DavidAM

@psycho While that covers all of the examples, I would tend to code the scheme check a little more generically. As it is, it will not cover mailto:, ftp: or others. //If does not begin with a scheme, add it if(strpos($url, '://') === false) { $url = 'http://' . $url; }

When mySql executes a stored procedure, the last thing it does is to issue a result-set with the completion status of the procedure. If the procedure itself returns a result-set (i.e. has a SELECT to return rows), then there are TWO result-sets sent back -- the SELECT will be first, and the completion status will be second. When PHP processes only the FIRST result-set (the selected rows), the second result-set is still sitting in the "pipe" waiting for you to retrieve it. Since this "pipe" belongs to the database object, you can NOT send a new request to the database until you clear it out. Just freeing the result object does NOT clear the pipe. You have to retrieve the waiting result set. This behavior is similar to using mysqli.multi_query which allows you to send multiple SELECT (or other) statements in a single call. The process is: query(), (loop to) fetch(), if more_results(), next_result(), store_result() (or use_result()), [back to loop to fetch]. Using your code as an example, if you are sure there will NEVER be additional result-sets that you are interested in, you could do something like this: function get_dataset($db1, $query_string) { //--------------------------------------------------------------------- $result1 = $db1->query($query_string); //$num_results = $result1->num_rows; if (! $result1) die($db1->error); $num_results = $result1->num_rows; $res_array = array(); while ($row = $result1->fetch_assoc()) { $res_array[]=$row; } //$query_string->free(); $result1->free(); #MAD Add these lines to "clear the pipe" after a Stored Procedure Call while ($db1->more_results()) { $db1->next_result(); #MAD I'm not sure if these two lines are needed or not $result = $db1->store_result(); $result->free(); } return $res_array; } //--------------------------------------------------------------------- There is some caveat about using store_result() vs. using use_result() but I can't remember off the top of my head how that works, and I can't get to my library to check my code base. I still do not understand why you don't get the error when call num_rows() on that invalid object, but that may just be a quirk of the PHP object model, or your error_reporting value.

1) $query_string is apparently a string (not an object) and as such, it does not have a free() method to be called. That free() statement is useless. 2) $result1 is an object, or at least it should be, and so that free() call can stay. 3) When you report an error on the board, report THE ENTIRE ERROR MESSAGE. If the message says "Call to a member function fetch_assoc() on a non-object" (as you stated in your first post), then the query has failed!!!!! I said this before, you need to check after you execute query() to see if the query() succeeded. Just because it worked once does NOT mean it will work EVERY SINGLE TIME. If you put the line if (! $result1) die($db1->error); (for debugging purposes, only) immediately after executing the query, you will see the error message from the database server. If this is happening the SECOND time you call the function, and the FIRST time you called it you executed a STORED PROCEDURE, then that error probably says "commands out of sync".

Couldn't you handle it in the query? SELECT whatever FROM table WHERE ( min = '*' OR min = MINUTE() ) AND ( hour = '*' OR hour = HOUR() ) AND ( dom = '*' OR dom = DAYOFMONTH() ) AND ( mon = '*' OR mon = MONTH() ) AND ( dow = '*' OR dow = DAYOFWEEK() ) Although, since you are using varchar, you will have to watch out for the two-digit vs. one-digit values -- i.e. is '02' == 2? Probably not! As a long-time programmer, I would probably make those TINYINT (and leave them signed). Then use -1 instead of '*' for the "always" flag. On the other hand, cron lets you do things like ranges and lists (I believe), which this solution will not support.

non-object -- this is an indication that the query failed for some reason. You need to check after calling mysqli.query to see if you have a valid result and if not, deal with the error mysqli.error. Note that when executing stored procedures in mySql, you get multiple resultsets from one call, so you have to call mysqli.next-result after processing the result data to avoid the "Commands out of sync" error. Is this your real code? Because I would expect the non-object error when you call num_rows() if the query failed, unless you have done something between there and the fetch_assoc() call that is invalidating the result set. In any case, always check the return values and handle any error conditions as you go along.

That IF test looks backwards to me. If LOGGED-IN tell them they must log-in?

$monthCode(arrayMonthCode) is telling PHP to use the value in the variable $monthCode as the name of a function to call and pass it the constant named arrayMonthCode. PHP uses square-brackets for array subscripts/keys, and you need the dollar-sign on the subscript to make it a variable reference.$monthCode = array("02", "03", "04", "06", "09", "10", "10", "11", "11", "12", "12", "01"); $monthLetterCode = array("A", "B", "C", "D", "E", "F", "G", "H", "J", "K", "L", "M"); $realMonthCode = date("n"); $labelYearCode = date("y"); $arrayMonthCode = $realMonthCode - 1; $labelMonthCode = $monthCode[$arrayMonthCode]; #MAD# Changed $labelLetterCode = $monthLetterCode[$arrayMonthCode]; #MAD# Changed $myString = "Sh" . $labelMonthCode . $labelYearCode . $labelLetterCode; I changed lines 7 and 8.

