Psycho

If you are hot-linking to that content, then encrypting the link does make sense. If you are copying the content to your server, then encrypting does not make sense. So you have people copying the content that you are stealing? Encrypting the link will do nothing to prevent that.

What is that supposed to mean? Can you provide some code of what you have and explain what you are trying to do?

Sorry, RedArrow, but I don't see it that way. The OP ask the wrong question because, according to his own admision, he is not "tech savy". In such a situation asking a person to clarify the reason for their need is appropriate as they may be asking for something for the wrong reasons. in the first post the OP said he wanted to prevet hot-linking, then later he said that is not what he wanted, then in reply #12 he is asking for that functionality again. There are legitimate reasons for encrypting a link, as you already stated, but I don't know that those have anything to do with what the OP is needed. If he was to state what he needs, and why, an appropriate solution could have been had without going to two pages in this thread.

Look at the page I linked to. In the comments below the tutorial there are examples with that exact functionality.

No, you would call tyhe function like this: validateAmount (IRate.value) Assuming "IRate" is an object reference for the field. You would need to create a trigger such as onblur, onchange, onsubmit, etc. And also have proper alerts or functions to handle if the response is negative. You didn't post any code so I can't offer any suggestions on how to best implement this - I jsut created a function that will return true/false based upon the parameters you asked.

Well, of course it is. In page 1 you have a loop that is creating the fields for each record. But, you are ony creating an array for the "ticked" checkbiox field. For all the other fields you are simply creating a duplicate field - so the last itteration of the loop determines the values. You need to create arrays for all of those fields as well and then iterrate through all the fields using a counter: <?php $query = "SELECT i.drug_id,i.branch_id, d.drug_name,i.total_stock,i.reorder_level, s.supplier_name, i.status FROM drugs d, supplier s, branch_items i,branch b WHERE d.supplier_id=s.supplier_id AND d.drug_id=i.drug_id AND b.branch_id=i.branch_id AND i.total_stock<=i.reorder_level ORDER BY total_stock"; $result2 =mysql_query($query) or die (mysql_error()); echo "<BR><br>"; echo "<b>Minimum Stock Level Met - Reorder Needed</b><p>"; echo "<form action= conorder.php method=POST>"; echo "<table border='1'>"; echo "<tr> <th>DRUG ID</th> <th>Branch ID</th><th>DRUG NAME</th><th>STOCK</th><th>REORDER LEVEL</th><th>SUPPLIER</th></tr>"; while($row = mysql_fetch_array( $result2 )) { echo "<tr><td>"; echo "<input type='hidden' name='drug_id' value='$row[drug_id]'>"; echo $row['drug_id']; echo "</td><td>"; echo "<input type='hidden' name='branch_id' value='$row[branch_id]'>"; echo $row['branch_id']; echo "</td><td>"; echo "<input type='hidden' name='drug_name' value='$row[drug_name]'>"; echo $row['drug_name']; echo "</td><td>"; echo "<input type='hidden' name='total_stock' value='$row[total_stock]'>"; echo $row['total_stock']; echo "</td><td>"; echo "<input type='hidden' name='reorder_level' value='$row[reorder_level]'>"; echo $row['reorder_level']; echo "</td><td>"; echo "<input type='hidden' name='supplier_name' value='$row[supplier_name]'>"; echo $row['supplier_name']; echo "</td><td>"; echo "<input type=checkbox name=ticked[] value='{$row['drug_id']}'>"; echo "</td></tr>"; } ?> <?php if (isset($_POST['ticked'])) { echo "chosen<br>"; echo "<table border='1'>"; echo "<tr><th>DRUG ID</th> <th>Branch ID</th><th>DRUG NAME</th><th>STOCK</th><th>REORDER LEVEL</th><th>SUPPLIER</th><th>Status</th></tr>"; for ($i=0; $i<count($_POST['ticked']); $i++) {//as $drug_id){ echo "<tr><td>"; echo $_POST['ticked'][$i]; echo "</td><td>"; echo $_POST[branch_id][$i]; echo "</td><td>"; echo $_POST[drug_name][$i]; echo "</td><td>"; echo $_POST[total_stock][$i]; echo "</td><td>"; echo $_POST[reorder_level][$i]; echo "</td><td>"; echo $_POST[supplier_name][$i]; //echo "</td><td>"; //echo $_POST[reorder_quantity][$i]; //echo "</td><td>"; } } ?>

I don't expect anyone to be a "guru", but I do expect them to take the time to ask a question properly when asking for help. If I was paying for support I might not be very dilligent in my preparation, but when it is free I make sure to at least do some due dillegence beforehand. If I don't know how to properly state something I will make it clear. If you don't know/understand the technical terms for what you need then just explain them in plain English. And, now that you've stated what you REALLY want to accomplish - it is clear that encrypting is not needed. How To: Hide The Real Url Of Your Images - using php http://www.trap17.com/index.php/how-hide-real-url-images_t24561.html I'd still be interested in knowing why you think you need to do this. It doesn't stop anyone from hot-linking and it doesn't protect your images in any way.

