Psycho

That query (assuming it doesn't fail) will return a singe record with a single element whcih is the number of rows that match your condition. So you just need to get the value from that first record. You can use the "normal" mysql_fetch function or you can use mysql_result() $row_count = mysql_result($sql, 0); $row = mysql_fetch_array($sql); $row_count =$row[0];

Just follow the directions I linked and you should be fine. As for the data on the other partitions they should not be touched. However, if that data is installed programs or data that installed programs are dependent upon there are no guarantees. Even so, everything as risks. I have deleted and recreated partitions without affecting data many, many times. But, I would never do that when I have important data on the other partitions that is not backed up. The cost of external drives is not that much. If the data is important to you then back it up first to protect it in the case of a catastrophic failure. Besides, hard drives do fail even if you are not reinstalling the operating system.

It's been a long time since I've done an XP install. If you want to format the C drive then you will need to chose the option that let's you do a new install (i.e. not a repair). I believe you want something that states "To set up Windows XP, press Enter". Once you've started that you should get to a screen where it asks where you want to install it. On that page you also have some basic options for partitioning and formatting. I don't believe you can reformat directly. So, select the C partition and select the option to delete the partition. After going through the steps to confirm that, then select the new unpartitioned space and select it as the location to install windows. I'm pretty sure you can do that. If not, then select the unpartitioned space and select the option to create a new partition and then select that partition as the installation location. After you proceed with the installation, the space will be formatted automatically. http://www.blackviper.com/os-install-guides/windows-xp-professional-install-guide/

Yes, it should be fine for validating that the value is a properly formatted email. It all depends. If this is for a site such as this - a public forum - who cares. Let them put in whatever they want. If this is for something like a site for business professionals then maybe not. But, is you are not going to allow some characters, how far do you take it? What about ♣, or ╨ or ║ or anything else that probably won't be in a name? Either you have to have a white list that contains only the characters you allow, which will potentially restrict someone from entering a valid name, or you have to have a black list of disallowed characters that probably won't be comprehensive anyway. And, how do you know someone has not legally changed their name to include characters such as # or @? Why not: $value = preg_replace("/\D/","",$value); if($value=='') { $errors[] = "You did not enter a phone number."; } elseif(substr($value, 0, 1) != "0" || strlen($value) != 10 || strlen($value) != 11) { $errors[] = "You did not enter a valid phone number."; }

Um, your question doesn't match your "code". You state " . . . i want to reduce both the values, until either one meets their min value allowed" But, in the variables you have $width_max_val and $height_min_val. Huh??? Then in your last example, you show that you want the results to be 219 and 400, but 219 is greater than 200 which is supposedly the min, or is it max? It just doesn't make sense. If you have a minimum for one measurement but a max for the other you could very easily have a scenario where there is no solution. But, if you really DO want to set the new measurements based upon two minimums, it is simple math. //Determine the smaller of the input to min ratio $resizeRatio = min( ($minWidth/$inputWidth), ($minHeight/$inputHeight) ); //Get new sizes based on resize ratio $newWidth = round($inputWidth * $resizeRatio); $newHeight = round($inputHeight * $resizeRatio);

Names only contain "normal" letters and spaces? What about the hyphen which is commonly used for women that retain their maiden name and append their husband's last name. What about the apostrophe for names such as D'Angelo. And then, what about people that have names with accented characters such as González? That is exactly the problem I was alluding to. Do NOT try to over validate. And never (IMO) strip out content without having a very good reason for doing so. Do you have a business reason or requirement that prevents you from allowing any name a person wants to provide? Priority #1 is to ensure the data is safe when you use it. There is nothing inherently unsafe about any input - it is how you use it that could make it unsafe. So, whenever using any input from the user think about how you are using it and determine what transformation, escaping, etc, you need to do to make it safe. Secondly, you would consider validation. For that, have a reason why you do not want to allow certain inputs for a specific value. If the value is an email address that you will be sending a confirmation email to then you definitely want to validate that it is a properly formatted email. But, be careful of over validating. I have encountered many sites that would not accept valid email addresses with the plus symbol. I would almost never bother with name validation except to ensure it isn't empty (after trimming the value of course) - unless there is a specific reason. Phone numbers could be validated to make sure they contain at least 10 numbers. That is one example of a value that I might strip out characters that the user provided. So, if the user enters 123-46-7890 or 123.456.7890 or (132) 546-7890, I might strip out all non-numeric characters, verify that it is 10 digits and then save just that to the DB. But, if you plan to support users outside North America, you might have to do some more research into an appropriate technique

Um, yes. Or no. It all depends on what you decide. But, I find it very bad to ever modify the user input without their knowledge. For all you know having something like "<apt g>" is perfectly valid in an address. As long as you properly escape data based on how it is used there is no risk. If there are characters you don't want to allow then consider them a validation error. Removing any data without the users knowledge is risking removing data that is actually valid.

