Search the Community

Hi all ! The following piece of code, I believe , is supposed to hide the links when any of them is clicked. The links should reappear when the window is refreshed or reloaded. This however is not happening. Can someone please see the code and get it working. Also kindly explain the code action since I don't have much knowledge about JS or Jquery. The code: <?php //start the session session_start(); //set the attribute $_SESSION['hide'] = false; ?> <!DOCTYPE html> <html> <head> <script> //function to hide all class='test' elements function hide(h){ if(h){ $('.test').hide(); } else { $('.test').show(); } } /*do this always when page loads * verify with the value stored in session to hide or not the links */ window.onload = hide(<?php echo $_SESSION['hide']; ?>); //onready $(function() { //when link class='test' is clicked $('.test').click(function(){ //fadeOut or just $(this).hide(); $(this).hide(); //set the session to hide = true <?php $_SESSION['hide'] = true; ?> }); }); </script> </head> <body> <div class = "button"> <ul> <li> <a href="#" title="Link" class="test">I am link 1</a> </li> <li> <a href="#" title="Link" class="test">I am link 2</a> </li> <li> <a href="#" title="Link" class="test">I am link 3</a> </li> <li> <a href="#" title="Link" class="test">I am link 4</a> </li> </ul> </div> </body> </html> Thanks loads !

Hi all ! While it is clear that the input in an input text box requires to be filtered or sanitized, yet it is not clear to me if and why would the input of a dropdown menu / checkboxes / radio require to be filtered or sanitized. Can someone tell me if these inputs require sanitization? if yes, can you please explain how these would pose a security threat if left un-sanitized. Thanks !

Hi all ! I came across sec_session_start() function to start a secure session and I have used it. However I have come across so many comments on the usage of this function recently many of which suggest that this is quite useless, an overkill etc. etc. and that using Https is the best option and there too there are opinions that it has its own overheads and so on. So I would like to ask what purpose does this function serve? How good is it really? Should we use it or not? The most controversial part of this function seems to be the session_regenarate_id() which seems to create unwanted logouts and lost sessions. While this is apparently supposed to be used to prevent session hijacking or session fixation, I have again come across comments which say it is not advisable to use this function. Like it's of no use to deploy this function and should be avoided. Here is the function as I use it. function sec_session_start() { $session_name = 'sec_session_id'; $secure = false; // Set to true if using https. $httponly = true; ini_set('session.use_only_cookies', 1); $cookieParams = session_get_cookie_params(); session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly); session_name($session_name); session_start(); // Start the php session session_regenerate_id(); // regenerated the session } And I use it on all the pages at the very top. It seems to work fine. I would be very happy to know the truth about this function and its usage. Thanks loads.

Hi all, I have a networking issue. I'll define the problem. I have two computers home networked via a wifi modem cum router. One is a laptop with windows 7 and the other is a windows XP machine. The home network works fine. I am able to view the shared files of each of the computers from the other one. Now I have a xampp server running on the window 7 laptop as a localhost. The localhost runs just fine. I am able to access my local website from my laptop. However I want to use the windows XP machine to access the website being served by the windows 7 laptop via the home network. Windows7 laptop(server) ----- WindowsXP machine(client) ip4 add ----------------------------- ip4 add 192.168.2.107 --------------------- 192.168.2.107 Please can someone guide me on this. What all changes would I need to make in the configuration files and all such details. Thanks all

Hi to all ! I would like to ask that :- 1. what is the best way to / or how to best test a multi-user login script. 2. The best way to test a multi user website that saves data from the users into a database. Are there any tools that can hep me in testing my work locally on a localhost before I move them out to a website. ? I have heard that testing routines can be written for such purposes to automate the testing. If so where should I begin to look for them? I have no idea at all about writing test routines / scripts. A tutorial , if any exists, would be a good place to start. Thanks very much.