You know I changed my sig recently because of problems such as this. The purpose (i.e. "want") in your post was to prevent hot-linking. Why on earth would you even say that if that wasn't what you wanted? I changed my sig recently exactly because of this type problem. Take the time to ask a proper question and you will typically get the solution needed on the first or second response instead of wasting everybody's time. Anyway, yes you can use an encryption algorithym. Although it would be helpful if you stated the purpose for needing this as it may determine the best solution.

I don't think you are looking at it correctly. The IF statement was change to use mysql_num_rows(). So if the query finds 1 or more banned records, then mysql_num_rows() will be greater than 0. IF the ip is NOT in the banned records list then the result of mysql_num_rows() will be 0. if(mysql_num_rows($banquery) == 0) {//Check for banned ip //Number of records from banned IP list matching this IP was 0 not banned do this.... } else { //Number of records from banned IP list matching this IP was > 0 //In other words, the ip exists int he banned records list if banned do this.. }

I don't see anything inherently wrong with using the same page as long as you ensure the process prevents unauthorized process. Something like: <?php if ($edit_ID == $thisUser_ID || $thisUserAdmin == true) { //allow the edit } else { //don't allow the edit } ?> Of course you need to make the same check on both the form page and the processing page.

That's all well and good, but the encryption does nothing to prevent hot-linking. It is only process of checking the request URL that will prevent hot-linking.

There is no INSERT in that code - no way it could insert a blank line. Although, the logic in the IF staemetn needs to be reversed to work correctly if(mysql_num_rows($banquery) == 0) {//Check for banned ip

Then why the hell are you asking in the JavaScript forum?! Are you really that inept that you can't type "php barcode generator" into Google? Many different solutions available. Sheesh!! Doesn't anybody have a freakin clue?

Ok, I just took a closer look at the source code on that page and it does appear to be generated with Javascript. Not sure why you can't see the source code. Anyway, the comments state:

Well, I would expect that any barcode generator is actually creating an image, so it would be done server-side, not with JavaScript.

You have no WHERE clause on the query and you have to extract the data from the result set (or in this case just do a record count) <?php if (isset ($_POST['submit'])) { $ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); $banquery = mysql_query("SELECT ip FROM banned WHERE ip = '$ip'"); if(mysql_num_rows($banquery) !== 0) {//Check for banned ip not banned do this.... } else { if banned do this.. } } ?>

I think the point was that it would take less time to test it than to ask in a forum.

msplink is not used to prevent hot-linking it is used for tracking purposes. Even if you did encrypt the URL how would that prevent hot-linking, the person could hot-link using the encrypted URL. To prevent hotlinking you can use either the mod-rewrite or another function like the one I posted. They work the same way - prevent access to your images from pages outside your domain. But, they are very flexible in that you can replace the image with a substitute or allow access for some domains and not others, etc.

You can't use MD5 on the link. As already stated MD5 is a one-way hash, not an encryption. So, you would have no way of knowing what value was "really" passed. If you need additional security to "feel safer" then I would guess you are not to sure of your security to begin with. I would have absolutely no problem with someone putting whatever info they wanted on the URL even when I use GET data because I always validate. For any admin pages the first thing you shoudl do even before grabbing the GET data would be to validate that the user should even be accessing the page to begin with. If not, kick them out to another page. Yes, there are situations where a person may be an admin but may not have rights to edit ALL records, just do that check before you do anything with their supplied data. Validation and Error Handling

Heres a page with code to prevent hotlinking: http://www.safalra.com/programming/php/prevent-hotlinking/

ANY data from the user must be validated. That includes GET, POST and COOKIE data. There is nothing wrong with using GET data to drive your pages. You just need to validate. For example, if the page is looking for a product ID to display the product details you would first want to validate that the value is an integer. Then you would do a query using the ID (for text values you would also escape the value for SQL injection, but that's not needed if you validate that it is an int). Now, if accessig that product description requires proper access then you would want to authenticate as well.

function validateAmount (value) { if (isNaN(value) || value!=Math.round(value)) { alert('The value must be an integer.'); return false; } else if (value<1 || value >100) { alert('The value must be between 1 and 100.'); return false; return true; }

Fine. Go ahead and use bad practices. Use this on your processing page. $send_to = trim($_POST['mailto']); if ($_GET['out']=='Int') { $send_to .= ';me@work.com'; }

It depends on what was installed on the server. Could be it supports PHP, Python, or any number of server-side languages.

Well, I took your code and it works for me - after I created a class called "currentTab"