MadTechie

$current = $row['pagecontent']; $current = bbcode($current); //Here echo $current; why not use the code i posted :'(

really you should fix the sending process but heres an idea.. <?php echo "test2<br /><br />"; $data = "JMC & U.K Soulja"; $test = urldecode($_SERVER['QUERY_STRING']); if (preg_match('/=(.*)/i', $test, $regs)) { $result = $regs[1]; } echo $result; ?> <a href="?newdata=<?php echo $data;?>">test</a>

Note: rawurldecode() does not decode plus symbols ('+') into spaces. urldecode() does.

basic example <?php $data = "JMC & U.K Soulja"; echo urldecode($_GET['NewData']); ?> <a href="?NewData=<?php echo urlencode($data);?>">test</a> try this on a new php file.

you should use urlencode("JMC & U.K Soulja"); as the & will confuse the URL urlencode("JMC & U.K Soulja"); returns which is safe to pass via the URL

return

post the success.php again (the updated one)

maybe replace if (preg_match_all("/<a|http:/i", implode($_POST), $out) > 2) { $spam=true; } with this if (preg_match_all("/\b(https?):\/\/[-A-Z0-9+&@#\/%?=~_|!:,.;]*[-A-Z0-9+&@#\/%=~_|]/i", implode($_POST), $out) > 2) { $spam=true; } it will not stop "www.hello.com" but will stop the hyperlinks, unless the email repairs the link! or a simple one if (preg_match_all("/http:/i", implode($_POST), $out) > 2) { $spam=true; } my own one (i think this is best) if (preg_match_all('/\b(?:(https?):\/\/)?(?:[a-z0-9]{3,3}\.)+[-A-Z0-9+&@#\/%?=~_|!:,.;]*[-A-Z0-9+&@#\/%=~_|]/i', implode($_POST), $out) > 2) { $spam=true; }

ok try this $SQL = ""; for($n=0,$n<count(),$n++) { $SQL .= sprintf("UPDATE productprice SET Cost=%s, PriceRetail=%s, PriceSell=%s, PriceHold=%s, PriceDate=%s WHERE ProductId=%s AND Pcode=%s;", GetSQLValueString($_POST[PriceRetail][$n],"decimal"), GetSQLValueString($_POST[PriceSell][$n],"decimal"), GetSQLValueString($_POST[PriceHold][$n],"decimal"), GetSQLValueString($_POST[Cost][$n],"decimal"), GetSQLValueString(date('YmdHis'),"text")); } //echo $SQL; //uncomment this and comment the below one to debug $Result = mysql_query($SQL, $connection1)or die(mysql_error()); note the ; at the end Pcode=%s; you need that basically you have lots of statements seperated by semicolons ( ; ) each statement is processed as its own.

indeed already had the code written

See attached text file [attachment deleted by admin]

Ahhh BBCODE messed it up

i'm taking about changing $category_num = $_GET['category']; to $category_num = (int)$_GET['category']; i should of be clearer

change name=\"PriceRetail\" to name=\"PriceRetail[$n]\" same with PriceSell, PriceHold & Cost when use $_GET['PriceRetail'][$n] or $_POST['PriceRetail'][$n] to retieve

OK.. first as you said about secuirty.. i assume that $category_num expects a number.. if so chage to $category_num = (int)$_GET['category']; as your wide open to an SQL Injection (not good) as for the question doesn't this line do that $sub_list = mysql_query("SELECT * FROM sub_category WHERE category = '$category_num' order by title") and this line display them while ($sub = mysql_fetch_array( $sub_list )) { echo "<a href=client_filter.php/?category=$category_num&sub_category=$sub_list['id']> {$sub['title']} </a> <br>"; } // end while

note i didn't see where $num was being set i assume that other code.. cleaned it up (i think) it should display 1 1.1 2 3 2.1

