dannyb785

Change the curly braces where you have '{$_FILES['Uploadfile']['Name']}'. Not sure if that's causing the problem, but a cleaner way to do that is: $uploadedfile_name = $_FILES['Uploadfile']['Name']; $sql= "INSERT INTO procedures (Name, Procedure_number, Created_by, Uploadedfile) VALUES ('$_POST[Name]', '$_POST[Procedure_number]', '$_POST[Created_by]', '$uploadedfile_name')"; that should solve your problem

To address the comment about it giving the error just saying "Error:", obviously it's not a mysql error, otherwise it would say something after "Error:", what it looks like the problem is, is that the "move_uploaded_file" is failing, probably because your $targetx is incorrect. I would suggest changing your else statement to say else { //Gives and error if its not die('Error: target='.$targetx.', tmp_name='.$_FILES['Uploadfile']['tmp_name']); } This way you can see exactly what file is attempting to be moved to what folder

maybe I'm missing something, why hasn't str_replace been used? Seems to me thatd be the easiest. Are you trying to convert strings to url-friendly? Or are you trying to find all instances of "XX oz bottle" to convert? If that's the case, a simple str_replace(" oz bottle", "-oz-bottle", $string) is all you'd need.

You're saying it like you may not have control over the size of the image. If you provide php before any image is displayed, you can always set the max height/width When I do image resize scripts, I always check that the height is less than 600 pixels(to fit in most browsers) and to specify the image width/height, I do the following: // code that gets the current image's width/height and puts into $image_width/$image_height if($image_height > 600) { $r = $image_h / 600; // $r is temporary variable that represents the ratio between the image height and 600 $image_width = $image_width / $r; // that ratio is applied to the width $image_height = $image_height / $r; // and then apply the ratio to the height } // so now $image_width/$image_height are set so that the dimensions are proportional to the original, and so that the height is no greater than 600 modify this code accordingly to fit your needs

There's the easy, but more resource-consuming way: make a php script that grabs every row from the table, do a while($row = mysql_fetch_assoc($result)) and in each iteration, do the preg_replace for the specified variable and then do a mysql UPDATE to modify that row I know there's a way to do the search/replace using mysql(provided the $find2 in question is the same for every record) using a find/replace query, but I don't know mysql well enough to be able to help you with that

Javascript is like css, while it is certainly different from html, both are useless without html. You can have html without javascript but you can't have javascript without html. Javascript helps html be more useful, but html can work by itself.

Not sure if you're familiar with the "headers already sent" error but 99% of the time, you get the error when you've output html to the page(even a space or line break is enough) and then attempt to set headers. Find the part where the headers are sent and I almost guarantee you that before that point, you've output something onto the page

I would change the ajax function to ("POST", "process.php") and my process.php page would be the page that processes each input(as a $_POST variable), insert into the database or whatever, and then make the appropriate echo statement(which ajax would spit back out to the page) based on the values that were processed. Personally, I never use GET for forms. Not that POST is really MORE safe, but it helps me visualize things better and the average user can't play around with variables as easily(still can, just not as easily)

Have you tried sending it without specifying the headers as html? When my header is basic like "From donotreply@whatever.com", usually just pasting the url is enough because then the email client(gmail, hotmail, etc) will convert it into a hyperlink automatically. Also, have you tried taking out the "<html><body>" of the email? I feel like that part might clash with the email client's <html> and <body> tags which it has in the beginning of its html code. But your note "but there is simply no link, whereas there is a link when using Gmail." makes me think that if the client has detected the email as spam, that would be one reason why it stripped the html. Or as stated above, there are probably settings in outlook/etc where you can specify how html is treated based on the address it arrives from

IMO, you shouldnt have a script(js or php) that automatically collects all fields' input because a simple hacker could just insert their own input fields(like <input type=text name=whatever value='<script>blah blah</script>'>) and potentially mess things up. Personally, I always collect each field individually and set their own individual variables, run them through their proper filters, and then spit the ajax info back. Sorry if that's not what you were asking; if it wasn't please let me know

Do you mean converting the text that you find into a link? You already have the right idea with your idea converting it into bold, except you would just do <?php $find ="/$word/i"; $replace ="<a href='page.php'>$word</a>"; Echo preg_replace ($find, $replace, $definition); ?> or do go a bit further, perhaps you want the text to be converted into a clickable link that goes to a page that searches for that term? <?php $find ="/$word/i"; $replace ="<a href='search.php?search=$word'>$word</a>"; Echo preg_replace ($find, $replace, $definition); ?> is that what you meant?