So, if there are no errors you are processing the POST data and displaying the form again? Is this form for the purpose of the user to enter many records? If not, then I would suggest NOT displaying the form again if the data was valid and you have processed it. Instead, do a header() to redirect the user to a confirmation page. That will clear the POST data so a refresh will not send the data again Right, so you already have a method to escape the data for use in a query as I said "or whatever function/method is appropriate based upon what you are using" No, not exactly. But that would mess up the form field where that content was output. Let's say the user entered ""><script type="javascript">alert('hello')</script>" and your form field looked like this <input type="text" name="field" value="<?php echo $stickyValue; ?>"> The result will be: <input type="text" name="field" value=""><script type="javascript">alert('hello')</script>"> That's not too bad, but there are some pretty bad things a malicious user could do. Look up XSS attacks

That's what I thought. The point of urlencode()ing is so that the arbitrary value you're adding doesn't mix with the link structure. Very much the URL equivalent of htmlspecialchars() and mysql_real_escape_string(). Yep, my mistake. But, I found I was able to use urlencode() or rawurlencode() on a full file path with no problems. But,, passing an actual file name is a bad process in my opinion. Better to pass an ID then translate the ID to the actual file, IMO

Couple things: No need to check that $errors is empty in my opinion. Do you have a scenario where you expect that the POST variable will have a value and you don't want to repopulate the form with that value? As to your specific question, htmlspecialchars() is a function to escape content for display to an HTML page. You do NOT want to escape content using that for other purposes - such as using in a DB query. For that you want to use mysql_real_escape_string() or whatever function/method is appropriate based upon what you are using. I sometimes see people run data through htmlspecialchars() and then mysql_real_escape_string() based upon the premise that they will be extracting the data from the database later to display on the page anyway. But, that will really limit you if you ever need the data for something else. I think it is better to store data in as "pure" a form as possible and only escape/transform the data as needed based upon the context of how it is used.

I prefer to use the logic to set a style property or class in these situations. If there are only two options then I prefer the ternary operator to an if/else: while($obResults = mssql_fetch_row($saResults)) { $color = ($obResults[0] != '0') ? 'green' : 'red'; echo "<span style='color:{$color};'>{$obResults[0]} Empty Spaces Remaining</span><br>\n"; }

@AoTBuNgLe, There are two things being discussed in this thread. 1) Auto-populating a form with previously saved values.For example, if you want to allow the user to edit their profile, you would have a form, naturally. When the user accesses the edit profile page you would run DB query to get the information they previously saved then use that information to populate the form accordingly. The manner in which you do this is different based upon the type of form field. Some, like text inputs and text areas are easy: Address: <input type="text" name="address" value="<?php echo $addressValueFromDB"> About Yourself: <textarea name="about"><?php echo $aboutInfoFromDB; ?></textarea> Others like select lists, radio buttons and checkboxes are a little more involved but not terribly complicated 2) Creating "sticky" fields. This is typically done when a user submits a form and there are validation errors. Instead of having the user fill in all the information again you want to repopulate the fields with the values they entered so they only have to fix what was in error. This is done in the same way as described above except you would use the POST values rather than the data from the Database. Just keep in mind with both of the above to properly validate and escape the data. For output to the browser, htmlspecialchars() is usually sufficient. But, for Select lists, radio buttons and checkboxes you don't need to escape the data for output because the values shouldn't be used for output to the page but to determine whether to check the field or not. Do some googling for something like "php sticky fields" and you should be able to get started on whichever one you are wanting.