revised (few changes) i added some CheckPoints it should display something ie 1 1.1 2 etc let me know what it gets to.. <?php if(isset($_POST['sent'])) { unset($submit); if (isset($_POST['sent'])) { $submit = true; }else{ die('Error: No file got sent'); } if($_FILES['file']['name']) { $arr = getimagesize($_FILES['file']['tmp_name']); list($width, $height, $type, $attr) = getimagesize($_FILES['file']['tmp_name']); if($type == FALSE) { header("Location: uplodsmalpic3.php?picnum=$num"); exit(); }elseif($type != 2){ header("Location: uplodsmalpic3.php?picnum=$num"); exit(); } } } $fieldname = $_FILES['file']; // make a note of the directory that will recieve the uploaded file // full url $uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploads/'; $uploadsDirectory = './uploads/'; //Upload image $uploadFilename = $uploadsDirectory.$fieldname['name']; // now let's move the file to its final location and allocate the new filename to it move_uploaded_file($fieldname['tmp_name'], $uploadFilename); $uploadedphoto = $uploadsDirectory.$fieldname['name']; $user = $_SESSION['MM_Username']; CP("1"); $a = rand(1,99); resizeimage($fieldname['name']); CP("2"); rename("thumbnails/".$fieldname['name'], "thumbnails/".$user.$a.$fieldname['name']); $smallimage = './thumbnails/'.$user.$a.$fieldname['name']; CP("3"); resizelarger($fieldname['name']); rename("smallpics/".$fieldname['name'], "smallpics/".$user.$a.$fieldname['name']); $smallpics = './smallpics/'.$user.$a.$fieldname['name']; unlink($uploadedphoto); function CP($Num) { echo "CP: $Num<br />"; ob_flush(); flush(); set_time_limit ( 0 ); } function resizeimage($name) { $filename = './uploads/'.$name; if(file_exists($filename)) { ini_set('memory_limit', '500M'); $image = imagecreatefromjpeg($filename); //unresized image $im_info = getimagesize($filename); //unresized image $im_width = $im_info[0]; $im_height = $im_info[1]; $im_flag = $im_info[2]; //max height: 140px; max width: 140px if($im_width >= $im_height) { $im_divice = $im_width / 140; }else { $im_divice = $im_height / 140; } $thumb_width = $im_width / $im_divice; $thumb_height = $im_height / $im_divice; //create empty image ini_set('memory_limit', '500M'); CP("1.1"); $thumb = imagecreatetruecolor($thumb_width, $thumb_height); //resize image imagecopyresampled($thumb, $image, 0, 0, 0, 0, $thumb_width, $thumb_height, $im_width, $im_height); if(imagejpeg($thumb, "thumbnails/".$name, 80)) { //image-resource, filename, quality return 1; } imagedestroy($thumb); //destroy temporary image-resource imagedestroy($image); //destroy temporary image-resource } } function resizelarger($name) { $filename = './uploads/'.$name; if(file_exists($filename)) { $image = imagecreatefromjpeg($filename); //unresized image $im_info = getimagesize($filename); //unresized image $im_width = $im_info[0]; $im_height = $im_info[1]; $im_flag = $im_info[2]; //max height: 300px; max width: 300px if($im_width >= $im_height) { $im_divice = $im_width / 300; }else { $im_divice = $im_height / 300; } $thumb_width = $im_width / $im_divice; $thumb_height = $im_height / $im_divice; //create empty image $thumb = imagecreatetruecolor($thumb_width, $thumb_height); //resize image ini_set('memory_limit', '500M'); CP("2.1"); imagecopyresampled($thumb, $image, 0, 0, 0, 0, $thumb_width, $thumb_height, $im_width, $im_height); if(imagejpeg($thumb, "smallpics/".$name, 80)) { //image-resource, filename, quality return 1; } imagedestroy($thumb); //destroy temporary image-resource imagedestroy($image); //destroy temporary image-resource } } ?>

at start of the script if (ob_get_level() == 0) ob_start(); //only need once after the upload echo ""; //send something to page to restart timeout ob_flush(); flush(); set_time_limit ( 0 ); //reset timeout timer before the reading of the JPG (i think thats the 135 line) ini_set('memory_limit', '500M'); //overkill memory

you can comment out any passwords/domains etc but without code its kinda hard to say.. surly it will just be client_filter.php?category=$category_num&subcat=$subcat

can you post your latest script, i'll put it on my site and review it

test script create a new file paste this in <?php $Wins[] = "Result: You search the train station from top to bottom and find $1!"; $Wins[] = "Result: You search the train station from top to bottom and find $3!"; $Wins[] = "Result: You search the train station from top to bottom and find $5!"; $Wins[] = "Result: You search the train station from top to bottom and find $10!"; $Wins[] = "Result: You search the train station from top to bottom and find $15!"; $rand = rand(0,(count($Wins)-1)); $QuoteResult = $Wins[$rand]; echo $QuoteResult; ?> run it a few times i got $10 $10 $3 $5 $1

fingers crossed

you could add echo "resize done"; ob_end_flush(); flush(); at the end of the script.. did it create the thumb nail ?

not in that version (i created 2 scipts that worked better and didn't need the number but i forgot to remove them) if you add more lines to they will be included ie $Wins[] = "Result: You search the train station from top to bottom and find $1!"; $Wins[] = "Result: You search the train station from top to bottom and find $3!"; $Wins[] = "Result: You search the train station from top to bottom and find $5!"; $Wins[] = "Result: You search the train station from top to bottom and find $10!"; $Wins[] = "Result: You search the train station from top to bottom and find $15!"; $Wins[] = "Result: You search the train station from top to bottom and find $20!"; $Wins[] = "Result: You search the train station from top to bottom and find $30!"; $Wins[] = "Result: You search the train station from top to bottom and find $50!"; $Wins[] = "Result: You search the train station from top to bottom and find $100!"; $Wins[] = "Result: You search the train station from top to bottom and find $150!"; so updates are easier.. with games you need to think about making updates easy!! players are demanding people!!!!

please note the updated code ([1]'s to []) oow solve cool