Yes, it is. And for completeness read this link (I know you know this Jessica): http://dev.mysql.com/doc/refman/5.1/en/encryption-functions.html#function_password Which basically says "Don't Use This Function in Your Application"

Please use [ code ] tags when providing code on the forum. It formats it nicely so it is easy to read (and often points out problems with syntax).while ($row = mysql_fetch_array($sql)) { $product_name = $row["product_name"]; $price = $row["price"]; $details = $row["details"]; } $pricetotal = $price * $each_item['quantity']; $cartTotal = $pricetotal + $cartTotal; setlocale(LC_MONETARY, "en_US"); $pricetotal = money_format(".2n", $pricetotal); <<<< ERROR AGAIN // Dynamic Checkout Btn Assembly $x = $i + 1; $pp_checkout_btn .= '<input type="hidden" name="item_name_' . $x . '" value="' . $product_name . '"> <input type="hidden" name="amount_' . $x . '" value="' . $price . '"> <input type="hidden" name="quantity_' . $x . '" value="' . $each_item['quantity'] . '"> '; // Create the product array variable $product_id_array .= "$item_id-".$each_item['quantity'].","; // Dynamic table row assembly $cartOutput .= "<tr>"; $cartOutput .= '<td><a href="product.php?id=' . $item_id . '">' . $product_name . '</a><br /><img src="inventory_images/' . $item_id . '.jpg" alt="' . $product_name. '" width="40" height="52" border="1" /></td>'; money_format should be available in any PHP from 4.3 up. Don't tell me you are using something less than 4.3? I mean, 5.3 is almost considered OLD.

Use [ code ] tags (and see) // Connect to the MySQL database include "storescripts/connect_to_mysql.php"; $id = preg_replace([^0-9]', '', $_GET["id"]); #<<<<THIS IS THE PROBLEM I CANNOT FIX IT ##MAD## Missing ^ single-quote // Use this var to check to see if this ID exists, if yes then get the product Get an editor that highlights your code.

turn on error reporting, you're getting notices about those unquoted array keys error_reporting(~0); ini_set('display_errors', true);

... and if you never close the connection, your server will eventually run out of "slots" for connections and the function (and queries) will fail.

While I agree with @trq, let's just be clear about this looping. It is never required that you loop through a result set. If you know it returns a single row (or only want the first row), you can leave out any while or for processing and just fetch the first row. Well, that's the way it is/was in mysql, and I do it that way with mysqli. I have not played with PDO yet, but I see no reason this should not apply there as well.

What exactly does this mean? Does the script abort with no output, or does the script hang up? With a BLOCKING stream, fread is going to wait ("block") until it gets (in this case) 16,384 bytes of data. So the script may seem to hang up. If the script is aborting, you may be exhausting the memory limits of PHP. Make sure you have error reporting turned on so you can see the memory error. Note: please use [ code] [ /code] tags around your code when posting on the forum. It makes it much easier to read.

Don't underestimate the ingenuity of parents ... At any rate, if you consider your application and target audience and decide you want to do something non-best-practice, that is certainly your call. However, it is important to remember that once you learn one way of doing something (passing scores in "hidden" fields), you may get in the habit of using this practice, and end up using it in areas where it could be an issue (if you ever develop a banking system let me know, I need to add some money to my account -- through a hidden field, of course).

You will also want to make sure that your website and database are all UTF-8 (at least) enabled. If the form is not UTF-8, then you may be sending the wrongly encoded data to the server. If the database is not UTF-8 you may be storing it wrongly. If the Database connection is not using UTF-8 (immediately after connecting) it may not be retrieving it correctly. I have not worked with FPDF, but you need to look at its settings for UTF-8 as well. The CP1252 encoding, and ISO-8859-1 are not likely to support those characters at all.

1) Turn on error reporting: error_reporting(-1); ini_set('display_errors', 1);at the beginning of your scripts (at least in development). 2) Remove the "@"-sign on the call to mail(). In fact, forget that you ever saw or heard of that operator. It simply hides errors (warnings, notices, whatever) it does NOT "fix" them. 3) Use an IF statement to see if the call to mail() worked: if (! mail(...)) { echo 'Failed to send the mail'; }without #2 and #3, you really do NOT know if the mail is being sent or not 4) The From: ... header MUST specify an email address that has the authority to send email from the email server you are using. If you try to send mail from gmail.com with an address of @yahoo.com, the server may refuse to send it or the receiving server may refuse to accept or deliver it or may put it in the SPAM folder. It may be considered as a forged message. Use the Reply-To: ... (as you have) to include the form's user in the email headers, but the "From:" header needs to be your website's email address. If you get any errors after implementing #1 and #2, post them here so we can help more. If you are running on a Windoze machine, you may need to check your mail settings in the PHP.ini file.