Hi to all gurus, Here is a small program in flash which calls values from PHP and displays them correctly. path = "http://localhost/xampp/nwjv/php/"; //declare path to php files lvOut = new LoadVars(); //create lv object sending variables OUT to php lvIn = new LoadVars(); //create lv object receiving variables IN from php lvIn.onLoad = function (success) { if(success) { //PHP variable value to textbox InVal = lvIn.returnVal; InTxt = lvIn.retVal; output.text = InVal; output1.text = InTxt; /* output1.text = "No Value"; if(InTxt == 'lo' ) { output1.text = "Low Value"; } if(InTxt == 'hi') { output1.text = "High Value"; } */ }else{ //...or notify of failure output.text = "fail"; } } myBtn.onRelease = function(){ //assign user-input value to lv property called years lvOut.years = years.text; //send to a blank window // lvOut.send(path + "dogyears_new1.php",lvIn,"GET"); lvOut.sendAndLoad(path + "dogyears_new1.php",lvIn,"GET"); }; And the simplest PHP code PHP Code: <?php$calculation = $_GET["years"]*2; if($calculation <=10 ) $retVal="lo"; if($calculation > 10) $retVal="hi"; echo "&returnVal=$calculation &retVal=$retVal" ;?> PHP returns two values which are collected by flash in variables InVal and InTxt. The values collected are correct and are displayed thus in the 2 output boxes. Now if i the commented out If then block is activated by removing the /* */ from around it and the program is run, clearly the if then blocks fail since the comparison of InTxt fails. It completely fails me why this is happening. While I can display the values correctly, I can't use them in conditional loops. I have even tried them in switch case statements with the same frustrating result. ( The output1.text remains equal to "No Value" when it should change to either "High Value " or "Low Value") Earlier I was using numbers and when that failed I tried to use strings since I thought that for some reason PHP returns everything as strings. Please note that the command typeof InTxt (not used in the above code) returns a String suggesting that InTxt is a string variable. But as can be seen, even the string comparison fails. Can someone please comment on this behavior and suggest a solution. Thanks loads all !

Hi All , I have a small table with 4 fields namely Day_ID, Dues, Last_Visit, Points. where Day_ID is an auto-increment field. The table would be as follows: Day_ID -- Dues --- Last_Visit --- Points. 1 --------- 900 -------- 1/12 -------- 6 2 --------- 700 -------- 4/12 -------- 7 3 --------- 600 -------- 7/12 -------- 5 4 --------- 600 -------- 9/12 -------- 6 5 --------- 600 -------- 10/12 ------- 6 6 --------- 600 -------- 14/12 ------- 6 So this is the record of a person's visit to say a club. The last row indicates the last date of his visit to the club. His points on this date are 6. Based on this point value of 6 in the last row I want to retrieve all the previous BUT adjoining all records that have the same Points i.e. 6. So my query should retrieve for me, based on the column value of Points of the last row (i.e. Day_ID - 6 ), as follows: 4 --------- 600 -------- 9/12 -------- 6 5 --------- 600 -------- 10/12 ------- 6 6 --------- 600 -------- 14/12 ------- 6 This problem stated above had been completely resolved, thanks to a lot of help from Guru Barand by this following query :- $query = "SELECT cv.day_id, cv.dues, cv.last_visit, cv.points FROM clubvisit cv WHERE last_visit >= ( SELECT MAX(last_visit) FROM clubvisit WHERE points <> ( SELECT points as lastpoints FROM clubvisit JOIN ( SELECT MAX(last_visit) as last_visit FROM clubvisit ) as latest USING (last_visit) ) )"; I am using this and it works perfectly except that now there is a slight change in the table because the criteria for points is now dependent on more than one column cv.points and is more like cv.points1, cv.points2, cv.points3 etc. So now I need to make a selection based on each of these cv.points columns. As of now I can still get the results by running the query multiple times for each of the cv.points columns ( seperately for cv.points1, cv.points2, cv.points3) and it works correctly. However I am wondering if there is a better way to do this in just one go. This not only makes the code repetitive but also since the queries are interconnected, involves the use of transactions which I wish to avoid if possible. The values that I require for each of the cv.point columns is 1. day_id of the previous / old day on which the cv.points value changed from the current day value, and 2. cv.points on that old/ previous day. So for example if the table is as below: Day_ID -- Dues --- Last_Visit --- Points1 --- Points2. 1 --------- 900 -------- 1/12 ----------- 9 ------------ 5 2 --------- 600 -------- 4/12 ----------- 6 ------------ 6 3 --------- 400 -------- 7/12 ----------- 4 ------------ 7 4 --------- 500 -------- 9/12 ----------- 5 ------------ 8 5 --------- 600 -------- 10/12 ---------- 6 ------------ 8 6 --------- 600 -------- 11/12 ---------- 6 ------------ 8 7 --------- 600 -------- 13/12 ---------- 6 ------------ 7 8 --------- 500 -------- 15/12 ---------- 5 ------------ 7 9 --------- 500 -------- 19/12 ---------- 5 ------------ 7 Then I need the following set of values : 1. day_id1 -- Day 7, points1 ---- 6, days_diff1 -- (9-7 = 2) . // Difference between the latest day and day_id1 2. day_id2 -- Day 6, points2 ---- 8, days_diff2 -- (9-6 = 3) 3. day_id3 -- .... and so on for other points. Thanks all !

