mikesta707

Is there a specific reason you salt one password but not the other? why not just salt both or salt neither...

Simple error. you never define $row. perhaps you mean to stick the following line after your $result=.. line $row = mysql_fetch_array($result); also, I don't know how your table is structured, but are you sure column1 is the correct column? Instead of column1 perhaps it should be ApplicationStatus

hmm, can you post the code you used with absolute pathing? Maybe you did something wrong with the absolute pathing. Does index.php only contain that 1 include statement, or is their more? Beyond some simple error, I really can't see why it wouldn't be able to find config.php. Perhaps you should open a ticket with your hosting provider

I'm kind of confused. If you want to check if the fb_id has a value, like you did in your first snippet, than wrap the second snippet with that if statement you use in the first. I think I may be missing something here. Can you perhaps explain a little better. Also, you can use the empty() function rather than checking of the fb_id is not equal to an empty string. For example if (!empty(get_option('woo_fb_id'))) { ... }

Hmm, strange. Theoretically using '../config.php' should work. Have you tried using absolute using an absolute URL rather and a relative one?

You seem to have a space in your column name. This is not very good practice because, as you can see, it starts creating errors when you try to use the column name in queries. To get around this, you can try using backticks "`" (the symbol behind the 1 on your keyboard). IE if (!empty($var6)) $where .= (empty($where) ? "WHERE " : "AND ") . "`creator_id` = '$var6'"; Hope this helps

assuming that your subdomain's root folder is in the main root folder of your site, and config.php is also in the main root folder of your site, using ("../config.php") should work. What is your file structure like? What page is the include statement written in? Where is said page located?

Can you post the code you are using? It's hard to give a definitive answer without seeing what you are working with

Ok, a couple of things. Firstly, when posting code, use code or php tags please. Secondly, don't just post your login information for your mysql tables. Most people here are nice, but someone could just come to the post, and have all your mysql tables and such. You need to give more information. What exactly is happening when you run that code? What do you expect to happen, and how is what is actually happening differ? Your validation is somewhat pointless. You check to see if things are empty, and if they are you set those variables to false, but you do the same thing whether those variables have a value of false, or an actual, meaningful value. I'm also not quite sure what exactly it is you want? If I am understanding correctly, you have 4 input boxes, and based on the values in those 4 boxes, you return information from the database that matches any of the 4 input boxes. Am I interpreting your post correctly? I also don't really understand why you add an empty row at the end of the table, but that really isn't a problem. Anyways, you code seems fine-ish to me, besides a few stylistic issues. What exactly is happening?

this woudn't use the timestamp that OP has retrieved from the database. This would simply print the current date. As TLG said, OP simply needs to reverse his parameters. He has them in the wrong order. Like so: <span class="goal_head f_right mrm"><?php echo date('F j', $goal['complete_date']); ?></span>

When you don't provide a specific key for a value in an array, PHP automatically uses the next available numeric index. In your example, the next available one would be the first numerical index, which is 0. So for example, if I used the following array in your code $arr = array("key" => "value", "value2", "value3"); then the result would be key value 0 value2 1 value3 This is how PHP works, and you won't really be able to achieve the result you are looking for. Why exactly are you trying to have an empty string as an array key? This kind of defeats the purpose of an associative array EDIT: Oh I realize what you were getting at, sorry I missread your post. Are you just trying to check if the key=>value pair has a non numeric index? In that case you can use what TLG posted. However, for such a simple pattern, regex seems like overkill. The is_numeric() function should suffice. For example $arr = array(... some stuff in here ...) foreach ($arr as $key => $value){ if (is_numeric($key) { //there was no key name for this entry } else { //this entry has a key name } }//end foreach

A couple of questions. First, is the row being updated at all in the database, and just the description is becoming empty? or is the row not being updated at all? Do you have any mysql errors? Are you sure that if statement is executing as true? For your echo, is not echoing nothing at all (IE not even being executed) or is editor variable simply empty? A couple of things you need to try to give a little more information before anyone can help you. First, turn error reporting on (Nothing in that code seems to indicate what the status is for error reporting). You can achieve this by sticking the following code at the top of your page ini_set('display_errors',1); error_reporting(E_ALL); Secondly, try viewing the structure of the $_POST array, so you can determine whether it looks like you expect it to look like. This can be achieved with the following code print_r($_POST); Beyond that, you haven't really given enough information to help you. Your code SEEMS ok, but there may be some underlying problem that isn't readily apparent. As a side note, when posting code, please only post the relevant code. It makes it much easier for us to help you when we don't have to trudge through a bunch of irrelevant CSS and Javascript. Hope this helps

