premiso

Why are you creating a checkbox for this? $fileUploaded = isset($_FILE['dosya']['name'])?true:false; Would be a more reliable way of testing.

$sql_con = concat(pages,'$visitor_page') WHERE visitor_ip = '$visitor_ip' AND visitor_date = '$visitor_day'; That statement makes no sense. A. You do not have a SELECT FROM statement. B. You are not encapsulating the variable in quotes. $sql_con = "SELECT concat(`pages`,'$visitor_page') FROM `visitors_list` WHERE visitor_ip = '$visitor_ip' AND visitor_date = '$visitor_day'"; I did not bother looking through anything else cause it is poorly indented.

Your quotes on this line are backwards. This is not your notice issue, but will cause a SQL issue: $result = mysql_query ("SELECT id, title, subtitle, article FROM articles WHERE id = '" . $currentpage . "'"); Is the correct way, as in SQL you must use single quotes (') around string variables. Not double quotes. You needed the "id" column for it to work right. You were not pulling that out, thus your list was causing an issue trying to populate "$article"

$asq7=isset($_POST['asq7'])?8:0; $asq8=isset($_POST['asq8'])?8:0; $asq9=isset($_POST['asq9'])?8:0; The ? and : are called the ternary operators which act like a shortened if/else.

.pst is an outlook file and is probably compiled to not be viewed in plain text. You would need a converter of some sort installed on the system to convert it to plain text. As far as is this "do-able" in PHP, yes, if you have access to exec functions and have a 3rd party app installed on the machine that allows you to use command line to convert the file.

I think you need to change "selected" to be "checked" Selected is more for <select> statements.

If you want to take the time to figure it out for an array, that is all the better learning experience and should produce a more efficient page. However, if you do not need that bit of speed efficiency, the function about would work just fine. It is just not as "efficient" as it would be to make a function to utilize an array. But it sure is easier than coding that function/logic to utilize an array. That is for sure.

The best way is to make an array of the months, imo. You could possible use strtotime but that would be way slower. for ($i=0; $i<12; $i++) { echo date('F', strtotime("+{$i} month")) . ", "; } Untested, but should work. But as I said I would use an array.

<?php if (get_image_from_url("http://www.google.com/intl/en_ALL/images/logo.gif", "logo.gif")) { echo "File retrieved succesfully. <img src=\"" . DIR_FS_CATALOG_IMAGES . "logo.gif\">"; }else { echo "File not retrieved."; } function get_image_from_url($url, $filename) { if(function_exists('curl_init')) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $out = curl_exec($ch); curl_close($ch); if($out === false) { echo "Unable to retrieve the image file." // remove this if it does not show up, should only be for debugging return false; } if($handle = fopen(DIR_FS_CATALOG_IMAGES . $filename, 'wb')) { fwrite($handle, $out); fclose($handle); }else { echo "Failed to write the image file"; // remove if this does not show up (here for debugging purposes only); return false; } return true; } csv_import_message(CSV_CURL_MISSING_CANT_IMPORT_REMOTE_IMAGE, 'warning'); return false; } ?> I do not know what your issue is. That worked out just fine for me. Maybe check out that the directory you are attempting to write the file to is valid/writeable.

Yea, that is why I said "flaw", attempting to emphasize lack of a better word. It really is not a flaw more as how it is designed. But given that it does have to be interpreted, means that you really cannot secure any script written for PHP or hide it's source from anyone. It really is not a flaw as much as how it is designed/needed to be done.

In the lines of this threads topic. Not that I agree with actually going out and finding exploits in code, if your php server is coded properly you should have nothing to worry about. It is the persons choice to risk attempting to access a site they should not. Eventually they will get caught and or reported. But yea. Him posting his code allows you to look at it and use it to make your server more secure. As far as the OP's question. It is impossible, as Daniel0 described. It is more or less a "flaw" of the php system. If you do not want your code out, do not put it on someone elses server. Simple as that. It is up to you who gets your script. By actively putting it on others systems you have no reason to access or do it to, is asking for it to be used in a bad way. I can see, from a security profession stand point, to use it on "customers" site to test if they are vulnerable. As far as just going to random peoples site, that is just stupid.

Add in some error checking: $res=mysql_query($sql) or die("SQL WAS {$sql} <br /> Error was:" . mysql_error()); $obj=mysql_fetch_object($res); $nm=$obj->nm; And you will see why. As to why you have your sql spread out like that, I have no clue.

