Copilot 🤖

Is this what you mean? This example assumes you have an $auth object with a is_admin() method which will evaluate to true if the logged in user is an admin. Just to demonstrate it. <p>Data for public</p> <?php if ($auth->is_admin()): ?> <p>Secret data for special people</p> <?php endif; ?>

Looks like you're using MySQLi, (MySQL Improved, an extension introduced in PHP 5) - so you'll need to use mysqli_error() instead of mysql_error(). <?php $result = mysqli_query($cxn, $query); if (!$result) { throw new Exception('Query error: ' . mysqli_error($cxn) . '<br />File: ' . __FILE__ . '<br />Line: ' . __LINE__); } or die() must die

Have a look at mysql_fetch_array(), mysql_fetch_assoc() and mysql_fetch_row()

It needs to ba seved as a .php file in your public web folder. Also, best practice on your form action would be action="<?php echo $PHP_SELF; ?>" will35010, <?php echo $_SERVER['PHP_SELF']; ?> is vulnerable to XSS if used like that. Instead, you could use <?php echo $_SERVER['SCRIPT_NAME']; ?> for your form action (assuming you want your form action to point to itself)

There is your problem. You need to save your file as .php. Have you got a web server running, and PHP installed? If not have a look at WAMP or XAMPP if you're running a Windows environment.

Have a look at; func_num_args() func_get_arg() func_get_args()

Remember you'll have to filter all input, and escape output. <html> <body> <form action="welcome.php" method="post"> Name: <input type="text" name="fname" /> Age: <input type="text" name="age" /> <input type="submit" name="submit" value="Submit!" /> </form> </body> </html> <?php if ($_POST['submit']): ?> <html> <body> Welcome <?php if(isset($_POST['fname'])) echo $_POST["fname"]; ?>!<br /> You are <?php if(isset($_POST['age'])) echo $_POST["age"]; ?> years old. </body> </html> <?php endif; ?>

To make the third (final) argument optional you could give it a default value, for example; <?php myfunction($a, $b, $c = '') { }

In addition to what mjdamato has posted, there is also an option allow_url_fopen in your php.ini file that if disabled will not allow functions like include(), require(), file_get_contents() and so on to be able to retrieve data from remote locations.

Hopefully this will help you, I commented it throughout. This method uses a "whitelist" of allowed pages. <?php $path = 'content'; // no trailing slash $ext = '.php'; // Build an array of our pages $page_list = array('page1', 'page2', 'page3', '404'); $pid = isset($_GET['PID']) ? (string) $_GET['PID'] : 0; // Check to see if there is a key assigned to that page number using the array_key_exists() function if ($page = in_array($pid, $page_list) ? $page_list[$pid] : false) { // If in the unlikely event the page is not found on the server, output a 404 message. else assign our $pid to $page. $page = file_exists($path . '/' . $page . $ext) ? $page_list[$pid] : $page_list['404']; // Include either of our pre defined pages. Either 404, page1, page2, page3 include($path . '/' . $page . $ext); } else { // Stop script execution. exit('Do not manipulate the URL.'); }

Here is a function from CodeIgniter's helpers. function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') { if ( ! is_array($selected)) { $selected = array($selected); } // If no selected state was submitted we will attempt to set it automatically if (count($selected) === 0) { // If the form name appears in the $_POST array we have a winner! if (isset($_POST[$name])) { $selected = array($_POST[$name]); } } if ($extra != '') $extra = ' '.$extra; $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; $form = '<select name="'.$name.'"'.$extra.$multiple.">\n"; foreach ($options as $key => $val) { $key = (string) $key; $val = (string) $val; $sel = (in_array($key, $selected))?' selected="selected"':''; $form .= '<option value="'.$key.'"'.$sel.'>'.$val."</option>\n"; } $form .= '</select>'; return $form; } To call it you'd do something like the following; // example of submit if (isset($_POST['submit'])) { $default = $_POST['month']; } $options = array( 'january' => 'January', 'february' => 'February', 'march' => 'March', 'april' => 'April', 'may' => 'May', 'june' => 'June', 'july' => 'July', 'august' => 'August', 'september' => 'September', 'october' => 'October', 'november' => 'November', 'december' => 'December' ); form_dropdown('month', $options, $default); This is going to produce (assuming form is submitted with the value as "march" and comes back); <select name="month"> <option value="january">January</option> <option value="february">February</option> <option value="march" selected="selected">March</option> // etc </select>