[source of form submit]

I had to edit this post because I read it wrong. I know what you're saying now.

 

Sorry, kritical is right. It is complicated... but u can try making the form page set a URL cookie like this:

 

setcookie("url", $_SERVER['SERVER_NAME'], time()+3600, "/directory_of_your_form_and_form_processor/", ".domain.of.your.site.com");

 

And then on the page which processes your form info, write this:

 

if ($_COOKIE["url"]=="")

{

echo "You did not use the correct page";

exit;

}

else

{

//...rest of form goes here

}

[include() problems]

Show me an example of what you're trying to do.

[Hmmm, it's probably obvious, but I can't figure it out...]

Writing my own.

[Wow... I guess I'm not as experienced as I thought ;)]

I have another weird question.

 

I'm making a forum right now for a friend's site, so how do make replies for other replies on a forum? It has something to do with "parent", but I'm not exactly how it works.

[Hmmm, it's probably obvious, but I can't figure it out...]

Hmmm..... not sure if I understand that. Could u maybe show me an example?

[Hmmm, it's probably obvious, but I can't figure it out...]

So basically I'm trying to create a forum... and I've figured almost everything out except for this. Ok, so you know how the home page has all the categories listed? Then under each category is a topic (or sub-category)? How do you list categories, and its sub-categories? Is it an SQL statement, or a PHP script?

[PHP SQL injection]

Does the pg_escape_string handle HTML characters, such as <, >, and &?

[PHP SQL injection]

Haha thx. I'm using Postgres, so what should I use in place of mysql_real_escape_string()?

[PHP SQL injection]

Hmmm... there are several ways to prevent an SQL injection... but, is there a more efficient ways than this:

 

$formData=$_POST['formData'];

$formData=str_replace("'","&#39;",$formData);

$formData=str_replace("\"","&#34;",$formData);

$formData=str_replace("<","&#60;",$formData);

$formData=str_replace(">","&#62;",$formData);

$formData=str_replace("$","&#36;",$formData);

 

 

I'm looking for a shorter method than this. I want to block potential HTML, database, and server-side hacks.

 

Thanks!

[PHP SMTP config]

Are there any good (and free) alternatives to IIS6 SMTP server?

[PHP SMTP config]

Hmm... I can't seem to figure this out. I have PHP5 set up with IIS6 and everything works great, except I can't get the SMTP feature in IIS to work.

 

This is my PHP.ini configuration:

 

SMTP = localhost

smtp_port = 25

sendmail_from = localhost

 

But... I get the following error:

 

Warning: mail() [function.mail]: Failed to connect to mailserver at "localhost" port 25, verify your "SMTP" and "smtp_port" setting in php.ini or use ini_set() in E:...email.php on line 44

 

[Syntax question]

Is there a PHP condtional statement that uses something similar to "like"?

 

if ($string LIKE "text")
{
   do this;
}

 

[PHP5 and Postgres.... not working at all. PLZ HELP!]

Gotcha. I thought you were referring to the ini file. Maybe I don't know what compiling is. All I usually do is download the Windows ZIP file, and extract it to c:\php, then edit the php.ini file.

 

Do you mean compile from source?

[PHP5 and Postgres.... not working at all. PLZ HELP!]

What .configure line?

[PHP5 and Postgres.... not working at all. PLZ HELP!]

Thx for the fast reply. Hmm, I'm not very familiar with DB connections I guess.

 

PHP 5.1.2 w/ PostgreSQL

Win2k Adv Server (IIS 5.0)

 

Yeah I compiled PHP myself, since the installer always fails.

[PHP5 and Postgres.... not working at all. PLZ HELP!]

Previously, I had my server set up with PHP 4.4.4 and PostgreSQL 8.1, and I had no problems at all. I got a new server today, and I installed the latest PostgreSQL (8.2) and PHP 5.2.1. For some reason though, I keep getting errors... like PHP doesn't recognize the Postgres database.

 

I get errors like these:

 

Warning: odbc_connect() [function.odbc-connect]: SQL error: [Microsoft][ODBC Driver Manager] The server appears to be not available., SQL state 08S01 in SQLConnect in D:\...index.php on line 32

 

Warning: odbc_exec(): supplied argument is not a valid ODBC-Link resource in D:\...index.php on line 23

 

Warning: odbc_fetch_row(): supplied argument is not a valid ODBC result resource in D:\...index.php on line 24

[PHP cookies not working]

Hmm I noticed something though. The cookie only sets if I don't have header() on the same page. Why is that?

[PHP cookies not working]

Ok, so I'm making (or I guess... attempting to make :D) this login system using PHP. The login script, assuming the user is successfully authenticated, will generate a cookie with the username and a cookie with the password.

Here is part of the validation script:

[code]
if($_POST['password'] != "$password")
{
header("cache-control: no-cache, must-revalidate");
header("location: ../user.php?content=l&s=f"); //redirect to login page, with a failure notification
}
else
{
$userName = $_POST["userName"];
$password = $_POST["password"];

setcookie("WFS2U", $userName);
setcookie("WFS2P", $password);

header("cache-control: no-cache, must-revalidate");
header("location: ../index.php"); //redirect to home
}
[/code]

Then to display the cookies, I use: [code]echo $_COOKIE["WFS2U"];[/code]


I use PHP 5 which runs on IIS 6.0.

Thanks for your help,
Josh Rogers

[Uploading to PostgreSQL database]

thank you!!! now i get it!  ;D

-Josh

[Uploading to PostgreSQL database]

I'm currently working on a website project, and I'm trying to build something where users can upload avatars to the database, instead of a folder. I have no idea how to set up that kind of system with PostgreSQL. Can someone tell me how to do this?

Thanks!
-Josh  8)