Hi everybody. I use flash 8 and actionscript 2.0. I am trying to create a small program that needs communication between php / HTML and flash. I have found ( after much frustration and having wasted days on this ) that no matter what - if i make a change to my program and re publish the HTMl AND SWF files after I have deleted the old HTML and swf files , even then when i run the NEW PUBLISHED html / php file, the movie that runs is the old one. I have tried all that I know, like checking paths and stuff to ensure that everything is ok. I am unable to shed the chached old swf file and so the old movie continues to run. Is there any one who has encountered anything like this? Please help me. This is driving me nuts. Thanks loads in anticipation of a reply from the nerds on this !

Hi, I upgraded my XAMPP to the version 1.8.3 (win32) recently. Apache failed to start and I got the following error Port 443 in use by ""D:\xampp\apache\bin\httpd.exe" -k runservice" with PID 1568! On checking this PID against the running processes I found that this was the service Apache 2.2 httpd.exe. This new version installed however is Apache2.4. So it seems that the old version is somehow conflicting with the new. How can I do so. I do not wish to change ports in config files. The last version worked seamlessly and this upgrade has caused this conflict. I do not wish to have a patchwork solution, instead I would like to remove the old httpd.exe from wherever I must and have the ports free for the new one. Thanks for any suggestions and help. Ajoo.

Hi I am trying to split a form as shown in this simple code. I tried what I thought should work but obviously it is not working. This submits the first part of the form but does not go to the second part of the form. So First name, Last names and Age are submitted but email and cell are not and it throws a undefined index warning for those. Can someone please take a look at this and suggest if what I am trying to do can be accomplished using PHP. Thanks <?php if(isset($_POST['submit']) && $_POST['submit'] == 'Submit') { echo"<br> First Name = ".$_POST['fname']."<br>" ; echo"Last Name = ".$_POST['lname']."<br>" ; echo"Age = ".$_POST['age']."<br>" ; echo"Email = ".$_POST['email']."<br>" ; echo"Cell = ".$_POST['cell']."<br>" ; } ?> <html> <head> <title> WOW </title></head> <body> <table> <form id="form1" action = "splitform.php" method="post"> <th> TEST </th> <tr><td>First Name : </td> <td><Input type='text' name = 'fname'></td></tr> <tr><td>Last Name : </td> <td><Input type='text' name = 'lname'></td></tr> <tr><td>AGE : </td> <td><Input type='text' name = 'age'></td></tr> </form> <form id ="form1" action = "splitform.php" method="post"> <tr><td>Email : </td> <td><Input type='text' name = 'email'></td></tr> <tr><td>Cell: </td> <td><Input type='text' name = 'cell'></td></tr> </form> <tr><td><Input type="submit" name = "submit" value = "Submit" form = "form1"></tr></td> </table> </body> </html>

