslot LEFT JOIN appointments USING (time) " . " WHERE ( date='".$_SESSION["date"]."' and doctor_no='".$_POST["avail_drs"]."' )" . " OR ( appointments.time IS NULL) "; $taken=mysql_query($taken_sql,$db) or die("Query failed: " . mysql_error()); There are 3 changes there 1. Add patientID (minor change) 2. Change JOIN to LEFT JOIN 3. Add an extra condition so that rows with no appointments are still considered valid to return. If no rows from appointments match, then every column from appointments will be NULL in that result row. So I check one column from appointments for nullness.

So they are able to edit index.php? But all they do is change a meta tag? It seems like odd behaviour for a hacker. Is it someone you know? It doesn't necessarily require ftp access to do that. There could be many ways it's done. Can the potential hackers (probably a student I would guess) place files on the same server in some other location? Perhaps uploading via ftp, or submitting via a form elsewhere? If so, those files could be placed and then included by sending an appropriate $_GET['p'] argument. If that's the case, you can fix it by making a list of allowed $_GET['p'] values. This list can be stored in a separate file so you don't need to copy it everywhere. Then you can have your script display the default page if anything you don't recognize is requested.

For times occurring in both sets of results: $taken_sql="SELECT time, date FROM timeslot JOIN appointments USING (time) where date='".$_SESSION["date"]."' and doctor_no='".$_POST["avail_drs"]."'"; $taken=mysql_query($taken_sql,$db) or die("Query failed: " . mysql_error()); If you want times NOT occurring in both sets, then that's doable too, just ask If the query above fails, post the error message here. BTW, it makes life much easier if you add the "or die(...)" to each mysql_query(). That makes your script stop whenever there's a query error, instead of continuing and acting strangely.

What happens if someone sends a value like "../file" as $_GET['p'] ? Regarding changing the title, which part of the code are you talking about? Where is the title set? Is it the banner image?

Can you try this out: for ($i=0; $i<=11; $i++){ $this->zoneColors[$i+1] = $this->color[$i]; //var_dump($this->zoneColors); } $this->zoneColors[$i+1] = "#ffffff"; The final #ffffff will be assigned to element 12 of the array. The first 11 values (from $this->color) will be assigned to elements 1-11 of the array. Is that what you're looking for?

The parse_url() function will extract the host for you.

What is this code intended to do? for ($i=0; $i<=11; $i++){ $this->zoneColors = $this->color[$i]; //var_dump($this->zoneColors); } $this->zoneColors = "#ffffff";

Since com_id is unique, one solution is to attach com_id to each record in the form, and update by that instead of quote_id. You can add another hidden field like this: <td><? $sql = "SELECT com_id, com_name, htsus FROM commodity WHERE quote_id = '$id'"; $res = pg_query($sql); while($c = pg_fetch_assoc($res)) { ?> <input type="hidden" name="com_id[]" value="<? echo $c['com_id']; ?>"> <input type="text" name="com[]" value="<? echo $c[com_name]; ?>" size="20" > <input type="text" name="htsus[]" value="<? echo $c[htsus]; ?>" size="20" /><br> <? } Then a corresponding change to your update code: $com_id = $_REQUEST['com_id']; $com = $_REQUEST["com"]; $ht = $_REQUEST["htsus"]; foreach($com as $key => $var) { pg_query("UPDATE commodity SET com_name = '$var', htsus = '{$ht[$key]}' WHERE com_id = '{$com_id[$key]}'") or die("Error in Query: " . pg_last_error()); } I also added {} protection around the arrays used inside the string passed to pg_query(). While it's not always necessary, it does make things clearer and more robust.

Well, PHP can be involved. Revraz is saying it can't be done with pure php. What you can do is have javascript call a php script to do the update, without loading a new page. That kind of idea is called Ajax. Ajax is too complex to explain here, so if you're serious about providing that kind of functionality, I would do some tutorials. It won't take long before you can do what you're trying to do (trigger a database update based on an action such as button click or change of a combo box value.

mysql_num_rows($query) will give you the number of rows. BTW, I suggest you don't use $query for both the query itself and the result, as they are different things. Better to do like this: $query = "select * from stats order by written desc"; $result = mysql_query($query); if (!$result) die("Error in $query: " . mysql_error()); print "There were " . mysql_num_rows($result) . " rows returnd\n"; $rank = 0; while($row = mysql_fetch_array($result)){ $rank++; if ($row['user'] == "Kingy"){ echo "You are ranked $rank; $rank = 0; break; } }

Is there more than one thing you want there? It's a little unclear. 1. If the database changes, then the form should be updated 2. If the user edits the form, then the change should be posted to the database after clicking the Go button. Is that right, or is it just #2?

The simplest way would be to fetch the results in order, and add the ranks in php. I'm not sure how to do it in pure mysql.

Did you restart IE? You may need to clear the cache, as it remembers content types.

Try double-quoting the filename. You can also try text/csv instead of text/x-csv. Not sure what difference that will make.

All code should work I can guess that one of your values that you think is positive is going negative. I would first look at $this->metadatalines and $this->currline_reverse. If you find that they are not what you expected, then you can go back and look at how they were set, and see where the error is coming in. Perhaps $this->fileSize() returns 0, leading to a -1 in $this->currline_reverse

We would need more code to help diagnose it .. as for what causes the error it's as Barand says, the code is trying to access an array using a key that isn't in the array. If you want to debug it yourself, I would look at how $linedata and $this->metadatalines are set, and see if there's any funny business going on with the variables that are used to set those ones. And I would print out all those values, looking for anything odd.

Indeed. Regarding your question of where else you can get help, look here

See also this reference: http://mathworld.wolfram.com/ModularInverse.html which has this fact, important for RSA: "Every nonzero integer b has an inverse (modulo p) for p a prime and b not a multiple of p. For example, the modular inverses of 1, 2, 3, and 4 (mod 5) are 1, 3, 2, and 4." It turns out that p doesn't necessarily have to be prime, there are other conditions that are close enough to make things work.