akitchin

... by only choosing to display an image for files with an image extension.

you can check the extension of a file using strrchr on the filename.

i didn't realize you had the opening table tag being echoed within the while() loop as well. move it out of the while() loop. i'm not going to give you the code because frankly, i think you need to learn how while() loops work for yourself.

you should really look at the PHP manual under while() loops and for() loops to understand what they do: while() for() you're running a for() loop every single time the while() loop runs. this will force it to run three times for EACH item, and that's why you're getting 3 of the same image per row. you can drop the for() loop altogether, and just increment $i at the end of the while() loop: $i = 0; // Loop through the files while ($file = readdir($dir_handle)) { echo '<table border="1"> <tr>'; if( $i % 3 == 0 ) { echo '</tr><tr>'; } if($file == "." || $file == ".." || $file == "jhey.js" || $file == "uploaded.php" || $file == "index.php" ) continue; echo "<td><center><img src =\"$file\" width=\"96\" height=\"96\"><br /><br></td>"; $i++; } echo '</table>';

you set $i to 0 before the while() loop is running, then increment $i on each iteration of the while() loop.

first off, you should be using quotes to surround your attributes in the HTML form: echo "<form method='post' action='$PHP_SELF'>"; echo "<table border='0' width='100%'>"; second, in order for the htmlentities() to work, you will need to run it against both your POSTed data and the answer that you select from the database. try running it on both variables and comparing them to see what you get. otherwise, it could be that you still have backslashes in your database.

alright, at this point it's worth looking at the form code. are you using select boxes, or are you using text inputs?

i'm surprised nobody has asked you this, but have you tried echoing the contents of POST? echo '<pre>'.print_r($_POST, TRUE).'</pre>';

you can use the function get_magic_quotes_gpc to check whether the setting is on or off by default, and addslashes only if it isn't on: $opt1 = (get_magic_quotes_gpc() == 0) ? addslashes($text) : $text; that example uses the ternary operator, so if it doesn't look familiar, have a look in the PHP manual about it. essentially that first set of parentheses contains the conditional for a simple if-else loop. the statement before the colon is what is returned if the conditional is true, otherwise it will return the latter. i should note that after doing a bulk UPDATE to get rid of the slashes, you may consider adjusting your script to use mysql_real_escape_string to escape data rather than addslashes.

if you've been using slashes correctly, they should not make it into your database. the point of escaping is to tell MySQL that those characters are literal, with no additional meaning, such that MySQL will insert them into the table as-is. when it does so, it drops the escaping backslash because it no longer needs it. in essence, \" translates to " upon insertion. if you've got backslashes in your database, it means you've run it twice (such that you're actually escaping the backslashes as well as those characters). if you do have backslashes in your database, the easiest way to eliminate them is by running an UPDATE against the column: UPDATE table SET column = REPLACE(column, '\\', '') keep in mind that this will remove ALL backslashes from all of that column's values, simply because it can no longer differentiate between the backslashes present in the original string and ones that were added by addslashes(). once that's done, you can just move the data over by passing it through mysql_real_escape_string() as you normally would with POSTed input. keep in mind that you require a database connection before using mysql_real_escape_string() because it is context-sensitive.

i've got one laptop that i use most. one work laptop (that i avoid using for anything other than work). two desktops (a newer one that i rarely use anymore, and an older one that i need to toss as soon as i get off my lazy ass and nab the data from it).

how are you calling the function? are you just calling it as get_headers() without any parameters? if so, that's likely the problem since the first parameter in the function is required.

you seem to ask a lot of questions that others simply google for you..

Thanks Wildteen. That's where I reckon I went wrong. actually, i would suspect where you went wrong was in purchasing an acer laptop

there is a stickied topic on book suggestions. please view that thread.

glad i sold YHOO when i did (a couple of months back) - the deal ended up dropping the stock about 15% on its announcement.

i think that's all there is to see here. move along, folks.

for the record, the expression is "i COULDN'T care less." when you say "i could care less" it implies being capable of caring less than you currently do, which means you care at least a little bit.

i should point out that PHP_EOL is usually a better solution than "\n" as the newline character may change depending on your server. just a thought.

sorry - i didn't realized you'd posted the entire snippet above, as i kept referring to your second reply which had only those two small chunks repeated twice. the issue is that nothing is being echoed when the condition you've mentioned is met - all the echoing, etc. that takes place in the snippet is nested within the else {} block. track your braces and check that they are matching what they should.

from the manual for mysql_real_escape_string: have you opened a database connection by the time this segment runs, and if so, have you left it open or have you manually closed it with mysql_close()?

the reason is because when you close the center tag, it automatically forces the subsequent content to go onto a new line - it doesn't make sense for the content to left-align on the same line as the centered one, as you may get overlap and the content wouldn't be in the proper order.

it's possible that this is related to number_format() spitting out a string rather than a numerical type, probably due to the comma thousands separator. perhaps you could perform the calculation on the numbers without using number_format() and see if that fixes things.

my mistake - may need to set display_errors this way: ini_set('display_errors', 1); give that a shot. if that doesn't work, i would suspect it's mysql_real_escape_string() causing your grief.

if you're getting a blank page, it is almost invariably due to a warning that halted the script before it could pass the output to the browser. are you sure you turned on error reporting at the very top of the script?