Wolphie

Thanks!

Hi, i'm having trouble using the following function. When ever i wish to update fields in my database it automatically escapes the quotes(Which i do not want it to do) - So i've tried using regex to replace the \" with a standalone quote ". Update once: <div id=\"example\">Example</div> Update twice: <div id=\\\"example\\\">Example</div> The preg_replace(); function isn't working. So i'm not sure if its my code or not. (I also do not know the hex for the backslash key) case "validate": @include("validate.php"); $title = $_POST['title']; $description = $_POST['description']; $keywords = $_POST['keywords']; $footer = $_POST['footer']; $header = $_POST['header']; $sql = sprintf('UPDATE `site_options` SET title = \'%s\', description = \'%s\', keywords = \'%s\', footer = \'%s\', header = \'%s\'', mysql_real_escape_string($title).preg_replace(\x92\x22/g, '"'), mysql_real_escape_string($description).preg_replace(\x92\x22/g, '"'), mysql_real_escape_string($keywords).preg_replace(\x92\x22/g, '"'), mysql_real_escape_string($footer).preg_replace(\x92\x22/g, '"'), mysql_real_escape_string($header).preg_replace(\x92\x22/g, '"') ); if(mysql_query($sql)) { echo 'Site Information Updated'; } else { die("Error: " . mysql_error()); } break;

Problem resolved. ($con was the problem). Thanks for all of your help. I may be back pretty soon since i'm attempting a rather large project on my own. (A mini content management system)

The $con variable is set inside the config.php file. The connection to the database is fully functional because creating a module specifically for the left dimension works. I'm having trouble using the drop down selection box to define which dimension to input into the database.

Hi, i've been having some trouble with my script i've created below. I'm not quite sure on how to correct it. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <link rel="stylesheet" href="styles/style.css" type="text/css" /> <script type="text/javascript" src="js/jquery.js"></script> <title>CMPS - Modules</title> </head> <body> <?php require("includes/config.php"); $var = $_GET['do']; switch($var) { default: ?> <a href="modules.php?do=create">Create New Module</a><br /> <a href="modules.php?do=edit">Edit Module</a><br /> <a href="modules.php?do=delete">Delete Module</a><br /> <? break; case "create": @include("create"); ?> <table cellpadding="0" cellspacing="0" border="0" align="center" class="create"> <form action="?do=createnew" method="post"> <tr><td> Table: </td><td> <select name="selections"> <option value="left">Left</option> <option value="center">Center</option> </select> </td></tr> <tr><td> Title: </td><td> <input type="text" maxlength="100" size="25" name="title" /> </td></tr> <tr><td> Content: </td><td> <textarea cols="20" rows="5" name="content"></textarea> </td></tr> <tr><td> </td><td> <input type="submit" value="Submit" style="font-family: Tahoma; font-size: 11px;" /> </td></tr> </form> </table> <? break; case "createnew": @include("createnew.php"); function selectTable() { $var = $_REQUEST['selections']; $title = $_POST['title']; $content = $_POST['content']; switch($var) { case "left": $head = '<tr><td width="20%" class="modhead" width="500" height="35">'; $body = '<tr><td width="20%" class="modbody" width="500" height="35">'; $sql = sprintf("INSERT INTO `left` (title, content, head, body) VALUES( '%s', '%s', '%s', '%s' )", mysql_real_escape_string($title), mysql_real_escape_string($content), mysql_real_escape_string($head), mysql_real_escape_string($body) ); if(mysql_query($sql, $con)) { echo 'Module Created. [<a href="index.php">Home</a>]'; } else { die("Error: " . mysql_error()); } break; case "center": $head = '<tr><td width="20%" class="cmodhead" width="180" height="35">'; $body = '<tr><td width="20%" class="cmodbody" width="180" height="35">'; $sql = sprintf("INSERT INTO `center` (title, content, head, body) VALUES( '%s', '%s', '%s', '%s' )", mysql_real_escape_string($title), mysql_real_escape_string($content), mysql_real_escape_string($head), mysql_real_escape_string($body) ); if(mysql_query($sql, $con)) { echo 'Module Created. [<a href="index.php">Home</a>]'; } else { die("Error: " . mysql_error()); } break; default: echo "Table does not exist. Please select a table from the drop down selection box."; break; } } selectTable(); break; } mysql_close($con); ?> </body> </html> Here is the error message: Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in C:\xampp\htdocs\dev\dave\modules.php on line 127 Thanks if anybody can help. I appreciate it.

So basically i have to do foreach($bannedip as $value){ if($_SERVER['REMOTE_ADDR'] == $value) { die("You are not authorised to view this page); } else { (the rest) } }

Okay, i'm pretty experienced with PHP scripting. Although this is the first time i've tried using arrays to ban IP addresses. It says that the IP address is banned, but it still displays the form along with the ban message. I only want it to display the ban message and not the form. Any ideas? $page = $_GET['do']; $bannedip[0] = '127.0.0.1'; $bannedip[1] = '172.202.42.139'; foreach($bannedip as $value) { if($_SERVER['REMOTE_ADDR'] != $value) { switch($page) { case "validate": @include("validate.php"); echo '<title>Quiz Script - Add Question</title>'; $question = $_POST['question']; $answer = $_POST['answer']; if($question == "" || $answer == "") { echo '<center><span style="font-size: 15px; font-family: Tahoma;"><u>You must fill in the feilds!</u></span></center>'; } else { $sql = "INSERT INTO quiz (question, answer) VALUES ('$question', '$answer')"; if (!mysql_query($sql, $con)) { die("Error: " . mysql_error()); } echo '<center><span style="font-size: 15px; font-family: Tahoma;"><u>Question Submitted Successfully!</u></span></center>'; } default: echo '<title>Quiz Script - Add Question</title>'; echo '<center><table width="15%" border="0" cellpadding="0" cellspacing="0" style="font-size: 11px; font-family: Tahoma;">'; echo '<span style="font-size: 11px; font-family: Tahoma;"> <h2>Add Question</h2><br /><br />Please do not abuse this feature. This database is checked constantly.</span><br /><br /><br />'; echo '<form action="?do=validate" method="post" enctype="multipart/form-data">'; echo '<tr><td width="100%">'; include("modules/charleft.php"); echo '</td></tr>'; echo '<tr><td width="50%"><input type="submit" name="submit" value="Submit" style="font-family: Tahoma;" /><input type="reset" value="Reset" style="font-family: Tahoma; " />'; echo '</td></tr></form></table></center>'; break; case "game": @include("game.php"); echo "Question 1"; echo "\r\n"; echo "Answer"; break; } } else { switch($page) { default: echo '<title>Quiz Script - Add Question</title>'; echo '<center><span style="font-size: 15px; font-family: Tahoma;">You are not authorised to view this page. <br /> This is most likely because your IP [' . $_SERVER['REMOTE_ADDR'] . '] has been banned.<br />If you have any queries please email <a href="mailto:Wolphie_@Hotmail.com"> Wolphie_@Hotmail.com</a><br /><br /></span></center>'; } } } echo '<br /><br /><br /><center><span style="font-size: 11px; font-family: Tahoma;">2007 ©Copyright PHUX Development. All Rights Reserved.</span></style>'; ?>