Hello. So i have a bunch of thumbnails, and using Jquery, I binded a click event (using click() method) to them which changes the thumbnails to the actual large image. This works perfectly. I also bind the "load" event to these images that does something based on the width of the image. This also works. However, I also have some functionality on this page which hides certain divs, and reshows them. This works, but because I do this, I also use the live() method to dynamically bind the click event to the thumbnails whenever they are shown again (otherwise, when you hide and show said div, the click event doesn't work). This works perfectly, but when I try to dynamically bind the "load" event to the images, it doesn't work at all. The event doesn't even seem to fire (I tested with some strategically placed alerts) The code goes as follows: This is the code that works. It binds the click and load event $('img[class="thumbnail"]').each( function( i ) { //alert($(this).html()); that = $(this); $(this).attr("id", "ext-image-expandable-" + i) $('#ext-image-expandable-'+i).click(function(e) { //alert("clicked");// mouseX = e.pageX; mouseY = e.pageY if ($(this).attr("src").indexOf('&thumb=1') != -1){ $(this).attr("src", $(this).attr("src").replace('&thumb=1','')); widthIMG = parseInt($(this).width()) //alert(widthIMG); $(this).attr("style", "display:none"); //alert($(this).width()); $(this).fadeIn(1000); }//end if else { //alert("big"); $(this).attr("style", "display:none"); $(this).attr("src", $(this).attr("src") + '&thumb=1') $(this).fadeIn(1000); }//end else //alert("end click"); return false; });//end .click $('#ext-image-expandable-'+i).load( function() { var obj = '<div class="ext-image-popup ext-remove" id="ext-big-img-popup" style="padding:10px;background-color:#F1E7C8; border: 2px black solid;z-index:10; position:absolute; top:' + mouseY + 'px; left: ' + mouseX + 'px;"><span style="float:left"><a href="#" id="closeWindow">X</a> Image too large, expanded into window: <a href="'+that.attr("src")+'" target="_blank">Click here to open in new tab</a> </span><span style="float:right"> <a href="#" id="closeWindow">X</a></span>'; var obj2 = "</div>"; var imgWidth = $(this).width() //alert(imgWidth) if (imgWidth > 850){ // alert("too big"); toappend = obj + '<img src="' + $(this).attr('src') + '" />'+obj2; //alert(e2.pageY); $('body').append(toappend) $(this).attr("src", $(this).attr("src") + '&thumb=1') $(this).fadeIn(1000); }//end if }); });//end .each Now below, the first function works fine (the click event) but the load doesn't work. $('img[id^="ext-image-expandable-"]').live("click",function(e) { //alert("clicked"); mouseX = e.pageX; mouseY = e.pageY if ($(this).attr("src").indexOf('&thumb=1') != -1){ $(this).attr("src", $(this).attr("src").replace('&thumb=1','')); widthIMG = parseInt($(this).width()) //alert(widthIMG); $(this).attr("style", "display:none"); //alert($(this).width()); $(this).fadeIn(1000); }//end if else { //alert("big"); $(this).attr("style", "display:none"); $(this).attr("src", $(this).attr("src") + '&thumb=1') $(this).fadeIn(1000); }//end else return false; });//end .live //load function $('img[id^="ext-image-expandable-"]').live("load", function() { alert("live load"); var obj = '<div class="ext-image-popup ext-remove" id="ext-big-img-popup" style="padding:10px;background-color:#F1E7C8; border: 2px black solid;z-index:10; position:absolute; top:' + mouseY + 'px; left: ' + mouseX + 'px;"><span style="float:left"><a href="#" id="closeWindow">X</a> Image too large, expanded into window: <a href="'+$(this).attr("src")+'" target="_blank">Click here to open in new tab</a> </span><span style="float:right"> <a href="#" id="closeWindow">X</a></span>'; var obj2 = "</div>"; var imgWidth = $(this).width() //alert(imgWidth) if (imgWidth > 850){ // alert("too big"); toappend = obj + '<img src="' + $(this).attr('src') + '" />'+obj2; $('body').append(toappend) $(this).attr("src", $(this).attr("src") + '&thumb=1') $(this).fadeIn(1000); }//end if });//end live I'm wondering of binding to the load event dynamically is even possible. I don't see why this wouldn't work. Anyone have any ideas? This is really stumping me. Thanks in advance for any replies

