Jump to content

manmadareddy

Members
  • Posts

    50
  • Joined

  • Last visited

About manmadareddy

  • Birthday 07/04/1981

Profile Information

  • Gender
    Not Telling

Contact Methods

  • Yahoo
    manmadareddy@yahoo.com

manmadareddy's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. It will work fine. Anyway if u want to try more means http://www.paggard.com/projects/xls.reader/    http://www.phpclasses.org/browse/package/1919.html
  2. $get1 = isset($_GET['list']) ? $_GET['list'] : '';
  3. error_reporting(E_ALL ^ E_NOTICE);
  4. <?php $filename='test.xls'; if(file_exists($filename)) { $fp=fopen($filename,"r"); echo $fp; } else { echo "file not found!"; } ?>
  5. While doing the registration process they may be checking for the username existance. There may be some query to check this before insertion. You may be changed that query I think.
  6. Use mysql_insert_id() function to get the id of latest inserted record.
  7. I think mysql is treating date as keyword or function. Please check
  8. Please use preg_match function ex: <?php $subject = "abcdef"; $pattern = '/^def/'; preg_match($pattern, $subject, $matches, PREG_OFFSET_CAPTURE, 3); print_r($matches); ?> ex: <?php // get host name from URL preg_match('@^(?:http://)?([^/]+)@i',     "http://www.php.net/index.html", $matches); $host = $matches[1]; // get last two segments of host name preg_match('/[^.]+\.[^.]+$/', $host, $matches); echo "domain name is: {$matches[0]}\n"; ?>
  9. I don't think this $_POST['picturename'] will set. That will be posted as $_FILES['picturename']['name'].
  10. Just print the query and check This code is working fine for me...
  11. Please use the following code <?php   session_start();   if(!$_SESSION['username']){         header("Location: login.php");         exit();       }   include('../includes/config.inc.php');   include('../includes/dbconnect.inc.php');   if($_GET['delete']) {   $sql = "DELETE FROM `portfolio` WHERE id='" . $_GET['delete'] . "'";   $result = mysql_query($sql) or die ("ERROR: " . mysql_error() . "SQL: $sql");   header("Location: pages.php");   exit(); } ?> <html> <head> <title>NOBA Admin - Add or Edit News Story</title> <meta http-equiv="description-Type" description="text/html;"> <style type="text/css"> <!-- .style1 {font-size: 14px} --> </style> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_jumpMenu(targ,selObj,restore){ //v3.0   eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'");   if (restore) selObj.selectedIndex=0; } //--> </script> </head> <body> <form  id="editArticleForm"  name="editArticleForm"    method="post" action="<?=$_SERVER['PHP_SELF'];?>"  enctype="multipart/form-data" >   <table width="100%"  border="0" cellspacing="0" cellpadding="0">                 <tr>                   <td><div align="center">               <?php             if(!isset($_POST['Submit'])){               $id = $_GET['edit'];               $sql = "SELECT * FROM `news` WHERE id='$id'";               $result = mysql_query($sql) or die ("ERROR: " . mysql_error() . "SQL: $sql");               $rows = mysql_num_rows($result);               while ($news = mysql_fetch_array($result)) {                   $news_title = $news["title"];                   $news_content = $news["content"];                         $news_picturename = $news["picturename"];                   $news_alt = $news["alt"];                   $news_url = $news["url"];                   }                ?>                   <img src="assets/toplogo.gif" width="771" height="127"></div></td>                 </tr>   </table>               <table width="589" height="414" border="0" align="center" cellpadding="3" cellspacing="1">                 <tr>                   <td bgcolor="#000033"><strong> <img src="assets/title.gif" width="30" height="12"></strong></td>                   <td><input name="title" type="text" class="txtboxlrg" value="<?=$news_title;?>" size="50"></td>                 </tr>                 <tr>                   <td valign="top" bgcolor="#000033"><strong> <img src="assets/story.gif" width="38" height="15"></strong></td>                   <td><textarea name="content" cols="50" rows="22" class="txtboxlrg" id="content" width="472"><?