Alternatively you can do this in MySQL: SELECT UCASE(LOWER(`employee_name`)) FROM TABLE_NAME WHERE Condition=otherCondition

End returns the last element of an array and moves the array pointer to the end (but that element stays inside the array). Array_pop removes the last element of the array completely.

The / before the file name it indicates that it should be in the root of the webserver. Is it? My feeling is it is not. Try removing that slash and see if it fixes it.

array_pop When you explode an array it will default the last item (given the sentences) to a black space, if you are splitting something where the option to split by is the last character. Using the above will remove that issue. As for the sentence issue, I am not sure what you are trying to get at. EDIT: Incase you may have a scenario where there is no ending period, you may want to do this over array_pop <?php foreach ($para1exploded as $content) //This iterates through the selected exploded array { if (empty($content)) continue; $query = "INSERT INTO `para1` (`text`, `key`, `added_at`) VALUES ('$content', '$key', CURRENT_TIMESTAMP)"; ?> That will prevent from anything that does not have characters from being entered into the DB.

<?php require('databaseconnection.php'); // Select all the rows in the markers table $query = "SELECT * FROM chadwickinfo WHERE 1"; $result = mysql_query($query); if (!is_resource($result)) { die('Invalid query: ' . mysql_error()); } // header("Content-type: text/xml"); // not needed as we are just writing it to a file. // Start XML file, echo parent node $writeTo = '<pages>'; // Iterate through the rows, printing XML nodes for each while ($row = mysql_fetch_assoc($result)){ // the @ is an error suppressor, I suggest not using it. Instead turn display_errors off in php.ini on your production server. // ADD TO XML DOCUMENT NODE $writeTo .= "<link>"; $writeTo .= "<title>" . $row["name"] . "</title>"; $writeTo .= "<url>" . $row["photo"] . "</url>"; $writeTo .= "</link>"; } // End XML file $writeTo .= '</pages>'; $xmlfile = "links2.xml"; $file = fopen($xmlfile,"w+"); fwrite($file, "<xml>" . $writeTo . "</xml>"); fclose($file); echo "File was written."; ?>

You need to remember that VARIABLE SCOPE is a big part of this. <?php $desc = shortdesc($article); ?> Since the function returns $desc and $desc is not a global variable (which it should not be), you have to re-assign it to use it outside the function. I would suggest reading up on Functions

You have to have apache running, and you have to access it through http://localhost unless setup differently instead of just opening the file. The file has to also be set in the Webserver WWW folder for it to be access via Localhost.

<?php $output = shortdesc($article); echo $output; ?> I did not see you actually using the return data. Did you do that? If so please post the full relevant code to avoid basic fixes like this.

$result = mysql_query("SELECT title FROM menu where id IN(1, 2, 3, 4) ORDER BY id"); while ($row = mysql_fetch_assoc($result)) { echo '<li><a href="#"><span>' . $row['title'] . '</span></a></li>'; } Just a bit variation of Yesideez, but yea. This does not do all just the ID's you want (depends on what you want for which to use.)

You do not need the /local/bin call at the top for this. I would suggest running the cron through PHP CLI: * * * * * /usr/local/bin/php -f /path/to/script/tmscron.php This way you can store the cron file outside of your webroot and run it that way without anyone else being able to access it remotely and effectively spam you. EDIT: For more information on PHP CLI, see http://us3.php.net/manual/en/features.commandline.php

No, the content inside an if statement is not included in memory. To test, you can try and echo a variable inside an if statement outside, and it will not of been set.

Post your current code if you want further help.

Run a phpinfo and post the contents in a quote or code tags here. EDIT: Reading up more on segfaults here http://wiki.gnokii.org/index.php/Segfault It sounds like the loop is eating up a lot of memory and has to resort to accessing reserved memory. 10,000 rows of SQL statements is a lot of rows, perhaps you can try to just make it the 10,000 and use session to spread it across multiple page reloads to accomplish. You can also maybe try increasing PHP's memory limit, but I doubt that would do. By chance how much RAM does your server have? EDIT EDIT: It looks like you have an infinite loop in your code. if (mysql_affected_rows() == "0") {echo "$password\nNoooooo";} if (mysql_affected_rows() == "1") {mp_password_generator($username, $amount);} mp_password_generator($username, $amount); You re-call the function there while inside the function. This just keeps calling the function, my bet is, that is your issue. Infinite loop.