peter_anderson
-
Posts
150 -
Joined
-
Last visited
Never
Posts posted by peter_anderson
-
-
This line is wrong:
$extract = mysql_query("SELECT * FROM webclientcreate");You are not setting the id to choose:
$id = mysql_real_escape_string($_GET['id']); $extract = mysql_query("SELECT * FROM webclientcreate WHERE id='$id' LIMIT 1");Since there is only one result, you can also get rid of the while loop (But keep the contents).
-
Maybe the system should only check email addresses. I'll get that changed.
Here's the API result, BTW: http://stopforumspam.com/api?username=Corey
-
OK, I fixed it by setting up the permissions for the folder to 777.
-
When you have a new line within the email, try using
\r\n
-
I am trying to delete a file via unlink(). It's a .html file, stored in a folder on its own.
// current directory $dir = dirname(__FILE__); $dir = str_replace('classes','',$dir); $file = str_replace('./',$dir,$fr['location']); unlink($fr['location']); if(!unlink($file)){ echo 'err'; } if(file_exists($file)){ echo 'ok1'; }The $fr['location'] stores the real location, as ./uploads/1303577497/barebones.html.
I've tried every combination I can think of to delete it. I've even deleted it from FTP and re-uploaded it, in case it was a permissions issue, but it refuses to go. When I file_get_contents it, it appears as existing.
Can anyone help?
-
Fixed the two XSS problems (and found a couple more which have been fixed).
The Youtube JS has also been fixed, I was using & rather than + to join the strings.
I could no replicate the Youtube problem - http://www.calicosoft.com/community/index.php?post=216&tid=118
If you were trying to PM CalicoSoft, that error should occur as I had disabled the PM system. The error text will be changed.
-
Also fixed. Subjects are also prevented from being too long without spaces.
-
Both issues fixed.
-
If there are no results, give a 404 header:
header("HTTP/1.0 404 Not Found");Google will eventually remove it from their DB. You'll also want to give a message saying it wasn't found.
-
$q = mysql_query("SELECT * FROM weekly_picks WHERE tournament = '$tournament' AND usr = '$usr'"); $num = mysql_num_rows($q);$num will hold how many results tehre are
-
Change the PHP to:
<?php if($visible=="1") echo 'checked="checked"'; ?>
Not tested, but it should work.
-
Your if statement will run only if the query succeeds. You're not checking if there are any results.
-
What is the problem you're experiencing?
-
This line is incorrect:
if (SELECT tournament FROM weekly_picks WHERE tournament = '$tournament')
You need to execute the query and get the number of results:
$q = "SELECT tournament FROM weekly_picks WHERE tournament = '$tournament'"; // execute the query $q = $sql->query($q); // use num_rows if($q->num_rows > 0){ // put the rest hereYou will need to change the query & num_rows to fit in with how you do database queries (eg mysql_query)
-
The Topic field is vulnerable to XSS attacks. I have http://www.calicosoft.com/community/forum-2-Testing-Forum.html redirecting to this thread.
This has been fixed.
I registered with real information and I received the below error:
The script checks the username, email address and IP address against the stopforumspam API. A couple of users have reported it's been giving that error. I'll have a look at it again.
This has been fixed, and a custom error handler has been put in place.
Open Directory Listing:This has been fixed.
-
You will need to replace the " (speech mark) for your HTML with a
\"
This will escape the marks, which will get rid of this error.
You'll need to do it to ALL speech marks in your email.
-
that did it.
thanks much.
Mark the topic as solved, please.
-
Query, where $id is the PM ID:
DELETE FROM pm WHERE id='$id' LIMIT 1;
-
First off, your query isn't executing. And I'm unsure if it would run.
Secondly, your loop should be
while($row = mysql_fetch_array($results){Your while loop states that for every result, it should do the code within the loop. For example, if there are 3 emails (bob@example, jim@example, me@example), it will do bob@example first, then jim, then me.
As it is looping through each result, you should set to:
$to = $row['email'];
-
I can't edit my post, but the code is here:
-
-
Where you have
$_SESSION['logat'] = 1;
Below, add
$_SESSION['username'] = $_POST['username'];
And on user.html, replace
<p id="logat_text"><strong>Salut</strong>HELLO USER </p>
with
<p id="logat_text"><strong>Salut</strong><?php echo $_SESSION['username']; ?> </p>
Although, it is not suggested you have HTML and PHP in the same file.
-
What are you setting each of the variables to?
-
You can't have more than one session.
You could always do
$_SESSION['company_name'] = $companyName
, or make that session variable an array?
Call to a member function query() on a non-object
in PHP Coding Help
Posted
I am changing my script from connecting to the database within every function, to using one connection (in the main class).
However, I am getting an error:
Call to a member function query() on a non-object
Here is the main class:
<?php class main{ // the configuration vars public $config; // the current user variables public $uid = 0; // contains the user ID public $gid = 0; // contains the group ID // database variables public $DB; // contains the connection public $query_id; // contains the query ID public $query_count; // how many queries have there been? // cache variables public $cache; public $test = 'hi'; // initiate public function __construct(){ } // start up functions public function startup(){ // first, set up the caching if($this->config['use_memcache'] == true){ // start up cache require_once('cache.class.php'); $this->cache = new cache_TS(); } // now, set up the DB $this->connectToDatabase(); // now, set up the user session $this->setUserSession(); // are we logged in? If so, update our location if($this->uid > 0){ // update location $this->updateUserSession(); } } // connect to database public function connectToDatabase(){ // connect to database $this->DB = new mysqli($this->config['host'],$this->config['user'],$this->config['pass'],$this->config['db']); // were we able to connect? if(!isset($this->DB)){ // this is an error exit('could not connect to the database.'); } // test query $q = "SELECT id,title FROM topics WHERE id='1' LIMIT 1;"; $q = $this->DB->query($q); $r = $q->fetch_assoc(); echo $r['id'] . $r['title']; // send back return $this->DB; } // some removed....The test query works fine.
It fails here:
<?php class forum extends main{ public function viewTopic($tid){ // Connect To Database //$sql = new mysqli(db::$config['host'], db::$config['user'], db::$config['pass'], db::$config['db']); // Get assorted details (topic, forum, etc) // Get topic details $tid = intval($tid); $tq = "SELECT * FROM `topics` WHERE id='$tid' LIMIT 1"; $tq = $this->DB->query($tq); $tr = $tq->fetch_assoc();startup in main has already been called before forum is. The DB connects without failure.
Can anyone see what the problem is? How can I get $this->DB->query to work? (The query works fine when it's ran in the main class)