Logical1

I know I typed it here wrong in the actual code it is typed correctly.

Hello I save the date of record creation in a colum called PDate in MySQL and use the following querry: $Tdate = date('Y').date('m').date('d'); $query = "SELECT Id FROM tblItems $TDate-PDate < '3' AND Status = '1'"; This is to show only records that are less than 3 days old. This method has always worked but suddenly I am getting no answers! I did some tests and I see that if : TDate = 20090801 PDate = 20090729 What am I doing worng?

Thanks for your reply. The backup wa made with phpMySql's back up tool. It seems like the characters are present even in the back up file. I there a way to do a character search an replace on tables in MySQL?That seems to be the quickest way to solve the problem since the characters are always before degree centigrade sign and ' and bullets so they can easily be identified. Thanks in advance L1

We transfered our site and its MYSQL database from one hosting company to another one and in doing so I made backups of old database and exported it to the new one. Now in each record (which are all text) a lot of wierd characters are showing up like: 13 – 17 Seconds or: Temperature -5ºC Why is this and how can it be fixed. There are some 1200 row of data and each has over 30 columns and removing them manually will take a very long time. Any suggestions is appreciated. L1

tx it did work

How can you verify if the user's input into your form's text box is ASCII character or UTF-8? Apparently PHP string functions do not support UTF-8 so that could lead to many problems. tx in advance

I tried them both and am getting the exact same result. You can try yourelf: <?php $Var1="آزمایش"; $L1=mb_substr($Var1,0,1); print "<p align=left>1<br><font color=blue><b>$L1</font></b><br>"; $L2=mb_substr($Var1,0,2); print "<p align=left>2<br><font color=blue><b>$L2</font></b><br>"; ?>

I have a simple form with a text box (Var1) which can recieve 10 characters entered by users. They can enter either numbers or characters. However depending on their keyboard they may enter English or other language (UTF8 characters). I pass the entered value to the next page and try to read the entered data with something like: $L1=substr($Var1,0,2); If they have entered English characters or numbers I see the first two characters or numberes. BUt if they have entered UTF8 characters I only see one! I did some tests and it seems like each of UTF8 characters counts for 2! (so substr($Var1,4,2) will show the second such character. Can somebody explain why this is and also how can I separete each entered character regardless of being UTF8 or not?

Thank you for the sugestions.

At the risk of sounding like I am reinventing the wheel I want to write a script based on Vigenere encryption concept. However since my experience with utf8 characters going back and forth between browser and mysql been very surprising so far I thought I ask if any one had any experience or ideas about it. Specific problem for example: I set length of password column in the mysql table to be 7 characters. Then I enter some passwords (utf8 characters) through the php form to test, none of the passwords works! I look at the mysql table directly and see each of characters is converted to &#2342; type of deal which means only one nad half character in reality (the first 7 chars) are saved! Surprises like this. Have you any experience with utf8? I guess any encryption code will have similar type of concerns to deal with.

I have searched and read the posts on this forum (and many others) about this issue because encry. is get asked about quite often. But I have not been able to find anything directly related either here or on other forums hence the questions: 1. If your users might select a combination of characters in English, a non-english language (Turkish for example) and numbers or either english+ number or Turkish+numbers, how would it effect the functionality of encryption functions? Any experience or thoughts? (I have seen the saved passwords in MyQL tables in which each character turns into &+4digits+; ) 2. Where do I find the alg. or the code for examples of reasonably secure enc./dec. funcions. Especially if UTF-8 is a factor. Thanks in advance

Daniel0 we are not dealing with mombojombo here. If something gets to a computer and does some work then it must exist somewhere too, even temporarily. Question is while this illusive item is doing its thing were can we have the pleasure of reading its content. Because if we don't bother to do so the hacker might. I might be relatively new with PHP but that's a fortunate thing becasue it occasionally let me question the very obvious to everybody else such as this case. Thanks for your answers (both of you) anyway, that's what a good forum is for.

Before brower is closed can't we go to the folder and see them? Where are they?

I have been trying to find out where session coocies are saved (XP or Vista). Some say it is saved on server and some say on the users computer. I disabled coockies on my browser and could no longer log in in to ites which work with sesion cookies so this convinced me that it must be on the user computer, but looking at the usual folders I can see no cookies resembeling what the session coockie should be (or even the one I made on my tet site). How do you open and see session cookies and where are they? Thanks in advance

I am not sure how it is suposed to work. If file 2.php is placed in this folder then it will not be viewable directly (www.---.com/2.php) but if we have a link from index.php which is in the root directory it can open the page 2.php on the browser. Is that how it works? I called the host company and asked how to set up such a folder and they aid it is impossible. How would you do it?