Hi ! I am created this form - well it's more of a view and less of a form since the form part is only the check-boxes column and the rest is the data displayed from a database. But now I want to have this submitted with a SUBMIT button centered beneath the form after I have checked the required check boxes. I am unable to find a way to do this maybe simple task. Please help, unclubbed.php <?php $dbhost = 'localhost'; $dbuser = 'root'; $dbpass = ''; $db = 'testdb'; // CHANGE THIS TO ANY EXISTING DB ON PHPMYADMIN OR CREATE THIS DB FIRST IN PHPMYADMIN // $fcon = mysqli_connect($dbhost, $dbuser, $dbpass, $db); if(!$fcon ) { die('Could not connect: ' . mysql_error()); } // echo 'Connected successfully'; /* /////////// UNCOMMENT TO CREATE A TABLE IN A DATABASE NAMED testdb THEN COMMENT BACK ///////////// $sql = "CREATE TABLE member( mid INT NOT NULL AUTO_INCREMENT, name VARCHAR(20) NOT NULL, reg_date Date NOT NULL, email VARCHAR(30) NOT NULL, cell INT NOT NULL, status VARCHAR(2) NOT NULL, primary key ( mid ))"; if (mysqli_query($fcon,$sql)) { echo "Table member created successfully"; } else { echo "Error creating table: " . mysqli_error($con); } $query = "Insert into member (name, reg_date, email, status) VALUES ('John','1980-08-12','[email protected]','9878954323','cc')"; mysqli_query($fcon, $query); $query = "Insert into member (name, reg_date, email, status) VALUES ('Bill','1988-03-21','[email protected]','9878900123','cc')"; mysqli_query($fcon, $query); $query = "Insert into member (name, reg_date, email, status) VALUES ('Jack','1990-05-18','[email protected]','9878912300','cc')"; mysqli_query($fcon, $query); */ $check = true; $query = "SELECT * from member"; $result = mysqli_query($fcon, $query); if(isset($_POST['submit']) && $_POST['submit'] == 'Submit') { echo "<br> Member = ".$_POST['name']."<br>" ; echo "RegDate = ".$_POST['reg_date']."<br>" ; echo "Email = ".$_POST['email']."<br>" ; echo "Status = ".$_POST['status']."<br>" ; /// more code would go here once I have submitted the check box information successfully ///// } ?> <html> <head> <title> CLUB ADMIN </title></head> <body> <table> <?php echo "<table class = 'TFtable' border = 1 cellspacing =2 cellpadding = 5 >"; echo "<tr>"; echo "<th> S.No. </th>"; echo "<th> Member </th>"; echo "<th> Reg Date </th>"; echo "<th> Email </th>"; if($check == true) echo "<th> <Input type='checkbox' id='selecctall' /> All </th>"; else echo "<th> Status </th>"; echo "</tr>"; $cnt = 1; while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { $name = htmlspecialchars($row['name']); $reg_date = htmlspecialchars($row['reg_date']); $cell = htmlspecialchars($row['cell']); $email = htmlspecialchars($row['email']); $mid = htmlspecialchars($row['mid']); if($check == false) $status = htmlspecialchars($row['status']); echo "<tr>"; echo "<td>".$cnt++."</td>"; echo "<td>".$name."</td>"; echo "<td>".$reg_date. "</td>"; echo "<td>".$email. "</td>"; if($check == true) { echo "<form name = 'form1' action='unclubbed.php' method='post' > "; echo "<td align ='center'><Input type='hidden' name='mid' value=$mid> <Input class='checkbox1' type = 'checkbox' name='check[]' value='$mid'> </td>"; echo "</form>"; echo "</tr>"; } else echo "<td>".$status. "</td> </tr> "; } ?> </table> </body> </html> Thanks !

Hi friends, Another security issue but this time its regarding outputting data from a DB to a browser. Please have a look at the code below which displays some output fetched from a DB and sends it to a browser. 1. If I just wish to display this output on a screen and not provide the user with any buttons or hyperlinks to interact with the information, would I still need to sanitize the output before echoing it to the screen ? 2. If I was to make at least one of the fields a hyperlink, so that I could then display some related information on another webpage, what security concerns would I need to address in my code? 3. If I was to add a button against each of these records, on each row, and then select some related information on another webpage after processing the button handler, what would be the security concerns that I should address for the code below. Thanks very much. <table> <tr> <th> S.No. </th> <th> Name </th> <th> Age </th> <th> City </th> <th> Cell </th> <th> Email</th> </tr> <?php $cnt = 1; while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { echo "<tr>"; echo "<td>".$cnt++."</td>"; echo "<td>".$row['Name']. "</td>"; echo "<td>".$row['Age']. "</td>"; echo "<td>".$row['City']. "</td>"; echo "<td>".$row['Cell']. "</td>"; echo "<td>".$row['Email']. "</td>"; echo "</tr>"; } ?> </table>

