MadTechie

PHP can't get the data needed to do that (namely RAW_POST_DATA), so your need add some peal into the mix

have a database with a table + timestamp, when the timestamp+10minutes expires you can refuse the downloads.. you can then have a cleanup script / cronjob to delete expired files every hour/day/week whatever EDIT: you could replace the database table with a flatfile

**untested are you trying this ? <?php $query = odbc_exec($odbc, "SELECT * FROM ExhibitionsPage ORDER BY ExhibitionShortDate ASC") or die (odbc_errormsg()); echo "<form method=\"post\">\n<select name=\"Exhibitions\">"; while($row = odbc_fetch_array($query)) { $sel = ($row['exhibitionsDate'] == $_POST['Exhibitions'])?"Selected":""; echo "<option value=\"{$row['exhibitionsDate']} $sel\">{$row['exhibitionsDate']}</option>"; } echo "</select> <input name=\"submit\" type=\"submit\" /> </form>"; if(isset($_POST['submit'])) { $FindDate = $_POST['Exhibitions']; $query = odbc_exec($odbc, "SELECT * FROM table WHERE Exhibitions=$FindDate") or die (odbc_errormsg()); echo "<pre>"; while($row = odbc_fetch_array($query)) { print_r($row); } } odbc_close($odbc); ?> Of course your need to update the second query i used table as i don't know the table your going to use

i don't think theirs a buildin one.. kinda simple to do so, i wouldn't see the point! <?php $vara = 10; $varb = 200; $per = 10; $check = (($vara/$varb)*100); if($check < $per){echo "Less than $per%";} if($check > $per){echo "More than $per%";} if($check == $per){echo "Equal than $per%";} ?>

looks fine, but your not using imagedestroy, as for a small file using a ton on memory i'll have to assume theres a problem in some code before this code is used

if your checking get id in file then you can do this.. $_GET['id'] = 1; include("file.php");

write to the php file as you would any text file.. and to import an sql file you could use bigdump

This may help Dynamic DropDown PHP/AJAX

imagettftext <?php // Set the content-type header("Content-type: image/png"); // Create the image $im = imagecreatetruecolor(400, 30); // Create some colors $white = imagecolorallocate($im, 255, 255, 255); $grey = imagecolorallocate($im, 128, 128, 128); $black = imagecolorallocate($im, 0, 0, 0); imagefilledrectangle($im, 0, 0, 399, 29, $white); // The text to draw $text = 'Testing...'; // Replace path by your own font path $font = 'arial.ttf'; //<--- ADD FONT HERE // Add some shadow to the text imagettftext($im, 20, 0, 11, 21, $grey, $font, $text); // Add the text imagettftext($im, 20, 0, 10, 20, $black, $font, $text); // Using imagepng() results in clearer text compared with imagejpeg() imagepng($im); imagedestroy($im); ?>

Erm.. i think your wrong on that.. a lookup table can exist on both.. but mine would be much larger and longer to lookup.

my basic example

Which is way i said you can also have a site password, this will be in the config file.. thus you need both salts and the users hash if they get all 3 then you need to re-think the whole site security as you must of messed up big time!

Its a no no to some people.. i don't have a problem with it myself.. providing you check the security No thats not as good as salt... you CAN have a Site Salt as well IE $SiteSalt = "1234"; //<--static $password = "Hello"; //<--User set $UserSalt = "fdsfs"; //<-- Random for each user $StoredPassword = md5(md5($UserSalt).md5($password).$SiteSalt);

$font = 'Arial.ttf' to $font = dirname(__file__).'/Arial.ttf' <-- Check arial.ttf is in the same place as the script and its got the Cap A

Storing the salt in the database is fine.. BUT its "recommened" you store them in related table.. personally i store them in the same table.. as if they get access to see the hash and/or salt then i have a major security which i watch for from the first day of development

$queryAA="SELECT staff_no from report "; should be $queryAA="SELECT DISTINCT staff_no from report ";

So how is the being entered into the script itself ? what do you mean by "PHP Injections" ? $string = htmlentities(mysql_real_escape_string($_GET['phpfreak']), ENT_QUOTES); will stop SQL + HTML injections

i assume your using eval or writing a php then running it.. correct ?

this should work.. *untested <?php echo trim(dirname($_SERVER['PHP_SELF']),"/"); ?> trim just removes the leading / but you could to it 101 other ways

how is the first loop linked to the total ?

example <?php $query = "SELECT * FROM volunteers"; $result = mysql_query($query) or die('Error, query failed'); $tsv = array(); $html = array(); while($row = mysql_fetch_array($result, MYSQL_NUM)){ $tsv[] = implode("\t", $row); $html[] = "<tr><td>" .implode("</td><td>", $row) . "</td></tr>"; } $tsv = implode("\r\n", $tsv); $html = "<table>" . implode("\r\n", $html) . "</table>"; header("Pragma: no-cache"); header("Expires: 0"); header("Pragma: public"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Content-Type: application/force-download"); header("Content-Disposition: attachment; filename=\"extraction.xls\""); header("Content-Description: File Transfer"); echo $tsv; exit; //echo $html; ?>

looks like the first loop isn't needed $query="SELECT user.acc_no, report.staff_no, user.name, report.amount FROM user LEFT JOIN report on report.staff_no= user.staff_no WHERE status ='approve'and user.bank='maybank' " ; // echo $query; $result = mysql_query($query,$dblink); while($row = mysql_fetch_row($result)) { // $x_pos = $pdf->SetX(50); $y_pos = $pdf->GetY(); $pdf->SetX(40); $pdf->Cell(50,6,$row[0],1,0,'C',1); $pdf->SetX(90); $pdf->Cell(40,6,$row[1],1,0,'C',0); $pdf->SetX(130); $pdf->Cell(80,6,$row[2],1,0,'C',0); $pdf->SetX(210); $pdf->Cell(20,6,$row[3],1,1,'C',0); } NOTE: your need to remove the next } below the last one in the posted code

i would guess, fname lname if this is solved can you please click solved bottom left

do you have a database sceama and some sample data..? other than that i would have to guess $query="SELECT DISTINCT user.acc_no, report.staff_no, user.name, report.amount FROM user LEFT JOIN report on report.staff_no= user.staff_no WHERE status ='approve'and user.bank='maybank'and user.staff_no= '$rowAA[0]'" ;