cs.punk
-
Posts
437 -
Joined
-
Last visited
Posts posted by cs.punk
-
-
Anyone?..
Ok I'll make it simpler. DO you escape / when your write JS?
-
Unless they state some special reason for it, you shouldn't.
Even with the CDATA element in place, validators get confused by forward
slashes (like the one in the </em> tag). Whenever you want to use a / character
in JavaScript strings, precede it with a backslash (<\/em>). Doing so helps
the validator understand that you intend to place a slash character at the next
position.
er
-
Just as the title states...
Reading a ebook and is says I should be escaping it like so: "<p>test<\/p>";
-
Ok well i have a dynamic table with data and want two submin buttons. Edit and delete.
The problem i am having is how to create a 'rollover' image in a table cell? I want it filling the whole cell? Although I don't really know how to go about it with CSS.
My other option would be to use plain images?
My table:
<table id='navlist'> <tr> <th>Title</th> <th width='80'>Picture</th> <th width='80'>ID</th> <th width='80'>Edit</th> <th width='80'>Delete</th> </tr> <tr> <td>Test</td> <td>yes</td> <td>1</td> <td id='edit'><a href='/admin/delete.php?id=1'>Edit</a></td> <td id='delete'><a href='/admin/delete.php?id=1'>Delete</a></td> </tr> </table>
And my CSS:
table#navlist { margin: 0 0 0 0px; padding: 0; width: 100%; border: 2px solid #234EC4; background-color: #FFFFFF; } #navlist td { list-style-type: none; background-color: #6AA6FF; color: #000000; text-align: left; padding: 5px; border: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 14px; } #navlist th { list-style-type: none; background-color: #6AA6FF; color: #000000; text-align: left; padding: 5px; border: 1px solid #000066; font-family: Verdana, Arial, Helvetica, sans-serif; font-weight:bold; font-size: 14px; }I was thinking making an ID for delete an edit and use a background image? Er somehow...
Any suggestions on how to go about this?
-
Well uhm... If i understand correctly all a DNS server does is manage a table semthing like this:
- 1.0.0.0 > website1.com
- 1.0.0.1 > website2.com
So where do .com . net . co.uk etc come in? Who regulates them?
- 1.0.0.0 > website1.com
-
Right. From that article:
To upgrade your PC from Windows XP to Windows 7, you'll need to select the Custom option during Windows 7 installation. A custom installation doesn't preserve your programs, files, or settings. It's sometimes called a "clean" installation for that reason.lmao
-
Thanks! And a server that i do have an account with that hosts me.
-
As the title states...
Just wanna know if i can modify PHP's max_upload_size to enable me to upload 20mb files.
-
Just a thought. Make sure your updating php.in in \apache\bin
..
-
Rather than loading the data and setting it to not show why not make it not load at all?
For example
main.php
// bla bla echo "$title"; echo "$rating"; echo "$photo";
list.php
// bla bla echo "$title"; echo "$photo";
-
I've never heard of the curly brace thing so I'd be interested to know if it works.
If not try:
str_replace('$dir', $dir, $whateveryourdatafromMySQLwascalled);
Yeah it worked and guess thats the only option.. Still see it as a waste of resources but oh well.
Oh and the {} never worked so..
-
It is the database! Almost as if its escaped... But in the HTML source (in a browser) its shows $dir..
So php isn't really er... whats the word? *word*.. its just echoing the actual entry..
Preg replace perhaps?..
-
Ok I'll try and explain again..
Database entry: "You are $x years old"
In the actual database there is for example varible $x.
In my php code i set varible $x as 50.
I then echo out the database entry.
But instead of saying "You are 50 years old"(which is what i want) Instead it prints a literal $x "You are $x years old".
Hope i explained myself better... -
From the database
game_src
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="550" height="400"> <param name="movie" value="[color=red]$dir[/color]"> <param name="quality" value="high"> <embed src="[color=red]$dir[/color]" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="550" height="400"> </embed> </object>
PHP:
<?php $sql = "SELECT * FROM games"; $query = mysqli_query($con, $sql) or die; while ($row = mysqli_fetch_assoc($query)) {$dir = $row['path']; $game_src = $row['game_src']; echo "<h2>{$row['title']}</h2> $game_src"; } ?>HTML Source shows:
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="550" height="400"> <param name="movie" value="$dir"> <param name="quality" value="high"> <embed src="$dir" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="550" height="400"> </embed> </object>
Where am i going wrong?
-
the code i posted works fine.
i just want to check if the user is admin or simple user.
thanks for the advice though,
But it might not be secure
-
hi. i am trying to make a simple login system in flash php mysql.I have the database table users and the user is either admin or simple user. i want a php form that will check the role entry and return different result to process it in flash. i have the code for admin login without role which works:
<?php
include_once("settings.inc.php");
include_once("functions.inc.php");
$password = MD5($_GET['userPassword']); // md5()
$query = "SELECT * FROM user WHERE username = '" . $_GET['userName'] . "' AND password = '$password'";
$result = @mysql_query($query);
if($result){
if(mysql_num_rows($result) == 1){
echo "status=ok";
}
else{
fail("The user name and password could not be validated.");
}
}else{
fail("There was an error getting information on the user.", mysql_error());
}
?>
i guess a line is missing to check the roles but i can't think of it!!!! help please.