Hi ! Can someone take a look at this simple code which worked perfectly till I upgraded to php 5.5.11. Here in my code popo should be either late or great depending upon the variable value ( in this case Great ). It seems to be echoing out both !?? Please can someone point the error ? I seem to be missing it. Thanks ! <?php session_start(); $_SESSION['popo']="POPO"; ?> <html> <head> <title> DYN PAGE </title> <style> .wrapper{ width: 1000px; height: 600px; border: 1px solid #e1e1e1; margin: 10px auto 0 auto; } .header{ width: 1000px; height: 65px; font-size: 17px; font-width: bold; color: #fff; text-align: center; background: #717171; } .lowerheader{ width: 1000px; height: 60px; color: #fff; text-align: center; background: #919191; 'display: table; 'overflow: hidden; } </style> </head> <body> <div class = 'wrapper'> <div class = 'header'> <? if(isset($_SESSION['popo']) && $_SESSION['popo'] == "POPO"): ?> <h2><br> POPO IS GREAT </br></h2> <? else : ?> <h2><br> POPO IS LATE </br></h2> <? endif ; ?> </div> <div class = 'lowerheader'> <p> What ever it takes </P> </div> </div> </body> </html>

Hi all, I am getting this Notice and I am unable to figure out why. Notice: Array to string conversion in D:\xampp\htdocs\xampp\MagicOn\functions\gen_functions.php on line 1084 Index.php calls the session start routine sec_session_start() which generates the error mentioned above. Line 1084 ( I have put the line number in the function against the line ) is indicated in the function sec_session_start() as the one which is calling session_start(). <?php //error_reporting(E_ALL & ~E_NOTICE); define('INCLUDE_CHECK',true); require 'loader.php'; sec_session_start(); $now = time(); . . . function sec_session_start() { $session_name = 'sec_session_id'; // Set a custom session name $secure = false; // Set to true if using https. $httponly = true; // This stops javascript being able to access the session id. ini_set('session.use_only_cookies', 1); // Forces sessions to only use cookies. $cookieParams = session_get_cookie_params(); // Gets current cookies params. session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly); // 0, /, ''. session_name($session_name); // Sets the session name to the one set above. 1084 session_start(); // Start the php session session_regenerate_id(TRUE); // regenerated the session, delete the old one. } ?> Grateful for any help. Thanks.

Hi, I am using transactions on a piece of code whose structure is somewhat like this if ( condition ) { mysqli_autocommit($fcon, false); if ( condition ) { $query " "; if ( condition ) { $query " "; if ( condition ) { $make = makeTable(); // where this is a function which creates a table and uses a query like INSERT into ... to create an entry in a table if ( $make == true) { $query " "; if ( condition ) { $query " "; } else else and so on ending all else. The problem is that the function call to makeTable prevents the roll back beyond that point. Please can someone tell me if and how it would be possible to roll back all the way to the defined starting point at the very beginning of the code block. Thanks all for any help, comments, suggestions.

Hi, searching for this very common question as in subject, I CAME ACROSS THE FOLLOWING QUESTION:- I have a php file which I will be using as exclusively as an include. Therefore I would like to throw an error instead of executing it when it's accessed directly by typing in the URL instead of being included. Basically I need to do a check as follows in the php file: if ( $REQUEST_URL == $URL_OF_CURRENT_PAGE ) die ("Direct access not premitted"); Is there an easy way to do this? AND THIS ANSWER:- The easiest way is to set some variable in the file that calls include, such as $including = true; Then in the file that's being included, check for the variable if (!$including) exit("direct access not permitted"); AND THESE COMMENTS:- 2 This is dangerous if register_globals is on. – jmucchiello Jan 3 '09 at 18:51 11 PHP is dangerous if register_globals is on. – David Precious Jan 3 '09 at 18:56 MY QUESTION IS that please can someone explain why and how this is a dangerous menthod and if it should be used or not. I have actually used this technique, There is a php file which is accessed as a hyperlink from the index file. When I use that link, it gives me an error saying that I cannot access that file directly. So does that mean that this technique won't work on hyperlinked files? If not then what is the best way to ensure that hyprelinked files are not accessed directly? Thanks a lot everyone on the forum.