Psycho

Your problem has nothing to do with PHP or the database - it is an HTML error. You are not putting the values of the HTML parameters in quotes. If a parameter value has no spaces in it this will work, but is still a bad idea. But, in this case the value of the 'value' parameter has a space in it. So, when the user's browser is reading the code it assumes the space is the end of the value. The result of the code you have will be something like: <td width=50% align=center><input type='text' size=50 value=steve jobs></td></tr> What you want is <td width='50%' align='center'><input type='text' size='50' value='steve jobs'></td></tr> Change the code to echo "<td width='50%' align='center'><input type='text' size='50' value='".$row['NAME']."'></td></tr>";

The line above it is missing a semi-colon at the end No, the query is JOINing the post table (clanovi_njihovi_parovi) with the user(?) table (clanovi_njihovi_racuni). But, it only JOINs the post records that have a date of today. It then GROUPS the records and dynamically assigns a value to the variable post_count.

There were some things in an inefficinet order, so I made other changes as well <?php $postLimit = 2; // upis para if($_POST['tim1']!="" and $_POST['tim2']!="" and $_POST['tip']!="" and $_POST['kvota']!="" and $_POST['link']!="") { $ip = $_SERVER['REMOTE_ADDR']; $tim1 = str_ireplace(array("\"", "'", ""),"", $_POST['tim1']); $tim2 = str_ireplace(array("\"", "'", ""),"", $_POST['tim2']); $tim1 = ucwords(strtolower($tim1)); $tim2 = ucwords(strtolower($tim2)); $tip = str_ireplace(array("\"", "'",""),"", $_POST['tip']); $kvota = str_ireplace(array(","), ".",$_POST['kvota']); $link = str_ireplace(" ", "", $_POST['link']); $prvoslovo = str_ireplace("http://www.flashscore.com/","#", $link); $linkDozvola = ($prvoslovo[0]=="#"); if(!$linkDozvola) { echo "alert('Vas link je neispravan. Link utakmice kopirajte sa www.flashscore.com .')"; } elseif($kvota99.99) { echo "alert('Kvota vam nije u opsegu od 1.01 do 99.99 .')"; } else { $racun = $_SESSION['liga_user_id']; $query = "SELECT cnr.klikovi, COUNT(cnr.id) AS post_count FROM clanovi_njihovi_racuni AS cnr LEFT JOIN clanovi_njihovi_parovi AS cnp ON cnr.id = cnp.racun AND cnp.datum=curdate() WHERE cnr.id='$racun' GROUP BY cnr.id"; $result = mysql_query($query); $row = mysql_result($result); $klikovi = $row['klikovi']; $postCount = $row['post_count']; if($klikovi<3) { echo "alert('Nemate dovoljan broj klikova za unos para(minimum je 3 klika po paru).')"; } elseif($postCount >= $postLimit) { //Limit met echo "Upoznala si maksimalno post count za danas"; } else { $query = "INSERT INTO clanovi_njihovi_parovi SET racun='$racun', ip='$ip', datum=curdate(), vrijeme=curtime(), tim1='$tim1', tim2='$tim2', tip='$tip', kvota='$kvota',link='$link';" $result = mysql_query($query); $query = "UPDATE clanovi_njihovi_racuni SET klikovi = klikovi-0 WHERE id='$racun'"; $result = mysql_query($query); echo "alert('Vas par je prihvacen')"; } } } ?>

That could be because the two values are not equal. What are the values of $nameFull and $slug that you think should be compared as equal? Try this: while($line = mysql_fetch_assoc($results)) { $nFirst = $line['nameFirst']; $nLast = $line['nameLast']; $nameFull = "{$nFirst} {$nLast}"; echo "nameFull : $slug \n"; //Output the values to compare visually } Even if two values "look" the same they may not be. There can be non-printable characters in one. The best way to verify is to use var_dump() on a value to know exactly what it contains.

You should not store datetime values as a PHP timestamp in your database because you think the database timestamps in the format "YYYY-MM-DD HH:MM:SS" look weird. The database has a lot of powerful functions for working with date/time fields. By storing a numeric timestamp you make it difficult to impossible to use those functions. The data is not stored for human consumption. There are many methods to convert the time however you wish. For example, if you do need to convert that DB timestamp I don't know what you are trying to do in this code. But, if you wanted to only return records that were less than 5 seconds old you would have to query all of them and then throw out ones you didn't want in PHP logic. That is a waste. Heck, if you just needed to have some text associated with each record based upon whether it was 5 seconds old or not you can do that with your query as well - no PHP code necessary.

And if there are problems in instantiating/setting up the class you will have problems with anything else within the class. I can't believe you are not getting errors since you are not even passing the required parameter to the class.

You really need to be more specific as to what your concern is. Your request is way too broad to really answer. You state you want to " . . . avoid different problems (internet connection)". How are you storing the results as the user takes the exam? Is the user answering one or a few questions at a time? If so, just save their responses on each page. Then if they lose connectivity and come back you know where to take them in the process. If, however, you have the exam all on one page, then you could use AJAX to submit the user's response as they answer each question. Basically, there is no one solution. The best solution can only be determined by understanding the specific workflow and needs.