Firstly use POST rather than GET. It is more secure. Look into mysql_real_escape_string to make your inputs database safe...
Consider if I typed in "test"; die;"..
You might have magic quotes turned on though. This automatically escapes all POST/GET data.
Oh i forget!
I would add a 'rank' column to your table. And do something like this:
<?php include_once("settings.inc.php"); include_once("functions.inc.php"); $password = MD5($_GET['userPassword']); // md5() $query = "SELECT * FROM user WHERE username = '" . $_GET['userName'] . "' AND password = '$password'"; $result = @mysql_query($query); if($result){ if(mysql_num_rows($result) == 1){ echo "status=ok"; $row = mysql_fetch_row($result); echo "status=ok Rank={$row['3']}"; // Which ever is the colunm your rank is starting from 0,1,2,3 etc } else{ fail("The user name and password could not be validated."); } }else{ fail("There was an error getting information on the user.", mysql_error()); } ?> -
Did you write it yourself?
-
1. You mean it must select the date range?
2. A submit button that directs you to a page with all the results from the date range selected?
-
Uhm Im kinda stuck...
<?php if (isset($error)) {echo "<p class='error'>The following errors were found:</p> "; print_r ($error); // missing fields $error['empty'] = array(); foreach ($error['empty'] as $v) {echo "<p class='error'>$v</p>"; } // invalid size foreach ($error['size'] as $v) {echo "<p class='error'>$v</p>"; } // invalid format foreach ($error['format'] as $v) {echo "<p class='error'>$v</p>"; } } // Coming from the xhtml form if (!empty($_POST['title'])) {$rdata['title'] = mysqli_real_escape_string($con, $_POST['title']); } else {$error['empty'][] = "You have not entered a title."; } if (!empty($_POST['desc'])) {$rdata[''] = mysqli_real_escape_string($con, $_POST['desc']); } else {$error['empty'][] = "You have not entered a descreption."; } ?>But every time no error from one array is found but an error is found form another is still uses foreach on it.. and since its not set as an array it gives an error. I cant use
$error['empty'] = array();
because it would blank it when there is an error...
Warning: Invalid argument supplied for foreach() in D:\Chris\reco\xampplite\htdocs\admin\admin.php on line 164
A isset for each array? Is there an easier way?
-
Here is the code
<td width="3%"><span class="headerLinkColor">»</span></td> <td align="left"> <a target="leftFrame" href="<?=ADMIN_FOLDERS_PATH?><?=$folder_name?>/?sid=<?=$sid?>" class="headerLinkColor"> <?=$cat_name?></a> </td> </tr></table> <?PHP if( $flag == 4){ echo "</td>"; $flag=1; }else{ $flag++; } }// for loop ?></tr> </table> </td>And am getting links like this
http://admin/credit_mgmt/?sid=532bb180e67ea7234d73502205321bfe
i need the link to be site url/admin/credit_mgmt/?sid=532bb180e67ea7234d73502205321bfe
any help? thanks
Where is ADMIN_FOLDERS_PATH coming from? Or what is it set as?
-
Hey everyone, I need help with this simple script. Okay, I have files stored in a database that need to be downloaded. Here is the script I have so far:
<?php //Connect to the database require_once('/mysql_connect.php') ; $query = "SELECT enrollment_form FROM students where student_id = {$_GET['student']}" ; $result = mysqli_query($dbc, $query) or die('There was an error with the query. ' . mysqli_error($dbc)) ; $num = mysqli_num_rows($result) ; if ($num == 1) { //Query was successfull //Retrieve the file $data = mysql_result($result, 0, "enrollment_form") ; Header("Content-type: $data") ; echo $data ; } else { //The record does not exists echo '<p>The record does not exists.</p>' ; } ?>The error I am getting is this:
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /home/content/l/i/n//html/Payments/download_enrollment.php on line 14
Warning: Cannot modify header information - headers already sent by (output started at /home/content/l/i/n//html/Payments/download_enrollment.php:14) in /home/content/l/i/n//html/Payments/download_enrollment.php on line 15
Any help on this is greatly appreciated.
Why use mysql_result? Taken from the PHP manual:
When working on large result sets, you should consider using one of the functions that fetch an entire row (specified below). As these functions return the contents of multiple cells in one function call, they're MUCH quicker than mysql_result().
Try mysqli_fetch_row... or better yet mysqli_fetch_assoc
while ($row = mysqli_fetch_row($result)) {echo "Name: {$row['1']} Address {$row['2']}"; } -
Thanks dude I appreciate it! This stuff isn't really well documented huh :-\
-
<?php if(preg_match('/(\.jpeg$ | \.jpg$ | \.gif$)/i', $file_name)) ?>Is it correct?
-
I am looking for a way to make it easier to call events so i can just
call it from the commen .php so i don't have to keep re-writing out the
sql = every time i need it.
Whats the best way to go about doing this.
I am trying to go with php call function, still learning so it's going slow lol.
My issue is, i have a database connect, to table users, when i call that
function nothing happens and no error message.
there was an error.
include "includes/common.php"; function users(){ return ($users); }I will try again after i get home tonight.
Why not show your 'users' function to us?
Auto Display while typing
in PHP Coding Help
Posted
This would be javascript/ajax related.