Not to be demeaning, but that is ridiculous. Is your company's business based on taking "screenshots" of websites? If no, why would you go through the expense of creating such a thing when you can buy a solution for less than it would cost to build one? Plus, with a solution you buy there are many other people using the solution. So bugs are found quicker and the company providing the solution has a vested interest in updating and maintaining the solution. The bottom line is that it will not be cost effective for you to build your own solution and I will guarantee it will have bugs because of the sheer complexity you would encounter in web pages. But, if your company thinks it is worthwhile, sure, what the heck. Job security, right.

Yes it can be done. But, the issue is how long will it take (months, possible years based upon your skill-set) and the quality of the solution. These solutions (at least the ones I've worked with) don't actually take a "screenshot". They work by passing the raw HTML source code (including stylesheets) to an internal parsing engine that draws an image representing how the HTML page would be displayed in a browser. As you may know, the same page does not necessarily look the same in all browsers. So any solution is only going to be as good as the parsng and drawing logic. If you really want to build your own HTML parsing logic - go for it.

For what it's worth, you could consider creating your configuration file in the same structure as a PHP ini file and then use the PHP function parse_ini_file() to read the settings into memory as an associative array. There is also a user contributed write_php_ini in the user comments for writing the ini file. Personally, I would write the file in a way that is easily readable by a human.

You should use urlencode() on any value being used as a parameter on the url, then use urldecode() on the value received from the $_GET parameter. This will handle any spaces (which are valid in a file name) or any other problematic characters. BUT! You should absolutely do a check that the file name passed is safe. A user could pass malicious data to make your script to load a file you do not want them to.

Maybe this is a stupid question, but I see you are using the include() within a string concatenation for an assignment. You "can" create an include file to return data, but that is not a very common use of include files. So, did you set up that include file to "return" data rather rather than "echoing" it? If not, it will not work how you expect it - once you get the errors resolved.

I think there are two problems here: 1. You have single quotes around the value in your URL as requinix pointed out. That would be preventing your query from running correctly because your docid, I'm assuming, does not actually have quotes in it. This is also the precursor to the second problem. 2. It sounds as if you actually took some time to try and debug your code by doing a print_r() of the $_GET global array. And that is the second problem. The $_GET global variable is always an array even if there is one value. Heck, it's still an array even if there are no values. So, the fact that is is showing up as an array isn't a problem. But, then again, those quote marks may be creating a second parameter as an array - kinda hard to tell from your query. But, solving problem #1 is probably all you need to do.

Ironically, on the link he provided that W3S page also uses filter_var().

Here are a couple of quotes from people that no one could accuse of being amateurish: Paul Graham (co-founder of what become the Yahoo! Store and known for his work on Lisp) Eric Lippert (principal developer on the C# compiler team)

Yeah, like the developer of the "I Am Rich" app for the iOS which " . . . displays a glowing red gem on a user's iPhone screen for the sole purpose of proving to onlookers one is of the moneyed class. That's all it does." That app sold for $999.99! and actually sold eight copies before Apple yanked it. http://www.foxnews.com/story/0,2933,399461,00.html Hold the press: Looks like there is now an Android version. But, it is selling for the ridiculously low price of only $200. Get yours now before the realize what a steal they are giving away. https://play.google.com/store/apps/details?id=com.lazycoder9000.iamthe1percent&hl=en Anyone want to team up with me to build a superior app? I'm thinking along the lines of "I am Richer" or "I am the Richest". We'll build it as a replacement notification sound that makes the "cha ching" sound.

That makes a lot more sense than changing the counter field to a number type.

And what is the problem - exactly? I do see that on each page load you are generating a new random number, so the chances of someone ever correctly guessing the number is slim to none

Obviously $json->results[0]->address_components is not an array. I can think of a few problems to look at: 1) $result does not contain the values you think it does (i.e. 'id', 'St', 'City', etc.) 2) $address is not formatted the way it needs to be 3) file_get_contents() is failing. Check that the address you are specifying is correct and that file_get_contents() can retrieve those contents 4) The results of json_decode($gsend) does not contain the array you think at $json->results[0]->address_components Check all of the above and I'm sure you'll find the error

Because $i + 2 does not increment $i by 2. It only Adds $i and 2 and leaves the result on the stack. I.e. it doesn't do anything. Use $i += 2 $a = array("a","b","c","d","e","f"); $b = array(); for($i=0;$i<=count($a);$i+=2) { $b[$a[$i]] = $a[$i+1]; } print_r($B);