[user website]

hey,thanks but im using prepared statements...dont know if theres anything in that code that will help but i know real escape is not necessary anymore, so, maybe the rest wount be useful either ?

im having a look at dom xss attacks and ive found some info, so hopefull i can nail the problem with ease

 

[AJAX Help]

for some reason it stopped redirecting my pages yesterday, when it did so for weeks.

i searched the net and it says something like if you write any code (or text, im not sure) before the header redirect, it wont work.

[AJAX Help]

or

refresh meta tag (google it)

 

the header doesnt always work...........and the onload is javascript

 

these are your options, pick 1

 

i pick number 3

but sir, yoo haven't read your options yet

i dont care, im the president, i supposed to lead..not read..

[Flash File Upload]

wondering; my don't you google these kind of things?

*note that i actually earn for publicizing Google*

 

[Php includes causing bad design issues]

including files can include also a line break

which can throw off a design

save your phps as utf-8 (no mark <=> BOM)

search wiki for that info if you like

[[SOLVED] updating multiple columns with mysqli prepared statements]

sorry, i got it working

it was a missing 's'

i just asked cause i didnt find this exaxmple online, and was guessing

 

$stmt = $mysqli->prepare("UPDATE table SET col1 = ?, col2 = ?, col3 = ? WHERE id = ? ")
$stmt->bind_param('sssi', $var1, $var2, $var3, $id);

 

 

[my if else statement not working.]

yeah you have to set each post var in a session var and echo each session var in each fields value

[Simple email a page script?]

search "send image to email with php" -that should get you somewhere

if not then break it up

 

send image with php

email script php

 

that'll surely get you somewhere

[[SOLVED] updating multiple columns with mysqli prepared statements]

so how do i do it?

 

all i find is how to update one column

 

ive tried SET (col1,col2) VALUES ($var1, $var2) WHERE...

and SET col1 = ?, col2 = ? WHERE

 

but these havent worked

 

appretiate help

[[SOLVED] needing help to setup prepared statements]

the database wasn't being populated.

[[SOLVED] needing help to setup prepared statements]

it was the NULL

 

$stmt = $mysqli->prepare("INSERT INTO table VALUES (NULL, ?, ?, ?)");
$stmt->bind_param('sss', ...

 

works

 

thanks

[[SOLVED] needing help to setup prepared statements]

hey, why doesnt this work?

 

/* QUERY */
$mysqli = new mysqli('host', 'user', 'password', 'database'); 

if (mysqli_connect_errno()) {
    echo "error";
    exit();
} 

$stmt = $mysqli->prepare("INSERT INTO table VALUES (?, ?, ?, ?)");
$stmt->bind_param('isss', NULL, $var1, $var2, $var3); 

	$var1Raw = substr($_POST['var1'], 0, 50);
	$var2Raw = substr($_POST['var2'], 0, 300);
	$var3Raw = substr($_POST['var3'], 0, 50);

  		$var1 = mysql_real_escape_string(trim(strip_tags($var1RAW)));
	$var2 = mysql_real_escape_string(trim(strip_tags($var2RAW)));
	$var3 = mysql_real_escape_string(trim(strip_tags($var3RAW)));

	$stmt->execute();
	$stmt->close();
	$mysqli->close();

 

i know i dont need the mysql_real_escape thingie but it should work with whatever functions i use, and im being stuborn

[user website]

because i'm pretty sure i sanitizing everything and still some testings broke the database somewhere

[user website]

so, lemme get this straight:

as long as i sanitize user input entering the db, and sanitizing db content when parsing it to html, there shouldnt be a way to harm my databse with sql injections?

[user website]

becausei didnt want it in public view, specially if its not workin

[user website]

http://pastie.org/private/7rwkfvbpfoixbp4fkmt19q

[user website]

yeah im using mysql_real_escape

check now please

did you test another file beside addex, addref?

 

[user website]

login details:

 

joyce/12345

[PHP/AJAX]

can ajax hang on a single connection?

if so, how?

[user website]

hey, glad everything looks fine so far

if you could pass the registration form also to test it please?

 

[user website]

hey,

im looking for people to try out mi website.

let me know about any flaws, text errors, bugs, out of place echoes, etcetera

 

www.dealstesting.co.cc

 

thanks

[does a successfull query mean a valid onE?]

$grabpm = mysql_query("SELECT * FROM pmsystem WHERE to = '$to' AND id = '$id'");

when i do

 

if ($grabpm)

 

does this also mean that it is tested for validation of the query like for example if there is no existing $id in the db, does the IF turn out false?

 

[ThickBox modal window]

nevermind,

i've used another modal.

 

cheers

[ThickBox modal window]

im trying to get a div's content to show in the modal

oddly enough, this sound like the basic workings of a modal..

but the script is made so that  the divs content has to show in the parent website, to appear in the modal

 

tried visibility:hidden for the div, is result in hidden in the modal too. then i gave up

lied. i thought about changing the divs visibility when i open the modal but then the div in the parent would show also.

 

another thing is to remove the fade effects.

 

http://jquery.com/demo/thickbox/

using the inline content

[ThickBox modal window]

not really having issues.

i was hoping someone would have messed around long enough with it so they would know how to tweak it