php security - Page 569

Fatal error: Allowed memory size exhausted...

- by Nano HE

HI, I upload my php testing script to online vps server just now. The script used to parse a big size XML file(about 4M, 7000Lines). But my IE explorer show the online error message below. Fatal error: Allowed memory size of 16777216 bytes exhausted (tried to allocate 77 bytes) in /var/www/test/result/index.php on line 26 I am sure I already tested the php script on localhost successfully. Is there any configuration need be enable/modify on my VPS? Such as php.ini or some setting for apache server? I just verified there are about 200M memory usage are avaliable for my VPS. How can I fix this? ...... function startElementHandler ($parser,$name,$attrib){ global $usercount; global $userdata; global $state; // Line #26; //Debug //print "name is: ".$name."\n"; switch ($name) { case $name=="_ID" : { $userdata[$usercount]["first"] = $attrib["FIRST"]; $userdata[$usercount]["last"] = $attrib["LAST"]; $userdata[$usercount]["nick"] = $attrib["NICK"]; $userdata[$usercount]["title"] = $attrib["TITLE"]; break; } ...... default : {$state=$name;break;} } }

Read the article

MySql backup (MySqldump questions)

- by Camran

I have a vps with ubuntu 9 server. I need to backup my MySql database. Can MySql make backups automatically? If so, how? If not, how should I do it then? The website is a classifieds website (PHP, MySql etc) Thanks

Read the article

Display error message at top of form

- by moustafa

Hello, I'm trying to get the following error to show when some once presses the submit button and has not filled in the required field/s. My PHP code is. <?php require_once("includes/database.php"); require_once("includes/functions.php"); if(isset($_POST['full_name'])) { $required = array('full_name','user_name','email','pwd','pwd2'); $missing = array(); $validation = array( 'full_name' => 'Please provide your full name', 'user_name' => 'Please provide your username', 'email' => 'Please provide your valid email address', 'pwd' => 'Please provide your password', 'pwd2' => 'Please confirm your password', 'userdup' => 'Username already registered', 'emaildup' => 'Email address already registered', 'mismatch' => 'Passwords do not match' ); //Sanitise and clean function $full_name = escape($_POST['full_name']); $user_name = escape($_POST['user_name']); $email = escape($_POST['email']); $pwd = escape($_POST['pwd']); $pwd2 = escape($_POST['pwd2']); foreach($_POST as $key => $value) { $value = trim($value); if(empty($value) && in_array($key,$required)) { array_push($missing,$key); } else { ${$key} = escape($value); } }

Read the article

Change $mailTo variable based on select input value (array)

- by Dirty Bird Design

I have the following select list: <form action="mail.php" method="POST"> <select name="foo" id="foo"> <option value="sales">Sales</option> <option value="salesAssist">Sales Assist</option> <option value="billing">Billing</option> <option value="billingAssist">Billing Assist</option> </select> </form> I need to route the $mailTo variable depending on which option they select, Sales and Sales Assist go to [email protected], while Billing and Billing Assist go to [email protected] PHP pseudeo code! <? php $_POST['foo'] if inArray(sales, salesAssist) foo="[email protected]"; else if inArray(billing, billingAssist) foo="[email protected]"; mailTo="foo" ?> I know there is nothing correct about the above, but you can see what I am trying to do, change a variable's value based on the selected value. I don't want to do this with JS, would rather learn more PHP here. Thank you.

Read the article

Cannot see echo message but my localhost works

- by Sean

This is my very first php code and I can't seem to get it to work. (I'm using Eclipse) <html> <body> <?php echo 'Hello World!'; $txt = "I <3 you!"; $num = 19; ?> </html> </body> When I run it (http://localhost/Assignment3.0/index.php), I get: Not Found The requested URL /Assignment3.0/index.php was not found on this server. Apache/2.2.22 (Ubuntu) Server at localhost Port 80 But when I run this (http://localhost/), I get: It works! This is the default web page for this server. The web server software is running but no content has been added, yet. So what could be the problem? Where's my "Hello World!"? Also, for Stackoverflow formatting, how do I start a new line w/o adding a blank line in between?

Read the article

Why can I not echo out the value from an input text?

