peter_anderson
-
Posts
150 -
Joined
-
Last visited
Never
Posts posted by peter_anderson
-
-
This line is wrong:
$extract = mysql_query("SELECT * FROM webclientcreate");
You are not setting the id to choose:
$id = mysql_real_escape_string($_GET['id']); $extract = mysql_query("SELECT * FROM webclientcreate WHERE id='$id' LIMIT 1");
Since there is only one result, you can also get rid of the while loop (But keep the contents).
-
Maybe the system should only check email addresses. I'll get that changed.
Here's the API result, BTW: http://stopforumspam.com/api?username=Corey
-
OK, I fixed it by setting up the permissions for the folder to 777.
-
When you have a new line within the email, try using
\r\n
-
I am trying to delete a file via unlink(). It's a .html file, stored in a folder on its own.
// current directory $dir = dirname(__FILE__); $dir = str_replace('classes','',$dir); $file = str_replace('./',$dir,$fr['location']); unlink($fr['location']); if(!unlink($file)){ echo 'err'; } if(file_exists($file)){ echo 'ok1'; }
The $fr['location'] stores the real location, as ./uploads/1303577497/barebones.html.
I've tried every combination I can think of to delete it. I've even deleted it from FTP and re-uploaded it, in case it was a permissions issue, but it refuses to go. When I file_get_contents it, it appears as existing.
Can anyone help?
-
Fixed the two XSS problems (and found a couple more which have been fixed).
The Youtube JS has also been fixed, I was using & rather than + to join the strings.
I could no replicate the Youtube problem - http://www.calicosoft.com/community/index.php?post=216&tid=118
If you were trying to PM CalicoSoft, that error should occur as I had disabled the PM system. The error text will be changed.
-
Also fixed. Subjects are also prevented from being too long without spaces.
-
Both issues fixed.
-
If there are no results, give a 404 header:
header("HTTP/1.0 404 Not Found");
Google will eventually remove it from their DB. You'll also want to give a message saying it wasn't found.
-
$q = mysql_query("SELECT * FROM weekly_picks WHERE tournament = '$tournament' AND usr = '$usr'"); $num = mysql_num_rows($q);
$num will hold how many results tehre are
-
Change the PHP to:
<?php if($visible=="1") echo 'checked="checked"'; ?>
Not tested, but it should work.
-
Your if statement will run only if the query succeeds. You're not checking if there are any results.
-
What is the problem you're experiencing?
-
This line is incorrect:
if (SELECT tournament FROM weekly_picks WHERE tournament = '$tournament')
You need to execute the query and get the number of results:
$q = "SELECT tournament FROM weekly_picks WHERE tournament = '$tournament'"; // execute the query $q = $sql->query($q); // use num_rows if($q->num_rows > 0){ // put the rest here
You will need to change the query & num_rows to fit in with how you do database queries (eg mysql_query)
-
The Topic field is vulnerable to XSS attacks. I have http://www.calicosoft.com/community/forum-2-Testing-Forum.html redirecting to this thread.
This has been fixed.
I registered with real information and I received the below error:
The script checks the username, email address and IP address against the stopforumspam API. A couple of users have reported it's been giving that error. I'll have a look at it again.
This has been fixed, and a custom error handler has been put in place.
Open Directory Listing:This has been fixed.
-
You will need to replace the " (speech mark) for your HTML with a
\"
This will escape the marks, which will get rid of this error.
You'll need to do it to ALL speech marks in your email.
-
that did it.
thanks much.
Mark the topic as solved, please.
-
Query, where $id is the PM ID:
DELETE FROM pm WHERE id='$id' LIMIT 1;
-
First off, your query isn't executing. And I'm unsure if it would run.
Secondly, your loop should be
while($row = mysql_fetch_array($results){
Your while loop states that for every result, it should do the code within the loop. For example, if there are 3 emails (bob@example, jim@example, me@example), it will do bob@example first, then jim, then me.
As it is looping through each result, you should set to:
$to = $row['email'];
-
I can't edit my post, but the code is here:
-
-
Where you have
$_SESSION['logat'] = 1;
Below, add
$_SESSION['username'] = $_POST['username'];
And on user.html, replace
<p id="logat_text"><strong>Salut</strong>HELLO USER </p>
with
<p id="logat_text"><strong>Salut</strong><?php echo $_SESSION['username']; ?> </p>
Although, it is not suggested you have HTML and PHP in the same file.
-
What are you setting each of the variables to?
-
You can't have more than one session.
You could always do
$_SESSION['company_name'] = $companyName
, or make that session variable an array?
Call to a member function query() on a non-object
in PHP Coding Help
Posted
I am changing my script from connecting to the database within every function, to using one connection (in the main class).
However, I am getting an error:
Call to a member function query() on a non-object
Here is the main class:
The test query works fine.
It fails here:
startup in main has already been called before forum is. The DB connects without failure.
Can anyone see what the problem is? How can I get $this->DB->query to work? (The query works fine when it's ran in the main class)