Maq

Sorry, I don't understand. I don't think this is a MySQL problem but a logic one. Where is your submissions and logic to handle when this query is executed?

You can look through all of his posts, they're all legit. And if he was to rig, wouldn't he do it a lot higher than that, like 117,000?

This is one of the funniest and original sites I've come across in a while. I'm sure some of you have seen this but for those of you who haven't - HCwDB (Hot chicks with douchebags). If you go to this site, please check out the bags (and chicks), in the "Hall of Scrote" section.

Congrats You seem to illustrate this point very well, 72% of your posts are in here. Although the Misc section doesn't drive an immense amount of traffic, I do find a lot of interesting/funny threads there.

Not at the time. I went through every link and the only one that brought me to something that remotely looked like a site was, "/hi", and now it seems not exist.

hno, Please just refer to the manual, while Mark Baker is correct, it will explain everything and much more - mysqli_num_rows.

strtotime isn't recognizing the format, 'Y m d H:i', do you have to use that for '$now'?

I think you meant to give this link - http://www.uploadfast.isgreat.org/hi/ What is this? Your site links to a bunch of advertisements. When you upload a file it shoots you to some other site, or so it seems, with no confirmation of your upload, no URL where it can be found, nothing. The only other link on your site, "Details", links to "Freetemplates.com". You have 1 field to upload a file and that's it, no other features, no personal accounts, no specs on how much, how big you can upload... etc. Security - You don't check the extension of the file being uploaded. If it's just an image hosting service, then only allow image extensions. - With SQL Inject Me you have 19 failures, check it out for yourself. Unless you want a critique on the design and looks I suggest working a little more than a week and come back for some solid feedback.

Define "tools". Are you referring to actual applications, frameworks, libraries, what specifically?

Sure, that's why we're here. This is a basic debugging technique that you should get used to. For more, see here - http://www.ibm.com/developerworks/library/os-debug/. It was written in '05 but most of the information still holds true. Good luck.

It's always good to try/test things out before asking questions.

Please post the code that's handling this.

Are these POST or GET values? From what you have said I will speculate GET. Either way, they are contained in arrays in which you can print out (after you submit): print_r($_POST); //and print_r($_GET);

Looks fine. Have you echoed '$topic' to see if the value is being passed properly? Does the "Thank you for contacting us..." print out?

Do you have an editor with a syntax highlighter? This should have been easy to spot with one.

I think you want your query like this: $sql=mysql_query("SELECT * FROM myfiles WHERE user='".$USERname."' AND (file LIKE '%.zip' OR file LIKE '%.gmk' OR file LIKE '%.exe')");

You can use the MySQL aggregate function SUM() rather than getting the sum of an array. You are giving the the array_sum() function an integer rather than an array. The way you were doing it wouldn't work anyway. You can retrieve the sum in a single query by using what I described above.

What happens when you run your code? Why is it wrong? I'm still confused on the pattern of transforming table1 into table2... (Please surround your code with tags)

header Modify this code to rename your file: $file_name = $_FILES['file']['name']; //Getting the file name

When you click on the author's name link in a tutorial or blog, it displays the incorrect dates for all the persons blog and/or tutorial entries. i.e. I just posted this blog and it claims the published date was "on December 6, 2009" in my profile: http://www.phpfreaks.com/profile/Maq

Apparently you're a little too simple. Maybe you're better off with a 3rd party script. This may tickle your fancy - http://www.easyphpcalendar.com/index.php.

lol my head is spining hmmmm yes i get u to some point and still didnt get the question and why would u use this : and how to fix it? i mean this problem It depends on your logic. We're not sure how you perform your searches and against what. You may just be able to strip out certain characters before you submit.

We need to see the relevant code in "process.php", the form looks fine.

There's no reason to check if the username is blank when you have the LIKE clause that only selects the usernames with search in them. If they are blank, they won't be selected. Try: function runBrowse($search){ $qSearch = mysql_query("SELECT * FROM users WHERE username LIKE '%$search%' LIMIT 10"); while($results = mysql_fetch_array($qSearch)) { echo $results['username']; } } And please learn to properly, or at least consistently, indent and format.

Be careful, cause you may want the value of each element of the array rather than the key. You can obtain the value by adding this to your foreach loop: foreach ($_POST['move'] as $key => $value) NOTE - Click "topic solved" bottom left.