micmania1

$id = 10; $query = "SELECT id, (SELECT id FROM table WHERE id>'$id' ORDER BY id DESC LIMIT 1) AS 'prev', (SELECT id FROM table WHERE id<'$id' ORDER BY id DESC LIMIT 1) AS 'next' WHERE id='$id' LIMIT 1"; EDIT: Changes to subqueries.

Is it the mssql timeout limit you've changed in your php.ini? Also, have you restarted apache? Apache must be restarted for changes to take affect.

$id = 10; $query = "SELECT id, (SELECT id FROM table WHERE id>'$id') AS 'prev', (SELECT id FROM table WHERE id<'$id') AS 'next' WHERE id='$id'"; I think that should work.

// Current Page $page = 1; // How many records are we showing on a single page? $records_per_page = 10; // Calculate the lowest row of data to fetch from the database $minimum_row = ($page-1) * $records_per_page; // = 0 $query = "SELECT * FROM table LIMIT $minimum_row, $records_per_page"; $result = mysql_query($query) or die("MySQL Error"); if (mysql_num_rows($result) > 0) { // Deal with your data } mysql_free_result($result); if ($page > 1) { echo 'Previous Page'; } // To work out if we should display a next page link we have to find out how many records there are. $query = "SELECT COUNT(*) AS 'total' FROM table"; $result = mysql_query($query) or die("MySQL Error"); $num_records = mysql_fetch_object($result)->total; // Work out maximum amount of pages $max_page = floor($num_records/$records_per_page); if ($page < $max_page) { echo 'Next Page'; } I haven't tested the code, and you could probably optimize it a little more. The benefit of running it this way is that you don't fetch every record from the database meaning you use a lot less memory.

Start stepping through your code and debugging. Start by putting error_reporting(E_ALL) at the top of your main script. Try echoing text from you ExcelXML classes page (not actually in the class). Just to make sure its being included etc.

Have you looked into the possibility of JSON? json_encode() json_decode()

I think scandir() would be a better option for what your wanting. It runs very fast.

Hi, Yesterday I was writing a script for MS SQL and when it came to testing, I noticed backslash wasn't escaping single quotes. Done my research on google and found the reason why. I then added a simple function to my validation class which i'm hoping somebody can review? // A function to parse a mssql string // $params: data - any data // @returns validated mssql data function mssql($data) { $data = str_replace("[", "[[", $data); $data = str_replace("]", "]]", $data); $data = str_replace("'", "''", $data); $data = str_replace('"', '""', $data); $data = str_replace("%", "[%]", $data); $data = str_replace("_", "[_]", $data); return $data; } How secure is the above function? Is there a way to improve it? Thanks for reading and any feedback is appreciated.

Can you show me an example of how you are using the function and also what result you are getting.

function check_Race ($race,$display_name,$member_id,$description,$ip) { //echo "This is the race". $race; //exit; if(isset($race)) { // $race isset switch ($race) { // Check if race == 0 case 0: // race==0; return true return true; // Check if race == (black|white) case 'White': case 'Black': // Case is equal to 'Black' or 'White' echo "This is an errror.!"; $t_error="19"; $member_id = $member_id; notify_Admin($t_error,$member_id,$ip); // logOut ($t_error); exit; } } } I've commented the code so you understand what each section is doing. If your unsure about switch statements click here

You may also want to consider validating the hash before using it in your SQL query. When your cookie is set type this into your url bar: Javascript: void(document.cookie="LoginCookie='or user_id=1--"); The above changes the value of your hash to ['or user_id=1--] check if your hash is equal to '' or user_id=1 which is usually admin. Then ignores the rest of the query using -- People could also delete your table: '; DROP TABLE People -- See mysql_real_escape_string(). EDIT: The above javascript isn't a solution; its an example of the vulnerability. mysql_real_escape_string() is the solution.

The only benefit I see is to save memory - although the saving is hardly worth the work. I suppose you have the global factor too. Instead of server though, there is an array called $_ENV. Try the following 3 small scripts to view memory usage: <?php putenv("TEST=1"); echo memory_get_usage(); ?> <?php $test=1; echo memory_get_usage(); ?> <?php $test="1"; echo memory_get_usage(); ?> I'm not sure if putenv() saves as bool or int, hence the reason I done the two scripts for $test variable - both with different memory usage. You can access the variables in two ways. echo $_ENV['TEST']; echo getenv('TEST'); I don't know why using these techniques would be classed as bad practice. Maybe its just some sort of unofficial standard?