Alternatively you can use htmlentities() The difference is that strip tags simply removes all tags in a string, while html entities will turn the html into their respective entities (click the link for more info on what exactly entities are.) so if someone put in <script> // imma h4x0r j00 </script> strip tags would make it look like //imma h4xor j00 while html entities will make it look like <script> // imma h4x0r j00 </script> but that won't execute, it will just output to the page

depends on what kind of search you are doing. Theoretically, you could open your files one by one, and search all those pages for the keyword or search term. However, it would be a lot easier, and much much faster if you did a SQL query. Your pages don't necessarily have to be entirely stored in SQL, but some sort of way to link a page with what type of information is needed at the least

I don't see why anyone would get upset at calling HTML a language. it is. In fact, the word language is right in the name (Hyper Text Markup Language) Perhaps people get upset about people calling HTML a programming language, as its not, but thats neither here nor there. As far as certain syntax issues you are having trouble with, what exactly are they? Coming from a C background, most of the syntax should be pretty familiar (Hell, the PHP interpreter is written is C!) Perhaps your talking about some the SQL syntax? Can you show an example? As far as if it's normal, yes it is normal to have at least some trouble getting used to the syntax of a new language, especially if you have limited experience with programming in general. Books are great resources (assuming they are up to date) but a combination of a book, and the internet for further reference is always good. I would suggest, as mjdamato says, looking up purely PHP tutorials then moving on to PHP which includes some SQL

just concatenate. $employee = $_GET['employee']; $email = "employee".$employee."@test.com"; if you echo employee, and $employee is 2, then it would echo employee2@test.com

$result is a mysql resource, not the column information. if you want the row info, even if you only select one column, you have to use one of the mysql_fetch_XXX functions. Example with fetch_assoc .... $row = mysql_fetch_assoc($result); $username = $row['username'];//where 'username' is put the name of the column Also, you don't sanitize your inputs at all. That script is open to a SQL injection. mysql_real_escape_string() should be used on all input variables you use in queries. For example: $username = mysql_real_escape_string($_POST['username']); $query = "select .. blah blah ... WHERE USERNAME='$username' AND .. blah";

Well that text file is horribly formatted, and almost unreadable, so I'm not going to go through it, but we need WAY more information to help you. What kind of attack did he execute? is there perhaps a vulnerability in one of your pages. Telling us you were hacked and hoping someone can point out an error in your php.ini is like trying to find a needle in a haystack. My guess (and this is a completely blind guess at that) is that you may not be escaping input from the user correctly when using that input in queries. This may be because you have poor security in your script, or you have magic_quotes_gpc enabled, and try to escape an already escaped string. Regardless, please post some more information. Perhaps the PHP of the page that was attacked.

why not simply add 5 to it without having to select it mysql_query("UPDATE garage SET speed=speed + 5 WHERE id='$car' AND owner='$username'") OR DIE ("Couldnt add 5mph"); that'll add 5 to the current value without having to do a whole other query

what errors are you getting.

by the way, that for loop doesn't make any sense. for( $i = 0; $i < $row = mysql_fetch_array($result); //specifically //$i < $row = mysql_fetch_array($result) this will technically work because of the way that PHP treats comparisons between different types, but probably does not work the way you think it does. What actually happens is that $row is usually an array, and when you compare an array and an integer, an array is always greater. However, when mysql_fetch_array returns false (or some value that casts to false), which will than make the condition false, and exit the loop. perhaps you meant this for( ; $row = mysql_fetch_array($result) ; ) //or more commonly while($row = mysql_fetch_array($result)) Note: your loop probably "works", but just letting you know it may work in an unintended way. and the way your code is now, you don't actually have a string to use trim on because you just echo the results of the query, without storing them $str = "";//create empty string while( $row = mysql_fetch_array($result)) $str .= $row["name"]. ' & '; //concatenate values $str = trim($str, ' & '); echo $str; ?>

do a print_r and you will be able to see the format of $_SESSION['search_result']. It is probably different that what you think. since you do this here while($row = mysql_fetch_array($result)){ $_SESSION['search_result'][] = $row; } $_SESSION['search_result'] becomes a numeric array, it would look something like $_SESSION['search_result'][0] = first row $_SESSION['search_result'][1] = second row If you wanted to access a certain column of one of the rows, you have to specify it $_SESSION['search_result'][0]['team_name'];

try using wildcards with like servername LIKE '%$search%' which will match a name with $search in it. (like if you typed myserv, it would match myserver, but NOTserver.) but like mchl said, it sounds like you are looking for a more comprehensive string match, like regex

LIKE in Mysql is an operator, much like =. so if you want to use it then... well... use it. just replace the = with Like, for example SELECT column FROM table WHERE somecolumn LIKE 'someValue' also, the bit about 2 queries to the same table, it would be a lot more efficient if instead of preforming 2 queries, just preform one, store the data in an array, and then use that array