=$news_content;?>                   </textarea></td>                 </tr>                 <tr>                   <td valign="top" bgcolor="#000033"><strong> <img src="assets/pic_filename_and_ext.gif" width="178" height="12"></strong></td>                   <td>[b]<input type=file name='picturename' class="txtboxlrg">[/b]</td>                 </tr>                 <tr>                   <td width="218" bgcolor="#000033"><strong> <img src="assets/alt_tag.gif" width="53" height="12"></strong></td>                   <td width="484"><input name="alt" type="text" class="txtboxlrg" id="alt" value="<?=$news_alt;?>" size="50"></td>                 </tr>                 <input name="id" type="hidden" value="<?=$id;?>">                 <tr>                   <td bgcolor="#000033"><p><strong> <img src="assets/url.gif" width="53" height="12"></strong></p></td>                   <td align="center" class="header2"><div align="left">                     <input name="url" type="text" class="txtboxlrg" id="url" value="<?=$news_url;?>" size="50">                   </div></td>                 </tr>                 <tr>                   <td></td>                   <td align="center" class="header2"><input name="Submit" type="submit" onFocus="this.blur();" value="Update"></td>                 </tr>   </table> </form>         <?php             } else {                   if((!$_POST['title']) || (!$_POST['content']) || (!$_POST['picturename']) || (!$_POST['alt']) || (!$_POST['url'])){                     echo "You are missing a required field, please <a href=\"javascript:history.back()\">go back[/url] and correct before proceeding!";                   } else { [b]$uploadfile=""; if(is_array($_FILES)&&$_FILES['picturename']['name'])   { $uploaddir = '/var/www/uploads/';//Please set this value accordingly and give the write permissions for this directory $uploadfile = $uploaddir . basename($_FILES['picturename']['name']); if(move_uploaded_file($_FILES['picturename']['tmp_name'],$uploadfile))   { echo "File is valid, and was successfully uploaded.\n";   }else   { echo "Possible file upload attack!\n";   }   }[/b]                     if($_POST['id']){                         $sql = "UPDATE `news` SET title='" . $_POST['title'] . "', content='" . $_POST['content'] . "', picturename='" . [b]$uploadfile[/b] . "', alt='" . $_POST['alt'] . "', url='" . $_POST['url'] . "', author='" . $_SESSION['firstname'] . " " . $_SESSION['lastname'] . "', updated=NOW() WHERE id = '" . $_POST['id'] . "'";                         $result = mysql_query($sql) or die ("ERROR: " . mysql_error() . "SQL: $sql");                         echo "news \"" . $_POST['title'] . "\" updated successfully - return to <a href=\"news.php\" onFocus=\"this.blur();\">news[/url]!";                     } else {                         $sql = "INSERT INTO `news`  ( `id` , `title` , `content` , `picturename` , `alt` , `url` , `author`,  `added` ) VALUES('', '" . $_POST['title'] . "', '" . $_POST['content'] . "', '" . [b]$uploadfile[/b] . "', '" . $_POST['alt'] . "', '" . $_POST['url'] . "', '" . $_SESSION['firstname'] . " " . $_SESSION['lastname'] . "', NOW())";                         $result = mysql_query($sql) or die ("ERROR: " . mysql_error() . "SQL: $sql");                         $id = mysql_insert_id();                         echo "Story \"" . $_POST['title'] . "\" added successfully - return to <a href=\"news.php\" onFocus=\"this.blur();\">news[/url] or view <a href=\"../index.php?news=" . $id . "\" onFocus=\"this.blur();\">news here[/url]!";                     }                   }               }             ?> </body> </html>
  12. just put one if condition like if(obj.id) {   then...... }
  13. just check the register_globals value in php.ini or u can simply call this function at the begining of the file. extract($_REQUEST); or U can just access the elements using $_GET,$_POST or $_REQUEST
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.