Hello all! I used to frequent these boards a few years ago and stopped for whatever reason, but lately I've been needing help and also want to impart my own knowledge on newbies so it's good to be back!

That was an option I thought of, but the pain would be having to go into each mysql database and updating the table with that info for all 20+ sites. If all sites are on the same server, can I enable them to access each other's databases? Like I could create one table in one database with the bot info and all sites would check that one database?

That's awesome, I didn't know there was a folder for global include folder. Does this count for all websites on the same server? So since I'm using shared hosting, could someone also on my server include my .php file in their code?(not that they'd probably care).

I got a good one for you guys, I run 20 or so websites on my server all that have very similar coding structures. On all sites, I have a php script for a mysql table that logs visitors and I filter out bots(google, yahoo, etc, as many as I know of), but since many new ones are discovered weekly/monthly, I hate manually going through all sites and adding the new bot to the array of existing bots for detection. I know there are a few ways to do this, but I'd like to know the most efficient way of basically doing one function/task/opertation and it automatically updating all website's to know the new bots without manually modifying all 20 php files every time. The sites are all on the same server, but at different domains. a few ideas, which are prob not the best 1) have a universal text file that I could update that would be located in some file on one of my sites that just has a list of all bots and then each site would read from that text file to know what bots to filter. 2) have a huge php file to execute that has all connection info/passwords for every site and runs a php script to update the corresponding website's mysql table that would hold each bot as a row in the table. the script would just add a new row with the new bot info. so then ultimately when logging visitors, it would have to read the database each time 3) try to "include" a universal .php file that's located on one of my sites that has the array of all bots. But I've tried to include a file from another domain and I know that's a security error and won't include the file as a .php, but rather the file after it's been processed. There's gotta be a better solution. any ideas?

Oh yeah, i didn't think about that. I'd imagine if you put the result into $result then in each outer loop, set $result2 = $result and then do while($whatever = mysql_fetch_array($result2)) that way you're copying the result and not replacing it. See if that works

Ok I see now. The way it's setup, the inner loop can only be looped once because you call the query outside the loop, and then you run thru it in the first iteration of the outer loop. So if the outer loop has more than 1 row fetched, then it won't have anything to go thru since the first iteration already did. So just as you said, you'll need to query each time in the outer loop to start the loop over again.

try adding quotes around the row arrays so: if($acc_list[id]==$acc_skr[acc_id]) would be if($acc_list['id']==$acc_skr['acc_id'])

I see "take=take=" which can't be right... and I see no "deluser" anywhere...

Hey everyone, I hope it's ok to put this in the miscellaneous section. My friends and I are doing a video for a project and we've decided to parody some popular videos that you see everywhere right now. Like the at&t, freecreditreport.com, jg wentworth, and alltell commercials. Could you post a few commercials that are popular right now that if we were to do a parody of, the audience would catch the reference?

most servers and hosting providers already give this information. For my client, I'm more concerned about how many "visits" the site gets instead of each individual page view. So every time I get a new "visit"(basically, when a new session is created) I create a session variable and then on the next page hit, I check if the session variable has been created. if not, I add a database entry. if so, I don't. Of course, a user can just exit the window and revisit the site and it'll count as a new visit so I have a checker to see if xxx ip and yy browser have visited in the last zz seconds. I also validate ip's(make sure they're formatted correctly) bc ip spoofing can render my method useless

I wasn't hacked because of a script of my own. The only script I had that uploaded images required someone to be logged in to do it anyway. My issue is someone running a script from another server uploading files into mine.

ok so I was hacked a good bit ago and the intruders uploaded phishing scam files to my server. I had the files's permission set to 777. Well that is all changed now and now they're at 711 and i only change it to 777 when uploading a file/picture. Here's my issue: I was testing my file upload script from one server to another server(I have 3 separate servers that are 3 separate websites) like say in abc.com I had a file uploading script to upload to xyz.com/images Thing is... whether I set the images folder to 711 or 777, the file isn't uploaded. Isn't the point of folder permissions that if you wanted, anyone would be able to upload to it, like in my example? because then I tried my upload script opn abc.com's server to upload to abc.com and no matter what the permissions are (711 or 777) they upload without question. So my main question is... how could I files have been uploaded before(when I was hacked) if apparently files can't be uploaded except if the script is run on the same server? and also, what permission set am I best of the set my folders to?

why on earth would you need to have 2 separate database connections in the same script? I've never needed it nor can I ever see needing it.

if you're having questions about hackers hijacking sessions... or if you need to keep track of them for a certain reason, then yes. Otherwise, if you have no use for them, no need to keep track of them