rcorlew

You need to show the code that displays the information on the page, we need to see how you are printing your results.

To insert new data row into mysql use this query instead: $query = "INSERT INTO my_table (first_name, last_name) VALUES ('$first_name', '$last_name')"; $res = mysql_query($query) or die;

You could limit the string to a set number of characters like this: <?php $string = "My text from whatever source": $str= substr($string, 10); //The number limits your str to that many characters including spaces echo "$str"; ?>

You have to put your results through a while loop like this: <?php if (!$pilot_id) { die('Could not connect: ' . mysql_error()); } mysql_select_db("cerulean_site", $pilot_id); $result = mysql_query("SELECT * FROM pilots ORDER BY pilot_id DESC"); while($row = mysql_fetch_array($result)) { $pilot_id=$row; echo $-pilot_id; } ?>

Try adding this, you should be loosing the prod since you are not "receiving" the get data. $prod = mysql_real_escape_string($_GET["prod"]); Put that at the top of you page like this: <?php session_start(); include"includes/client_info3.php"; $prod = mysql_real_escape_string($_GET["prod"]);

I would prefer to see more content before I would be able to give a real good look and make an honest attempt at critique. I will say this, try padding the top of the page 20px or so, having to click at the very top of the page is odd, and maybe too dificult depending on whatever environment a person may have on their computer. Try adding some content, maybe in a "About this Site" Section or something. Just some text to fill up a page and stretch the layout would be good.

Ok, I changed the footer quite a bit, pretty different now. I am pretty sure I will change how the left column is all together, make it more fitting with the rest of the site.

You should try using the ` around your db column names. I have run into that same problem added the 'table.column' and it worked.

I tried adding a thin left white border like you suggested, however, it kind of broke how the display worked so I put it back.

I would have to agree, that more contrast would be a good thing for you.

Hi all, I have been working for sometime now on a rather large project that had be a bit overwhelmed at times. It is for all intents and purposes complete, although I have tweaked it slightly here and there. It has most of the usual stuff, although I am having some difficulties deciding if I like the way I have some of the "tagging" worked out. Everything has worked fine this far, and is past the "eternal " beta phase that some sites seem to be stuck in. I would love to give this whole elaborate monologue telling you what this site is for, but if you cannot pick up the purpose of the site in about 15 seconds then I have failed to deliver. I know that for the most part things flow well, but I am looking for a little advice maybe to help it pop. http://www.3amdevotions.com/index.php

The best way to fix disclosures I have found is this little snippet of code, only use this after you have fully tested the script or else you will not be able to debug your scripts. Just put this little gem right after your opening php tag. error_reporting(0); Then to stop xSs you should try something like this: function stopXss($var){ $var = addslashes($var); $var = htmlentities($var); $var = what_ever_else($var); return $var; } Then call the function like this $name = stopXss($_POST["name"]); $password = stopXss($_POST["password"]); I think you can get the picture.

Re you using the text type sql column? If so the limit is 64megs, that's way more than 7000 characters, maybe the column is tiny text or medium text.

man, that's nice, I could use something like that to finish off my system.

I fixed the filename problems and made it so it will not overwrite an existing file. Crazy thing though, the code I wrote works on my production server but not my test server. If anyone would like to try it out, go ahead, I think that it is getting really close to finally being secured.

You might want to be careful about that function, sometimes it will be better to check this way: if(!empty($variable)) or if(empty($variable)), just a small pointer

Ok I will get that fixed shortly, I am on vacation so it might take a little while longer,lol

Well there you go, you are lucky to have actually gotten permission, good job on that. The script will work perfectly as long as the page remains fairly consistent to what it is now, it will go from -99 degrees all the way to 999 degrees, is that good enough?

NO, usually web sites do not want you accessing their pages without permission. You need to check to see if it is copyrighted. And the first code is what you need, just use wisely as it increases traffic on their site, and it will show your ip and other user information about you whenever you access the page(it will show the server you access the script from). Cheers.

They might not like this but here is how you do it: <?php $handle = fopen("http://www.abc3340.com/static/skycams/demopolis.html", "r"); $contents = stream_get_contents($handle); $pos = strpos($contents, "°"); $end = $pos - 3; $string = substr($contents, $end, 4); $string = str_replace('>', ' ', $string); fclose($handle); echo "$string"; ?> All you have to do is add whatever styling you want to the string which will only be the temperature.

Ok disregard that post I just made, it put it under the wrong thread, and I thought I made messed up applications, LOL

By the way here is how I am trying to catch and filter input, does this look alright? $c_name = cleanVars(mysql_real_escape_string($_POST["c_name"])); cleanVars is a function that does string replace on the input sort of like html special chars or entities, minus the fact that there are quite a few entities that I want to leave.

Try it again. I forgot about that page.

It's not a problem except for the fact that my new web host has some rather odd security features in place. For instance: If you post an apostrophe into sql it turns it into this ’, I have written a function to replace all forms of characters so I should not face this again. I am about to drop this web host, they have some insane security features that inherently make sites less secure, so I am on the lookout. But that is for another topic anyway.

I do believe that I caught all those, I wrote a nice function but forgot to add it to my variables.