Bman900

I hate the white in the middle, makes my eyes hurt when everything else is dark on the page.

So there is no point to your portfolio..... Anyway I think it looks horrible, font is childish, links are flawed, your templates are way to bland and are more black and white than the color you specify. Your projects seem way to simpleminded and are horribly designed once again.

Thank you everyone for the feedback! By no means was this site ever to go live for any other use but to see what I could do. I did not go over board with the security yet because of that. Once again, thank you!

Finally months on and off I finished my first big PHP project. It is a blog since I learned a lot from posting stuff into the database and querying it in many different ways. Tons of help came from this website from the coding help section to the tutorial posted on the main page. I want to thank every one for helping me along the way and hope to stick around here as my knowledge grows. Design and coding was all done from scratch besides the WYSG editor which I got from tiny mice. Anyways here is the link: http://www.dezotech.com/blog Login (also an admin so you can check out the back end as well): Username: phpfreaks Password: 123456 Please if you find any huge security holes or anything major please let me know and help me in the direction I need to go. Now of to C++....

Thank you that works just fine. I just have to learn what you did there though.

Am trying to make sure that a URL ends with .png or .jpg with this code: if((strrchr($avatar, '.') !== '.jpg') || (strrchr($avatar, '.') !== '.png')){ echo "That format is not valid, please select another image that is .jpg, .jpeg, .png, or .gif!"; } else { RUN QUERY } I also tried doing this but this doesn't work either: if(!strrchr($img, '.') == '.jpg'){ echo "That format is not valid, please select another image that is .jpg, .jpeg, .png or .gif!"; } elseif(!strrchr($img, '.') == '.jpeg'){ echo "That format is not valid, please select another image that is .jpg, .jpeg, .png or .gif!"; }elseif(!strrchr($img, '.') == '.png') { echo "That format is not valid, please select another image that is .jpg, .jpeg, .png or .gif!"; }elseif(!strrchr($img, '.') == '.gif'){ echo "That format is not valid, please select another image that is .jpg, .jpeg, .png or .gif!"; } } //register else { RUN CODE } No matter what I always get the error message but if I just do one check like this it works: if(strrchr($avatar, '.') !== '.jpg'){ echo "That format is not valid, please select another image that is .jpg, .jpeg, .png, or .gif!"; } else { RUN QUERY }

Am not actually uploading am letting the user submit a url of on image and I want to make sure it really is am image by checking the end of the URL he submits that it ends with .jpeg, .png and so on.

I want users to be able to choose an image as an avatar but I want to make sure its an image and not something else entering my database.

OMG thank you, I can't believe I did not think of that even though I read an article on why its bad to use that practice. YOUR A GENIOUS! It works like a beautiful child!

Here is my code: <table width="500" border="1"> <tr> <td>Filename</td> <td>Uploaded By</td> <td>Date Uploaded</td> </tr> <?php $query = mysql_query("SELECT * FROM files ORDER BY id DESC LIMIT 0,10"); while ($row = mysql_fetch_assoc($query)) { if(file_exists($row['file'])){ ?> <tr> <td><?php echo $row['filename']; ?></td> <td><?php echo $row['uploader']; ?></td> <td><?php echo $row['date']; ?></td> </tr> <? } else{} } ?> </table> Error: Parse error: parse error in C:\wamp\www\mysite\download.php on line 71 I don't get this since line 71 one is the end of my script and is this line : </html> I looked it over and it looks like I closed all the if and while statments. Any one see whats wrong?

I have been searching google all day and can't seem to find one tutorial on creating a download script with PHP. Basically I want to download a file after it is checked if it exist. Any one have a suggestion?

Man I wish you were here 2 days ago cause I tried Zend and I only got more confused and mad cause I had no idea what I was doing. I was always writing everything from scratch before so I have no experience in any framework. What framework would you recommend?

Ok, so I found a nice sideshows that helps you set up the framework but from what I see you need to mess with php.ini some root server stuff and mod_rewrite. Is this framework able to be run on a shared host or must have a dedicated server?

Ok thanks, and I just searched for some tutorials on doing phrases but only one term searches such as this came up. Does any one know of a tutorial out there that explains how to search a pharse through the database?

So I tried searching this on google and it only got me more confused. Can some one explain what a PHP framework is and how it effects a PHP developer? Basicly is it a way you write code or is it a giant script where you built off of from? Sorry for the extremly stupid questions but am just curious.

So here is the code in question if (count($error) < 1) { $searchSQL = "SELECT sid, sbody, stitle, sdescription FROM simple_search WHERE "; // grab the search types. $types = array(); $types[] = isset($_GET['body'])?"`sbody` LIKE '%{$searchTermDB}%'":''; $types[] = isset($_GET['title'])?"`stitle` LIKE '%{$searchTermDB}%'":''; $types[] = isset($_GET['desc'])?"`sdescription` LIKE '%{$searchTermDB}%'":''; $types = array_filter($types, "removeEmpty"); // removes any item that was empty (not checked) if (count($types) < 1) $types[] = "`sbody` LIKE '%{$searchTermDB}%'"; // use the body as a default search if none are checked $andOr = isset($_GET['matchall'])?'AND':'OR'; $searchSQL .= implode(" {$andOr} ", $types) . " ORDER BY `stitle`"; // order by title. $searchResult = mysql_query($searchSQL) or trigger_error("There was an error.<br/>" . mysql_error() . "<br />SQL Was: {$searchSQL}"); Now I want to make it so it searches throug the tilte and article of a blog no matter what. Do you guys think this would work? Am I correct using AND or should I be using OR? if (count($error) < 1) { $searchSQL = "SELECT id, title, content FROM blog WHERE 'title' LIKE $searchtermDB AND WHERE 'content' LIKE $searchtermDB"; // order by title. $searchResult = mysql_query($searchSQL) or trigger_error("There was an error.<br/>" . mysql_error() . "<br />SQL Was: {$searchSQL}");

Yea I had to do that and I did if statements inside the value='' and worked like a charm!

