webref.eu

Thank you everyone! Rgds

Hi All I want to write in code: If ($_POST['processform'] == 1) OR if(isset($_COOKIE['cookname'])) so how do I write the statement correctly? Thanks

Thanks. This may be a rather basic question, but would I be right in saying that the host setting under which to look for the cookie never needs to be specified because this is automatically known from the site I am browsing at? Rgds

Hi All I have allowed member users of my website to be remembered by the dropping of two cookies, cookname and cookpass. You can see the cookies as created in Firefox 3 in the image below. How do I check for the existence of the cookie and retrieve it's value, e.g. the value of cookname is nambock, so how do I retrieve that value? Many thanks

Yes, you would have to remove spaces from your string, as I don't think your string will be recognised as a number if it has spaces in. You'd have to write a routine to remove spaces and then you can check for a number as follows: //Protection from hackers. Check ProductId is just a number $TestForNumber = is_numeric($ProductId); If ($TestForNumber == 0) { echo "Sorry, the Product Id tried is not allowed."; exit(); } Rgds

Hi All I have some code that checks whether my ProductId, which is passed in a query string, is just a number, to prevent a hacker attempting to replace it with something malicious. My question is, is my code elegant enough or can you suggest improvements? Thanks. //Protection from hackers. Check ProductId is just a number $TestForNumber = is_numeric($ProductId); If ($TestForNumber == 0) { echo "Sorry, the Product Id tried is not allowed."; exit(); } Rgds

Thanks Wildteen88, you beat me to it Rgds

I need to modify this: $sql = "SELECT COUNT(*) FROM Reviews WHERE ProductId LIKE $ProductId"; to additionally include WHERE ReviewIsApproved=1. Can anyone give me the right syntax before I manage to work it out for myself? Thanks

Complete guess but could it be some kind of file write permissions issue? Whatever ac is trying to write doesn't have the correct permissions? Rgds

Some snippets from the code: Getting the data: while ($list = mysql_fetch_assoc($result)) ... Displaying the data: $list['ReviewDesc'] I've just found that by using the nl2br function as below I can get linebreaks to be rendered in the browser, so I assume this is the best way of doing it? nl2br($list['ReviewDesc']) Rgds

Hi All I am displaying data from MySQL, but the linebreaks aren't being recognised. When I look in MySQL Query Browser there appear to be the linebreak characters there, but when I pull the data from the db and display on a page in the browser, the linebreaks are only whitespace, so the data is displayed continuously without linebreaks. How do I get the linebreaks to be shown properly on the page? Thanks All

Why do you want to do it this way? Is there a good reason? If not, I would say you are introducing unnecessary complexity. Rgds

In many login solutions, an include file is used to control access to a new page, which contains the various session variables. So, if you somehow record the initial IP address to a session variable and then check the IP address session variable is the same each time a new page is requested by having this check in the include file. Hope that helps a bit. Rgds

OK guys, I worked it out, I had an error towards the beginning of the statement where I had mentioned Email in error, should be: $query = "select * from Users where (Username like \"%$trimmed%\" OR Email like \"%$trimmed%\") order by Username"; Thanks

Hi All I need help from experts to modify this SQL query: $query = "select * from Users where Username like \"%$trimmed%\" order by Username"; To also search the Email field of my data, i.e. not just the Username field. This is what I've tried so far, and it doesn't work: $query = "select * from Users, Email where (Username like \"%$trimmed%\" OR Email like \"%$trimmed%\") order by Username"; Can you help? Many thanks

Am I right in saying that provided whatever I provide to the md5 function is unique, the resulting md5 hash will be unique? i.e. it is impossible for the same md5 hash to be produced from two different input strings? Thanks

OK thanks, that's what I thought ... The reason I asked is because I had noticed in testing the same AuthCode cropping up every now and again, which clearly should not have been happening. I have now realised the problem was that I had a case sensitivity issue, i.e. I should have been using $Password and not $password. Thanks for your help.

Hi All Please could you explain to me what this line of code does, i.e. translate the code into English please: $AuthCode = md5(rand(0,55)."{$password}{$username}"); Many thanks

How are you getting a value for $cookie in the first place? Maybe you are missing this? Rgds

Ok, thanks, that makes sense. Rgds

Hi All I currently have the following query statement: $query = "UPDATE Users SET EmailConfirmed='1' WHERE AuthCode='$AuthCode'"; Which I need for a particular user to get their e-mail confirmed when they visit a url such as: http://www.mydomain.com/user-authentication.php?AuthCode=f4b702cd7a8f06f53708fbcdbda1af48&ProductId=1 Now, the particular $AuthCode in question will relate to a particular Username in the database, and I need to lift this Username from the database to use in my script. Is there a clever way to get the UPDATE done and somehow lift the Username value in a single SQL query, or am I going to have to do a second SELECT statement? Many thanks

If I have the following code: $AuthCode = makeSQLSafe($AuthCode); //database query $query = "UPDATE Users SET EmailConfirmed='1' WHERE AuthCode='$AuthCode'"; mysql_query($query); mysql_close(); How would I handle the situation where I get a query error returned, e.g. there's no matching AuthCode in the database? Thanks all

OK, I'm taking a closer look at reCAPTCHA. Can the look of the input box be customised to your site at all? Thanks

Thanks. Any more suggestions? Is anyone using: http://www.phpcaptcha.org/ and is it any good? Thanks

OK, thanks. I changed it to: header("Refresh: 0; URL=$redirect"); which seems to work. Rgds