The method 'FileStorage' is the constructor for the class. It has two parameters: $path and $shoutLog. The $path parameter is required. When you instantiate the class you must pass at least that first parameter. It looks like it is used as a sub-path within the folder 'logs' for storing the log files.

A couple other notes on your code first $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'"; This tells me you are storing the actual password in your database. This a very bad idea. You should only store a hash of the password. if($password == $passwordtext) This makes no sense. For one $passwordtext has not been defined. Plus, your query already verifies that you are getting the correct record. $_SESSION["userid1"] = $id1; Same here. $id is not defined. It looks like you are assuming there will be variables from the results of the DB query without ever extracting them. header("Location: http://.htm"); // redirects Mkay, so you want to redirect them. To where? Do you have a page defined as the user's 'private page'? Do you want an actual URL for each user? You could just create a page such as 'http://www.mysite.com/user.php' and get the user id from the session data to show them their details.

Nope, it is sorting in alphanumeric order. A '3' comes before '6'. This tells me that you have the 'id' field set as a varchar or some other non-numeric (i.e. text) type. Your ID field should be changed to an INT (integer) type so that it knows to sort in numeric order. What does the following query return SELECT DATA_TYPE FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name = 'attendance' AND COLUMN_NAME = 'id'

Your JavaScript function doesn't have anything that would open a new page - or you didn't provide the right javascript. What you can do is change your FORM tag to have an onsubmit trigger that will call the JavaScript to open the new page. That function should have a "return true;" at the end - assuming everything was good and you want the page to open. The FORM tag would look like this: <form action="insert.php" method="post" onsubmit="return doSomthing();" > When the user submits the form, it will first call the doSomething() function. Then, if a true response is returned, the form will POST to the page listed in the action parameter.

Even then you don't need separate folders. But, it at least has some reason for doing so. You can just as easily store all the uploads in a single folder with a unique name.

Yeah, your request is a little vague. But, my guess as to what you have stated is that you can have the Submit button post the form to a PHP page to do the database updates or you can have it use JavaScript to redirect to a URL, but you are having trouble accomplishing both. You can certainly do both by having JavaScript post the data to one page and then having the JavaScript redirect to another. But, in my opinion, that is entirely unnecessary. JavaScript is great, but I think it gets overused. I think you can accomplish what you are after by using the Submit button normally. Then on the page that receives the POST data, perform all the functionality you are doing now - THEN use a header() function in the PHP code to do the redirect. Then again, you may just include() the other page. Without understanding the workflow it's difficult to say what would be best. For example, let's say you are on a form to add a user. And, when the user submits the form, you want the data to be saved to the database and then take the user to the page that lists all the users. If it was something like this, then you can have the new user form simple submit to the displayUsers.php page. Then on that page you could have some logic such as this: if(isset($_POST['username'])) { //Include php script to process form data include('addUser'); } //Continue with code to display users

NEVER trust ANYTHING coming from a user. This includes the global vars $_POST, $_GET, $_COOKIE. Even $_SERVER has some values that can be spoofed. Plus, don't assume a user can't directly access a file because they don't know the name. If you have any files that are only included in other files which are within the public folders of a site, you need to ask yourself what would happen if a user was to access the file directly. Any files with sensitive information should be stored outside the public folder. For example, if the root of your site points to a folder called 'mysite', then put files that are included one level up. E.g. |-mysite (root of the site: www.mysite.com) | |-aboutus | |-contactus | |-ourproducts | |-includes (not within the accessible root) |-classes (not within the accessible root)

What is the field TYPE for the 'startdate' in the database? As I previously pointed out, you stated the value in the DB is in the format d/m/y, which would mean you are not storing the data correctly. Most likely you are storing it as a string. Int hat case you cannot use the DATE functions within MySQL. Store the data correctly and the query will work.

Just change the logic to your processing code. If the status does not equal close, then don't update the close date. Also, the code for setting the status has a flaw since it would allow any value - not just the value you have on the form. You need to validate ALL date being sent from a user. $konek = mysql_connect("localhost","root","") or die("Cannot connect to server"); mysql_select_db("test",$konek) or die("Cannot connect to the database"); $status = ($_POST['status']) ? $_POST['status'] : ''; $lead_close = ($status=='Close' && $_POST['lead_close']) ? $_POST['lead_close'] : ''; $query = "UPDATE public SET status='{$status}', lead_close='{$lead_close}' WHERE id='1'"; mysql_query($query);

