Jump to content

PFMaBiSmAd

Staff Alumni
  • Posts

    16,734
  • Joined

  • Last visited

  • Days Won

    9

Everything posted by PFMaBiSmAd

  1. Are all the .dll files (working and non-working) from the same version/distribution of php and were they all put onto the server at the same time using the same method? Problems are usually due to the .dll files being built with different source version and/or file permissions (for example if some of the files were put onto the server using FTP, they would be owned by the user that the FTP server is running under.)
  2. You are probably getting a fatal runtime error because the mysql_connect() function is not defined because the mysql extension is not enabled in your php.ini. You should set error_reporting to E_ALL and display_errors to ON in your master php.ini so that all the errors php detects will be reported and displayed. Stop and start your web server to get any changes made to the master php.ini to take effect and check the values of those two settings using a phpinfo(); statement in case the php.ini that you are changing is not the one that php is using. While you are making changes to the php.ini, uncomment the extension=php_mysql.dll line so that the mysql extension will be enabled. Check in the phpinfo() output that there is a mysql section showing that the extension is enabled.
  3. I made up a class that emulates what your's appears to do and the code you posted works as expected. Your error must be coming from somewhere else in your code or the variables being put into the query don't have the same values for the line of code that produces the error and the line with the echo and are somehow breaking the query. What are you using the $Session variable for later in the code?
  4. Then it's likely that your code that produces the error is using a different variable name in the mysql_num_rows() function call than what is being returned by the mysql_query statement or you have some other logic error that is overwriting the variable. You are posting a couple of lines of code out of context and are expecting someone to tell you what your whole program is actually doing.
  5. Your query failed due to an error and returned a FALSE value. You must ALWAYS test if your query worked or failed before blindly attempting to access the results of that query. echoing (or logging) msyql_error() will tell you why the query failed.
  6. That's because the data was escaped by php's brilliant magic_quotes_gpc (c=cookie) If magic_quotes_gpc is on, you should either - A) turn it off, or B) use stripslashes() on the data.
  7. ^^^ Why on earth did you do that. That setting has absolutely nothing to do with the format of your date, especially since you echo the date you build and it is probably what you expect (though it is not what mysql expects.) Mysql date data types are formatted YYYY-MM-DD. Don't you suppose that you would need to get your date value into that format in order to be able to store it without error?
  8. If you use a HTML array name as the field name="some_name[]", you can just iterate over the resulting $_POST['some_name'][] array using php's array functions, such as foreach() and/or count() Ref: http://www.php.net/manual/en/faq.html.php#faq.html.arrays
  9. ^^^ why not just test if the entered username is already in the database directly in the query. If the query returns a matching row, the username is already taken. No need to spend the time and memory to retrieve everything and loop through it using some slow parsed, tokenized, interpreted php code. As to your main question, javascript executes in the browser, long after any php code on the page has completed its execution. Php is a server side scripting language. The ONLY way you can get a value from the browser to the server is by making a HTTP request and including that value as part of the request.
  10. echo "<a href = 'searchpage.php?id=$some_var'> ".$hostname."</a>"; $some_var is whatever variable currently holds the unique identifying value you want to use as you are looping through the records from the query. In the searchpage.php code, $_GET['id'] will give you identifying value for whichever link was clicked.
  11. You forgot to tell us what result you are getting vs what result you expect.
  12. The hyperlink you make for each row of data needs a GET parameter that identifies the row of data. Either use the id from the table or the IP address or the hostname, something that uniquely identifies the correct row.
  13. This topic has been moved to PHP Regex. http://www.phpfreaks.com/forums/index.php?topic=311051.0
  14. This topic has been moved to PHP Coding Help. http://www.phpfreaks.com/forums/index.php?topic=310978.0
  15. Here's another use of XSS. Someone makes a link to your site that contains javascrpt to send him the cookie values of that visitor for your site. If this person can get a visitor to click on that link (perhaps on a phishing site that looks like it is your site or in an email that looks like it came from your site) and the code on your site outputs that javascript back to the visitor (either directly by echoing the URL in a form action="" attribute or by accepting that HTTP request as a comment being posted by that visitor - $_REQUEST really is a bad idea), someone just got the cookie values for that visitor for your site.
  16. What if you are using a simple template system or some other not so well thought out CMS script on your site that uses eval (either with or with out your knowledge) and the comment that the user enters contains some php code, so, when it is processed when it is displayed it just ran the hackers php code on your server. It is unlikely that you have a system where only the visitor could view what he posted. What about if an administrator or owner to your site, such as you, views the posted information? That's exactly who a hacker would like to get the cookie values for.
  17. Do you actually have a mail server at your web host that you are trying to use as the sending mail server or are you trying to send directly to your mail box on a gmail server? To use SMTP Authorization for your gmail account, you would actually need to use the SMTP server/port as listed at this link - http://mail.google.com/support/bin/answer.py?hl=en&answer=13287 The address you get from the MX records would only be used when one mail server contacts another mail server.
  18. You are getting the mx record of the recipient domain and are attempting to send directly from a php script to that mail sever, but you are not using SMTP Authentication. Unless you were sending to a mail server that is an "open relay" (no relaying restrictions in place), you would need to use SMTP Authentication to get it to accept an email directly from a php script that is not on a server that the mail server has been configured to trust.
  19. Some browsers request a page twice (though I don't know if this would occur close enough in time to cause the problem) and some URL rewriting will also cause a page to be requested twice, so it could be that the two concurrent requests are actually due to a single visitor.
  20. This problem usually occurs when you have concurrent visitors. The file is locked by the operating system for the visitor that got their first and when your code attempts to access the file for the second visitor it cannot read the file (you would be getting errors if your code had error checking logic in it. This results in the $visitCount being a null, which your code should be incrementing to a one, which gets written back to the file by the code running for the second visitor. You need both some error checking logic in your code to make sure the file operations are occurring without error before blindly writing a wrong value back to the file and you would need to use and test file locking status to insure that the count is not lost. You can avoid this kind of problem by using a database instead of a file.
  21. GROUP BY YEAR(datetime)
  22. Documentation - https://cms.paypal.com/es/cgi-bin/?&cmd=_render-content&content_ID=developer/e_howto_api_APIntro
  23. Most programming editors (Notepad++ for example) have a way of searching through all the files and folders within a starting folder.
  24. ^^^ That's invalid. mysql_error() does NOT use a result resource as a parameter and that code would have been producing a php error, assuming you are doing this on a system with error_reporting set to E_ALL and display_errors and/or log_errors ON so that php errors would be reported and displayed/logged.
  25. ^^^ What makes you think that?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.