There's nothing wrong with wrapping each condition in parens, as it clearly documents the programmers intentions. I wrap ALL of my conditions in parens, in essence telling the interpreter/compiler exactly what I mean, so we don't misunderstand each other. This condition should really be tested FIRST! Before using any other elements of the $_FILES array, you need to verify that you actually received a file. If I try to upload a 2G file and your PHP/server fails it because it exceeds the max allowed size, this is the only element of the array that is meaningful. Since your current error message is generic and used if ANY condition fails, it is hard to know why. You may want to printf('<PRE>%s</PRE>', htmlspecialchars(print_r($_FILES, true))); to have a look at the $_FILES array and see why it reached that point (well, at least during development). Or you may want to break up your tests and produce a message telling why the file is invalid.

Sorry, I never really looked at the query: You are not selecting the user_id column, you are only selecting the number of rows that match. So, change the query to select the user_id. Then you need to check (after execute) if there are any rows in the result set. If not, the login is invalid (return false). If there are, you can fetch the row and return the user_id column.

I wonder who over there at PHP Development Labs thinks that "ALL" means "MOST" or "NEARLY ALL". ALL should me ALL, IMO. When they did this, I switched to using error_reporting(~0) or error_reporting(-1) (which I am told may not mean the same thing) to make sure I get them ALL*. * ALL in this case means THE ENTIRE SET OF ERRORS, WARNINGS, NOTICES, STRICT, etc.

1) You must have a session_start() before sending any output and before referring to $_SESSION. I can't tell if there is one in your code. 2) Turn on error reporting at the beginning of your code error_reporting(E_ALL); ini_set('display_errors', 1); 3) This code is not doing what you think (I think) By casting $result to a BOOL, $result will NOT be an array. So, your assignment inside the IF statement is not valid, and should be producing an error (Warning).

Javascript validation is only good for informing the user quickly and without a round-trip to the server. Users have the option of turning off Javascript, and some browsers may not support it at all. So you can NOT depend on Javascript validation to force any kind of restrictions or ... uhh ... validation, at all.

See Double Spacing in Code Tags on the Test Board

Code tags ( ... ) are double-spacing the code. (The nobbc tags are not working in that line. I am using the PHP (not CODE) tags below) If I flip the switch so I'm using the Rich Editor it post's fine (in the Preview). If I flip the switch OFF, it posts double spaced: http://forums.phpfreaks.com/topic/275052-selecting-random-mysql-row/?p=1415595 require('members/connect.php'); // Get a count of the banners available $query = "SELECT COUNT(*) AS RowCount FROM banners WHERE banner_size=7"; $result = mysqli_query($dbc, $query); $banner = mysqli_fetch_array($result); $num_rows = $banner['RowCount']; mysqli_free_result($result); // Pick a random number and subtract 1 (we want the OFFSET) $randomOffset = rand(1, $num_rows) - 1; // Select the banner $query = "SELECT * FROM banners WHERE banner_size = 7 LIMIT $randomOffset, 1"; $result = mysqli_query($dbc, $query); $banner = mysqli_fetch_array($result); mysqli_free_resullt($result); There is also an extra line at the beginning and end of the code block Now it is doing the exact opposite (the PLAIN editor posts fine, the RICH editor posts double-spaced). This makes me feel crazy. Is anyone else seeing this?

That is not going to work, since there is a WHERE clause in the query, the ID's will not likely be consecutive in the results. @worldcom You can use the LIMIT clause to get a specific row: LIMIT $offset, 1. But first a couple of things about your code. 1) Do not use SELECT * unless you need every column in the table. Specify the columns you want, instead. This documents your code and saves resources. 2) Do not SELECT data to find out how many rows are in the table. Again it wastes resources. Use the COUNT() function instead require('members/connect.php'); // Get a count of the banners available $query = "SELECT COUNT(*) AS RowCount FROM banners WHERE banner_size=7"; $result = mysqli_query($dbc, $query); $banner = mysqli_fetch_array($result); $num_rows = $banner['RowCount']; mysqli_free_result($result); // Pick a random number and subtract 1 (we want the OFFSET) $randomOffset = rand(1, $num_rows) - 1; // Select the banner $query = "SELECT * FROM banners WHERE banner_size = 7 LIMIT $randomOffset, 1"; $result = mysqli_query($dbc, $query); $banner = mysqli_fetch_array($result); mysqli_free_resullt($result);