premiso
Members-
Posts
6,951 -
Joined
-
Last visited
-
Days Won
2
Everything posted by premiso
-
Well I am not sure on working with Japanese and DB, but does strtotime actually take in a Japanese date? From the sounds of it that is where your problem is and I would suggest taking mchl's advise and storing the date in a timestamp so you can just use strftime to display it without having the need to use strtotime That is just my 2 cents.
-
You want to use a CRON job if available on the server and instead of using PHP I would use the server to right a bash script (if Linux). Or a vbs script if windows and run that to clear the FTP. If it must be done with PHP you would need to use CRON for Linux and Scheduled Task for Windows to do the action and link to a script you created in php that does the above and run it.
-
[SOLVED] can I put a variable in an include?
premiso replied to ryan king's topic in PHP Coding Help
Glad to hear you worked it out. Topic Solved is on the bottom left hand corner above the Quick Reply =) -
$result = @move_uploaded_file($_FILES['image_file']['tmp_name'], $newimage); if(empty($result)) $error["result"] = "There was an error moving the uploaded file."; That will tell you if it was uploaded right or not.
-
[SOLVED] help me please with save listing / save search
premiso replied to work_it_work's topic in PHP Coding Help
You can store an array in a cookie by serialize it and then unserialize it when you retrieve to re-form the array. -
I found this online in the php.net man notes for setlocale. Check that folder to see if you have the japanese language in there. If it is not there, I do not think you can use it.
-
[SOLVED] can I put a variable in an include?
premiso replied to ryan king's topic in PHP Coding Help
You probably want something like this: <?php $band_id = $row['band_id']; include("/members/online.php"); ?> I believe you are wanting to pass the variable to the script and not use it to dynamically define the path...in the include script you should be able to use "$band_id", or even $row['band_id'] if you want to take out that extra step. -
Well if you can fix where the data gets entered, that is ideal. This will/should work for current data, however. It is just a band-aid, as stated you should really fix the problem at it's source: echo nl2br(str_replace('\n', "\n", $listing[$field['Title']])); And see if that does what you want.
-
[SOLVED] can I put a variable in an include?
premiso replied to ryan king's topic in PHP Coding Help
Well we are not mind readers. What is the syntax error and post any relevant code. -
Magic Quotes They are depreciated in PHP 6 and basically just add slashes to data coming from a form that essentially does what mysql_real_escape_string does, just not as thorough. If you mysql_real_escape_string on data that has been escaped with magic quotes, you get a double escape and it creates a mess. So for example the \n character would actually display on a textarea instead of breaking the line like it should. To prevent it, you can turn it off in your php.ini or via ini_set but if you plan to distribute this script, imo, it is better to check get_magic_quotes_gpc and if that is on stripslashes first then use the mysql escape function.
-
Is all the data already in the DB and you are just grabbing that data? Or is this data still able to be entered from a form? If it can be entered from a form, look at the form page and see where the "action" is going to and find that section to locate where the problem could be occuring.
-
What is double escape? should I use this instead: function guard_sql($value) { // Stripslashes if (get_magic_quotes_gpc()) { $value = stripslashes($value); } $value = mysql_real_escape_string($value); return $value; } For a portable script to be used on different systems, that is better. But however, if it is not meant for that MadTechie is right, no need to create a function that just calls another function.
-
$queryUsername = "SELECT username FROM user WHERE username = '" . guard_sql($username) . "'"; Like that you can. Just make sure that Magic Quotes are off, or else that guard_sql function will double escape your data.
-
[SOLVED] can I put a variable in an include?
premiso replied to ryan king's topic in PHP Coding Help
include("/members/{$row['band_id']}/online.php"); Using double quotes it is. Just make sure, if the $row comes from get or an untrusted source that you filter/verify the data before using it. -
mod_rewrite would have to be used to determine this cause you would need a page to grab that data. Assuming you get modrewrite to send the data to a processing page. On the processing page you can explode "/" from the $_SERVER['REQUEST_URI'] in the script that would process the data. Then use the array data to figure out what you need.
-
$data .= "'" . str_replace('\"', '"', mysql_escape_string($row->$field_name)) . "'"; That is where your problem lies. You are replacing the \" with " and then escaping the string on data coming out of the DB. $data .= "'" . mysql_escape_string($row->$field_name) . "'"; Make it that and see if it makes the data appear right. If this does not fix it, then you need to find where the data is being entered from a FROM (post data) and post that section so we can help you fix that part.
-
Yea, I get excited when posting and sometimes forget to watch how/what I type Reading that post now I do realize that I was totally promoting Pear::Mail lol. Whoops.
-
No, but I do not know of any other php mass mailer scripts. I actually have my own mailing script that creates a queue that sends 5 messages every 5 seconds that are in queue in my DB via a Cron Job. I found that to work great, but I know that Pear::Mail has that functionality too, it just requires Pear
-
I guess what I am getting at, is where were you setting $cat1 etc at? I do not know how those are being defined etc, which would make trying to answer your question like having a blind man drive you to the supermarket...post more code and your question will be answered. CV touched on this:
-
I would suggest against storing password in session. Also mysql_close is not needed. I would also set a unique variable like "loggedin" in the session and use that for verification purposes. If you want to use that in a more secure manner, set a hash to be logged in, maybe the time they logged in and their username, store that in the DB and reference it to verify they are logged in properly. I would also change your query to be this: $sql=mysql_query("SELECT name FROM pilots WHERE username='$username' and password='$enc' LIMIT 1"); Limit it by 1 so only that user is returned and since you are only using "name" from the db only return that data to save on processing time etc. Other than that I would say the security is decent. Better than most.
-
Reason you are not getting the answers you want is because you are not giving us much to work with. What do you expect to be outputted from the above code? Why are you referencing [2] of subcats, what is suppose to be stored in there? Where is subcats defined and what does that array look like? Does the current script not print correctly ...or what is the issue?
-
Edit: Beaten to it. =) Modify your .htaccess page and set that error to goto a page say 404.php. At least that is how I do it.
-
No, that is the form field. I mean where you do a mysql_query INSERT INTO xtable....potion, are you doing any data manipulation there?
-
Yea, I complete missed that, however I was sort of on They still would cause problems.
-
If you are redirecting to a page internal, use sessions as Maq said. If not and you want to send data to another website, you would need to use curl