Thank you for your suggestions. You suggested also to put only the index file in the root directory and everything else in non-web accessible folders. What is the advantage in that? Is there a way to link to them from the index page while stopping direct viewing? Thanks in advance

Members are supposed to log in to get to pages where the forms are. FIll some forms and get some data and log off before leaving (end session). My objective is : 1. To make sure unauthorized people can not get into the forms and fill or edit existing data 2. Their actions will be traced to their own account, so no one should be able to edit some data faking the username of another person. That's why I am using session registration and session variables. But I always imagined session variables like cookies being writen on the user's computer (and not the server).

Thanks for the replies. This is what I am doing. 1. At the login stage I save a session variable which contains the username and another one which indicates that the user has logged in. 2. In all pages I read the session variable for name of the user to link his actions (filling forms, etc.) to his records. 3. All data between pages are passed in forms anot not by link. None the less my little experiment showed me that any first garde can pass variables through URL line and bypass data entered through forms! Also a clever person (even a dimwit one) can fake a cookies by saving one himself in the cookies folder and laugh at such a security measure! How would you go about it? On the other hand if you do not rely on a sesion variable rgistered by a cookie how can you tell that the person has logged in?I apreciate your sugestions whille I am reading the 84 pages in that security thread L1

I noticed that when we send a variable ($V1=100) from a form (form1.php) to a second page (results.php) it can easily be hacked by typing in: http://www.-------.com/results.php?V1=400 into the URL box and just bypas going through the form! This becomes a security problem when Session variables ($SVId=2) are supposed to be read and fed into the form: http://www.-------.com/results.php?V1=400&SVId=5 Anybody can fake this and break into the system. What is the solution against this? How do you secure your forms? Thanks in advance.

Which is more efficient? To organize data in smaller tables and give ID number to items but have to cross reference it later (in order to have to add a row of data in a table you need to pick up data from 4 different tables) or make one or two larger tables amd querry only one or two tables? The site I am working on may have a lot of visitors and I am concern about the number of SQL querries machine has to run simultaneously (or am I worried for nothing?) Thanks in advance L1 I have organized data in MySQL tables in a way that for one of my querries I have to get an

26 views 4 days later anot not a single suggestion?!

Hello I am trying to generate a confirmation email in which the fonts are not in english. I use the code bellow. Problem is that some times the receiver receive the correct fonts & texts and some times giberish. It must depend on the email software used or setting, etc. Can anyone suggest a fool-proof way to ake sure the reciever will get te correct text? Here is the code I am using: $to = $Email1; $subject = "123abc123.com - درخواست "; $from_email= "FROM: 123abc123.com"; $from_name= "hemaiat@123abc123.com"; $body = $UN." اسم کارائی:"; $headers = "MIME-Version: 1.0 \n" ; $headers .= "From: " . "".mb_encode_mimeheader (mb_convert_encoding($from_name,"UTF-8","AUTO")) ."" . "<".$from_email."> \n"; $headers .= "Reply-To: " . "".mb_encode_mimeheader (mb_convert_encoding($from_name,"UTF-8","AUTO")) ."" . "<".$from_email."> \n"; $headers .= "Content-Type: text/plain;charset= UTF-8\n"; $body = mb_convert_encoding($body, "UTF-8","AUTO"); $sendmail_params = "-f$from_email"; mb_language("uni"); $subject = mb_convert_encoding($subject, "UTF-8","AUTO"); $subject = mb_encode_mimeheader($subject); mail($to, $subject, $body, $headers, $sendmail_params);

I don't follow you. If the cookie was deleted then after logging in I should not be able to see username (which I do). (Also I was editing the question when you answered please look at it now). Can somebody write or point to an example code where session is registed and one cookie is set and then in a secondary page session is ended and cookie cleared? I have been going over php.net and many forums to see examples and tried at least a dozen of them. Bless their hearts, often they don't try their code before posting it. Thanks

I am trying to make a log in/log off for my site I have problems with logging off. I want to set cookies (username) for duration of session and clear it when they log off. I can resigster a session and set cookie by this code: session_start(); session_name("H1000"); session_register("LUN"); setcookie("LUN",$_POST["N1"],0, "/","www.123xyz.com",0); So far so good. Problem is that no matter what I try I can not get rid of the username cookie when I try to log off (I can still see the name on pages after I try to log off). To log off this is the code: <?php session_start(); $_SESSION = array(); setcookie(session_name(H1000), '$LUN', time()-42000, '/'); session_destroy(); header('Location:index.php'); ?> Can somebody tell me what am I doing wrong? Thanks in advance. L1

I loaded the file to my server and works beautifully. I opened it in Notepad++ and just made one space and saved it and oaded again and it works fine. So obviouly there is something wrong with the way I am saving them. I will try to figure it out. Mchl thank you very much for your generous help.