You can create a recursive function as so... WARNING! I have not validated any data. You will need to do this, nor have I checked it works. // This is a recursive function that will find 1 single row // from payments table and update payment // returns true or false, dies on fatal error function update_payment($payment, $client) { // Make sure you validate your data before querying // Query next expected payment for client $query = "SELECT * FROM payments WHERE clientid='$client' AND pending='Y' ORDER BY paymentduedate ASC LIMIT 0,1"; $result = mysql_query($query) or die("Invalid query 1"); if (mysql_num_rows($result) == 1) { $row = mysql_fetch_assoc($result); if ($row['expected'] < $payment) { // The payment is higher than the expected amount due // make this zero and repeat function // Set pending to N $expected = 0; $payment -= $row['expected']; $pending = 'N'; } else if ($row['expected'] > $payment) { // Expected amount due is more than the amount paid // Update this row and leave pending $expected = $row['expected'] - $payment; $payment = 0; $pending = 'Y'; } else { // Payment has been matched to expected // Set pending to N $expected = 0; $payment = 0; $pending = 'N'; } // Update row $query2 = "UPDATE payments SET expected='$expected', pending='$pending' WHERE id='{$row['id']}'"; $result2 = mysql_query($query2) or die("Invalid query 2"); if (mysql_affected_rows() == 1) { // Payment update has been successful // Check to see if full $payment amount has been matched if ($payment > 0) { // Payment has not fully been matched. update_payment($payment, $client); } else { return true; } } else { die("Unable to update row"); } } return false; } // You call the function like this // it will keep recalling itself until $payment=0 $payment = '257.5'; $client = '112233'; update_payment($payment, $client); If a lot of transactions are taking place at once, this isn't very server-friendly and you may want to think about restructuring your program/database.

Could it be because you are using name="Longitude" on the second page as opposed to name="longitude" on the first? Variable names are case sensitive so $_GET['longitude'] is not the same as $_GET['Longitude'].

You have no closing '}'

You have to open your file in notepad, and re-save it with UTF-8 encoding. Use htmlspecialchars(). // Example <?php // EDIT $string = 'ஆஇஊஎஐஓ'; ####### SEE BELOW echo htmlspecialchars($string, ENT_QUOTES, 'UTF-8'); $html = get_html_translation_table(HTML_SPECIALCHARS, ENT_QUOTES); echo '<pre>'; print_r($html); echo '</pre>'; ?> ####### This is what you actually write. $string = 'ஆஇஊஎஐஓ';

You'll have to show us your script if you want further help.

You have the month and the day mixed up. Try 1993-05-16.

You need to look at the problem a bit differently then. // Guessed rates $currency = array( 'gbp' => array('symbol' => '£', 'rate' => '1'), 'dollar' => array('symbol' => '$', 'rate' => '1.4'), 'euro' => array('symbol' => '€', 'rate' => '1.1') ); // Store the currency in the cookie (ie gbp, dollar etc) if (array_key_exists($_COOKIE['currency'], $currency)) { $symbol = $currency[$_COOKIE['currency']]['symbol']; $rate = $currency[$_COOKIE['currency']]['rate']; // Work out price in new currency $price = ($row_getdets['price'] * $rate); // Display price in currency echo $symbol.$rate; } else { // Cookie has invalid vlue // currency does not exist die("Invalid currency"); }

Are you getting any error messages? Are you running on a shared server? Try creating a php page as so: <?php phpinfo(); ?> Check to see if you have GD extensions enabled.

You have an update in the same loop as your mysql_result(). So the first time it loops, you'll be using mysql_result($result) correctly, but then it will continue until the next query where it will set $result as another type of resource. Try changing your second result variable to $result2. On another note, looping through running multiple queries is not good practice as it is quite server-insensive. Try looking at the SQL IN function which will need less queries. http://techonthenet.com/sql/in.php The link shows SELECT examples but can be used with UPDATE also.

http://php.net/manual/en/function.mysql-insert-id.php Assuming your using mysql, that function will grab the last automatically generated id in your database.

<?php if ($_COOKIE["currency"] == 'dollar') {echo "$";} /* if the cookie is set to Dollar, show a '$' */ else if ($_COOKIE["currency"] == 'euro') {echo "€";} /* or if the cookie is set to Euro, show a '€' */ else { echo "£";} /* or if the cookie isn't set to Dollar or Euro, show a '£' */ printf ('%02.2f', (($row_getdets['price']) * $row_prices['[$_COOKIE["currency"]']) ); /* Show Price multiplied by the chosen currency rate set by the cookie, set to 2 decimals. */ ?> You missed the quotation marks around the $_COOKIE values. ie 'dollar', 'euro'.

Lookup putenv() and getenv() functions.

Don't use above code - its got bugs. function decimalAddition() { $args = func_get_args(); $number = array(); $decimals = array(); foreach ($args as $v) { $round = number_format($v, 0); $number[] = $round; $decimals[] = ($v - $round); } if (!empty($number)) { $number = array_sum($number); } else { $number = 0; } if (!empty($decimals)) { $decimals = array_sum($decimals); } else { $decimals = 0; } return $number + $decimals; }