PFMaBiSmAd

Here are some specific hints - 1) You would add a session based login check to the start of your index.php code. If the current user is not logged in, redirect to a login page. 2) The login page would have a form with the path and password. Once the the correct password is entered for the selected path, you would set a session variable to indicate that the visitor is logged in. Since the index.php page needs to know the selected path, you could store that value and use it as the logged in flag. After logging in, redirect to the index.php page. 3) On the index.php page, use the path that was saved in a session variable in place of the $_POST['path'] value. The form would only need the type='file' field. You should probably display the path, something like - "You can upload a file to the images folder.", so that the visitor knows that they can upload a file and where it will be put. 4) After successfully uploading one file, you would probably want to clear the logged in flag so that someone must select a new path and enter the password again to upload more files.

Even with mysqli_fetch_all, your code would still look like - foreach(mysqli_fetch_all($result, MYSQLI_ASSOC) as $r) { $words[] = $r['word']; } echo implode('<br/>', $words);

I looked at your posted code to try and figure out what you are doing in it, and I recommend that you first define what you are trying to accomplish, then write the code to do it. You have extra/repeated code, data, and queries that doesn't do anything toward your goal of replying to a PM. If you define what data you are trying to INSERT into each column, you should be able to write your INSERT query to do what you want.

It's not really possible to hide information that you pass through the client, because all anyone needs to do to get it is to spend a little more time than the amount of time you spent in hiding it. Passing the actual password through the client, will mean that if your 'protected' content is of great enough value, that your password will soon get shared all over the Internet.

@thara, The code in this thread HAS validation logic (of unknown quality since the function code wasn't posted) so linking to a generic post that points out you need to validate input data doesn't address anything specific to this thread.

You do realize that anyone who directly found it or found the link you posted to it somewhere else, such as in this public thread that gets index by all the major search engines, could have messed with your post on the fiddle site?

You would use CSS to eliminate all the repetitive in-line style information in the tags - <style> table,th {border:3px solid black;} td {border:1px solid black;} th,td {text-align: center; padding: 5px;} td {white-space: nowrap;} </style> And you could let the computer produce the table based on a defining array - // each array key is the database column name, the corresponding value is the legend/heading to display in the HTML table // the order of the items in this array are the order they will be output in the HTML table $fields = array('Rep'=>'Rep','RefNumber'=>'Reference Number','Disposition'=>'Call Disposition', 'Cancel_Disposition'=>'Cancel Disposition','Date'=>'Date','appNumber'=>'AppNumber', 'Phone_Num'=>'Phone Number','Con_Number'=>'Contact Number','Finance_Num'=>'Finance Number', 'Num_Payments'=>'# of Payments','ACH_CC'=>'ACH/CC','Post_Date'=>'Post Date','Callback'=>'Callback', 'Disc_Amount'=>'Discount Amount','Total_Cost'=>'New Total Cost','Total_MP'=>'Total Monthly Payments', 'New_MP_Amt'=>'New MP Amount','New_DP_Amt'=>'New DP Amount','Notes'=>'Notes'); // start table and produce table heading echo "<table>\n<tr>"; foreach($fields as $legend){ echo "<th>$legend</th>"; } echo "</tr>\n"; // output table data while($row = sqlsrv_fetch_array( $result,SQLSRV_FETCH_ASSOC)){ echo "<tr>"; foreach($fields as $key=>$not_used){ echo "<td>$row[$key]</td>"; } echo "</tr>\n"; } echo "</table>\n";

We know what you are asking. Someone told you the structure changes that would be needed to accomplish it. If you cannot take the statement of what is needed and produce the code (which is what programming is, i.e. writing code to get a computer to do what you want), you should just hire someone to do this for you or find another script that requires the login to be submitted before the upload form will be displayed.

Locking this topic. The point of taking a quiz, even if it's an open book/open Internet quiz, is to test your ability, knowledge, and skills. Not to test ours. Besides, the quiz was probably over shortly after the OP posted this.