If the date in the database is in the format mm-dd-yy, then it is not being stored as a date type. You need to change the field to a date type then store them in the format yyyy-mm-dd. When storing as a date you can then use all of the MySQL date functions to do whatever you need to do with those values. In this case your query would be very simple SELECT * FROM Persons WHERE DATE(startdate) = NOW() No PHP code will be needed to calculate today's date - MySQL will do that for you. Then you can do one of two things. 1) You can retrieve the value in the format yyyy-mm-dd and then use PHP to translate it into the format you want: while($row = mysqli_fetch_array($result)) { $startdate = date('d-m-Y', strtotime($row['startdate'])); // . . . } 2) You can have MySQL format the date automatically in the query. You can only do this if you are actually storing them as a date type in the correct format [coed]SELECT *, DATE_FORMAT(startdate, '%d/%m/%Y') AS formattedDate FROM Persons WHERE DATE(startdate) = NOW()[/code] But, all of that is unnecessary. As long as you are correctly retrieving the records for the current day, you already know what the date is. As to why this was not working for you. The PHP date() function has specific parameters for formatting the date. A 'y' (lowercase) is the two-digit year, whereas the 'Y' is the four digit year. Don't just guess what to put into a function - check the manual. It is pretty easy to follow: http://us3.php.net/manual/en/function.date.php

mysql_real_escape_string() is for string data. Based upon your usage, the user provided value is an ID. If that ID is an integer, then use intval(). Always use the right method of escaping data.

I'll also offer the following observation. The 'output' for the form is nested in quite a few if() conditions. If any of those conditions are false, the form will not be generated. But, there are no else conditions to let you know if something failed. In this case, this condition is failing if($item_no != 0 && $_POST['gesendet'])because $item_no had not yet been defined.

I'll start with a suggestion. Do not intermingle the HTML and the PHP logic. Put all your PHP code at the top of the page (or in a separate file). Use the logic to create the output into variables, then just output the variables within the HTML. Makes it much easier to debug the code and makes it more flexible. Also, I'm seeing several errors: if(result)There is no dollar sign for the variable. <div id="header"No closing carat </div>'No ending semi-colon

Yeah, Comet is the push service I referred to previously. Not sure how you would implement that with each user potentially having different records on their page though.

Yes, but how you store the data in the cache file is up to you for whatever is most expedient. Typically you want to store it in a structured format such as XML or JSON and pass that to the JavaScript which updates the actual HTML. But, in this case, it may be better to take the data and create the actual HTML and store that in the cache. Maybe, but see my comments at the end. Possibly, especially if you are updating it often and having a lot of hits. But, there are methods to lock the file until a user is done reading it. So, at worst, there might be a slight delay in updating the cache if another user is reading the content. I don't have any specifics on how to do this - but I'm sure a Google search will give you some pointers. will checking the creation time of this file and loading this file really be much quicker than just reading the database?Should be. Every time you load a web page the web server has to read all the PHP files, right? If you're not sure, test it. Create a loop to 1) run a query to get the records vs 2) reading the data from a cache file - then compare the times for each. Having said all that, one of the responses you provided may control the best decision If you are only showing 10-15 records, would all users be viewing the same 10-15 records or will they be different? If they are the same, then I would go with the cache file and storing the actual HTML content in the cache. Then you can just pass the contents directly back to the JavaScript and update in the page. However, if users can be viewing different pages of records, then you would want to store the data in a structure format such as XML or JSON. Then you'd have to parse that data to pick out the records that need to be sent back to the client. If you only have a total of 100 records, this still might be more efficient. But, at some point the cost of parsing the cache file would be greater than a DB query. The only way to find out is to test.

Not knowing all the details about the situation and "how" data can change it's difficult to give definitive answers. Yes. Pass a timestamp to the PHP page. When the query is run only get records that have changed. If no records are returned, then you know there is no new data. Yes, see above. But the trick is in using that information to only update the records that need to be updated. Again, not knowing what the data is ot how it can change it is difficult to really provide a good response. Are you only dealing with new and changed records? What about deleted records? What happens where there are n records? Etc., etc. Yes, use a cache file. Yes, it is possible to implement a "push" implementation with JavaScript. I've never done it myself - only read about it. Here is what I would suggest. Modify the data.php page as follows: 1. Define a cache file 2. Check to see if the cache file exists and, if it does, when the file was last updated. 3a. If the file does exist and is less than n seconds old read the content of the cache file and return to the browser (in this case the JQuery call) 3b. If the cache file does not exist, or is too old, run the query to get the new data. Then process that data into the necessary output and save to the cache file and pass back to the browser. Now, if you have 100 people with the page open, you will only be running a query once every 20 seconds for all the users. All the other times you will simply be reading the cache file and returning back to the user. With this process you can probably reduce the refresh period without putting too much load on the server.

Why are you going to create a directory? Just have one directory and put all user profile images in there.

You should not create files/folders based upon user input. That could lead to problems from malicious input. Here is one possible solution. There's no reason to create folders anyway. Just put all images into one folder and name them according to the user ID or something unique to the user that is not directly input by the user. For example, you could use the hash value of the username. Then, when the user uploads their image save it named per one of the methods above. You don't even need to save the image name/path in the database. You could save a boolean to state whether the user had uploaded an image or not, but you could also determine that without a DB query by checking if an image exists for the user by the naming format.