So I am following this tutorial on registering but it must have been coded in PHP4 because am getting different errors in PHP5. Here is what I have: $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); $repeatpassword = strip_tags($_POST['repeatpassword']); $email = strip_tags($_POST['email']); $date = date("Y-m-d"); if(isset($_POST['submit'])) { And here is the errors it throws up: Notice: Undefined index: username in C:\wamp\www\mysite\register.php on line 32 Notice: Undefined index: password in C:\wamp\www\mysite\register.php on line 33 Notice: Undefined index: repeatpassword in C:\wamp\www\mysite\register.php on line 34 Notice: Undefined index: email in C:\wamp\www\mysite\register.php on line 35 This I understand because the first time you load the page there are no values in those variables but if I were to put that in my if statement I can not use those variables in my Form code as I want the information to stay within the form if an error message is thrown up. Here is the whole block of code that shows the form code as well and how I have it set up. <?php $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); $repeatpassword = strip_tags($_POST['repeatpassword']); $email = strip_tags($_POST['email']); $date = date("Y-m-d"); if(isset($_POST['submit'])) { //check if all fields are filled in if($username&&$password&&$repeatpassword&&$email) { //check if passwords match if ($password==$repeatpassword){ //check character lenght if (strlen($username)>18 || strlen($username)<4){ echo "User names must be within 4-18 characters. <a href=\"register.php\">Go Back</a>"; } else { //check password lenght if(strlen($password)>15 || strlen($password)<6){ echo "Password must be within 6 to 15 characters! <a href=\"register.php\">Go Back</a>"; } //register user else { echo "Success!!"; } } } // error if passwords do not match else { echo "Your passwords do not match, please go back and try again! <a href=\"register.php\">Go Back</a>"; } } //error if fields are not field in else { echo "Please fill in all field before proceeding! <a href=\"register.php\">Go Back</a>"; } } ?> <form action='register.php' method="post"> <table> <tr> <td> Username: </td> <td> <input type='text' name='username' value =' <?php echo $username; ?>' /> </td> </tr> <tr> <td> Password: </td> <td> <input type='password' name='password' /> </td> </tr> <tr> <td> Repeat Password </td> <td> <input type='password' name='repeatpassword' /> </td> </tr> <tr> <td> Email: </td> <td> <input type='text' name='email' value='<?php echo $email; ?>' /> </td> </tr> </table> <p> <input type="submit" name="submit" value="Submit" /> </form>

I was wondering if this is correct or there is a better way of doing this? <?php $result = mysql_query("SELECT * FROM newsletter"); while($row = mysql_fetch_assoc( $result )) { $email = $row; mail($email, $subject, $message,"From: $from_email\n" . "MIME-Version: 1.0\n" . "Content-type: text/html; charset=iso-8859-1"); echo "$email was sent!"; } ?>

So I am trying to make my URL more search engine friendly so am trying to rewrite it but for some reason it is not working. Here is what am trying to do, make this: http://www.dezotech.com/more.php?article=Testing&id=4 look like this: http://www.dezotech.com/more/article/Testing/id/4/ Here is the code am trying to use: AddType x-mapp-php5 .php Options +FollowSymlinks RewriteEngine on rewritecond %{http_host} ^dezotech.com [nc] rewriterule ^(.*)$ http://www.dezotech.com/$1 [r=301,nc] RewriteRule more/article/(.*)/id/(.*)/ more.php?article=$1&id=$2 RewriteRule more/article/(.*)/id/(.*) more.php?article=$1&id=$2 The first part of the code works without a problem where it redirects to www. but when it comes to the bottom it does not work. Any ideas why?

So can I just use mysql_real_escape_string() on all my text boxes instead of the strip tags?

I know you guys said this many times before but what do you have to attach to a form so people can't inject harmful code?

Alright so apparently if I started the session at the VERY top of the page it works fine again but what I don't understand is that I never sent any HTML out before anyway so it should have worked, right?

So I get this message: Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /homepages/44/d272374679/htdocs/blog/index.php5:4) in /homepages/44/d272374679/htdocs/blog/index.php5 on line 5 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /homepages/44/d272374679/htdocs/blog/index.php5:4) in /homepages/44/d272374679/htdocs/blog/index.php5 on line 5 I am running PHP 5 on my PC and on my hosting yet I get no errors on my PC while running my code but once I uploaded that to the server I got them and can't explain it. Here is my code at and around line 5. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <?php session_start(); //line 5 is here $dbuser = "dbo314611366"; $dbpass = "rabbitowner"; $dbhost = "db2225.perfora.net"; $dbname = "db314611366"; ?> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> <link href="style.css" rel="stylesheet" type="text/css" /> </head>

So this is how I have my blog table id (primary key) | title | content | date | user here is what am thinking for my comment table id (primary key) | name | date | blogid So if I do an enquiry in PHP where I search the comments table for all comments that match the id number of the blog with my "blogid" and display them in asceding order would that work? Or is there a better way to do this?