It's also kind of fortunate that the person who wrote that code managed to get the wrong variable name in the mysql_close statement, because if the variable name had been correct, the UPDATE query would fail because there would be no database connection at that point. In this case, having a programmer that didn't know what he was doing actually produced code that 'worked'.

Both the upload form and the form processing code would check that the current visitor is logged in before doing anything. This of course assumes you have a user authentication system in place that accepts the login credentials as a separate step (or uses AJAX on the upload form) to authenticate the visitor and remembers that the current visitor is logged in using a session.

^^^ What have you done to debug why the code isn't doing what you expect for the source image data? I'm also not sure why you didn't just posted the complete code for that function so that someone could directly point you in the right direction to look. Out of context snippets of code are like pieces to a jig-saw puzzle and you are asking us to tell you what the picture on the box is based on having two or three pieces of the puzzle.

@Dharmender, Please don't quote entire posts just to reply to them. Only quote things in a post you are specifically calling attention to.

Start your own thread for your problem. Topic locked.

The forum section where you posted this is for mysql help. Topic locked.

Your function definition is inside of a conditional statement, so it is only defined when the conditional statement is true. Under this condition, you must define the function before you can call it. The best method for defining functions is to put them at or near the start of your code and to make them unconditionally defined.

You are missing the {} in the following line that would cause the key/index name in $array to be literally output, instead of being treated as an array of characters - echo "<li>{$array}[$key]=$value";

A) You have a wrong variable name in your mysql_close statement, which is why it isn't a link resource. The error message probably told you it was a null/non-existent value. B) You should NOT be opening/closing database connections more than ONCE on any page. Each time you open a database connection, it takes a significant amount of time to contact the database server, authenticate the database username/password, and obtain a connection handle. You should open a connection once on any page that needs it, then either close it after you are done using it on that page, or more easily, let php close the connection when it automatically destroys all the resources used on any page.

For debugging purposes (remove it after you are done), you can use echo mysql_error(); on the next line after the mysql_query() statement to find out why the query failed.

I merged your two topics together. Just because you fixed one error in your code and the symptom/error changed, it's still the same code. Stick to one thread for the same code, so that the history of how you arrived at any point isn't spread out in multiple threads. And while it is true your code is using a mysql database, the issues are in your php logic/variables and nothing specific to mysql (yet), so moving thread to the php help forum...

No one asked for a HTML FORM. They asked for - Until you post code that reproduces the problem, no one here will be able to help you find what is wrong with what you are doing.

Since you didn't post your client-side code showing how you are using the JSON data, it's not directly possible to help, but in general, you would apply a css class to the output having the onoff column set to a zero. You could do that in the server-side code, by putting the values inside a span tag with the correct css class name or you could do it in the client-side code, by passing the onoff value with each corresponding value in the JSON data, and then setting the className of the element that you output the value into. A couple of points about your code - 1) There's no need to repeat the database table name as part of each column name. That results in more typing, typo's, and longer query statements.I would name the columns - zeneszam and onoff. 2) Your search filter in $_GET['part'] should be in your query. In fact, retrieving all the rows from your table first, then looping over them two times, the second time to find values using php code is probably 8-10 times slower than doing this in the query. You could write your posted code like this - $part = isset($_GET['part']) ? trim(($_GET['part']) : ''; if($part != ''){ $query = "SELECT zeneszam, onoff FROM zeneszamok WHERE zeneszam LIKE '".mysql_real_escape_string($part)."%'"; $result = mysql_query($query); $results = array(); while($row = mysql_fetch_assoc($result)){ $results[]=$row; // pass both the zeneszam and onoff values as an array for the client-side code to use } echo json_encode($results); }

Have you checked the 'view source' of the form in your browser so that you know the fields have the values you expect? Is there any other form on the page, in case you have invalid/nested forms. What's the exact form processing code, since it could be testing for field names that don't exist or don't exactly match the form?

Rather than just incrementing a counter, you need to use a database table to store all the relevant information, one row per view. You would store the datetime, user_id, video_id, ip address, session_id, and the user-agent of the browser. Once you have this information stored, you can use it to filter out things like duplicate views by the same user and produce reports on usage.