- by user3684783

I am using Wordpress to do an auction website. Here is what the code looks like <form method="post" action="<?php echo ProjectTheme_post_new_with_pid_stuff_thg($pid, '1');?>"> <?php do_action('ProjectTheme_step1_before_title'); ?>  <li> <h2><?php echo __('Your Project Title', 'ProjectTheme'); ?>: <img src="../../images/help-icon.png" width="16" height="16" id="showhelp1"/></h2> <div id="help1">Your Project Title should be informative and brief.</div> <p><input type="text" style="width:90%;" class="do_input" name="project_title" value="Enter an informative & brief title..." onfocus="this.value = this.value=='Enter an informative & brief title...'?'':this.value;" onblur="this.value = this.value==''?'Enter an informative & brief title...':this.value;" /></p> <input type="submit" class="post-button" name="project_submit1" value="<?php _e("Next Step", 'ProjectTheme'); ?> »" /> </form> I am using a step by step form for users to fill in and I wanted to do a preview page, however I tried to use: if(isset($_POST['project_submit1'])){ $Name = $_POST['project_title']; echo "$Name"; } It shows up nothing.

Read the article

How much traffic per month would my site need? [closed]

- by camran

HOW MANY GB OF TRAFFIC IS REQUIRED PER MONTH? Any way to calculate this? Webhosting companies have a limit when ordering, so I need to know... A classifieds website using PHP and MYSQL. MYSQL has around 500thousand records. Not much graphics. Pretty advanced search feautures. How much traffic would I need do you think? Thanks

Read the article

[Zend Framework] Forms and success output

- by rasouza

Well, It's a beginer's question but I really don't know what is the best way. I have a basic CRUD (Create, Retrieve, Update and Delete) in my project and I'd like to output some message if succeded or not in a div inside the same page. So, basically, I have a form which action is setted to the same page and I have a div #statusDiv below this same form which I'd like to output something like Register included with success. What is the best way for doing this? Set a flag in the controller $this->view->flagStatus = 'message' then call it in the view? Just to make it more clear. It's my code: //IndexController.php indexAction() ... //Check if there's submitted data if ($this->getRequest()->isPost()) { ... $registries->insert($data); $this->view->flagStatus = 'message'; $this->_redirect('/'); } Then my view: .... <?php if ($this->flagStatus) { ?> <div id="divStatus" class="success span-5" style="display: none;"> <?php echo $this->flagStatus; ?> </div> <?php } ?> ....

Read the article

Determining difference in timestamps for two values in the same MySQL table

- by JayRizzo03

I am relatively new to programming in PHP, so I apologize if this is a rather simple question. I have a MySQL database table called MachineReports that contains the following values: ReportNum(primary key, auto increment), MachineID and Timestamp Here is some example data: |ReportNum | MachineID | Timestamp | |1 | AD3203 | 2012-11-18 06:32:28| |2 | AD3203 | 2012-11-19 04:00:15| |3 | BC4300 | 2012-11-19 04:00:15| What I am attempting to do is find the difference in timestamps in seconds for each machine ID by iterating over each row set. I am getting stuck on the best way to do this, however. Here is the code I've written so far: <?php include '../dbconnect/dbconnect.php'; $machineID=[]; //Get a list of all MachineIDs in the database foreach($dbh->query('SELECT DISTINCT(MachineID) FROM MachineReports') as $row) { array_push($machineID, $row[0]); } for($i=0;$i<count($machineID);$i++){ foreach($dbh->query("SELECT MachineID FROM MachineReports WHERE MachineID='$machineID[$i]' ORDER BY MachineID") as $row) { //code to associate each machineID with two time stamps goes here } } ? This code just lists out the contents of the table row by row. My ultimate goal is to find the difference in timestamps for a certain MachineID. One of the things I've considered is using a multidimensional array in php - using the $machineID as the key and then storing the timestamp inside the array the key points to. However, I'm uncertain how to do that since my query parses row by row. I have quite a few questions. 1) Is this the most efficient way to be doing this? I suspect my database table design may not be the best. 2)What would be the best way to determine the difference in timestamps for a certain machineID? Even just a pointer to a topic that would prompt me to think about this in a different way would be helpful - I'm not afraid to do research. Thanks!

Read the article

how to remove security settings from a connection string in vb.net

- by teju

hi i am trying to add data to the database that was created by some one but when am trying to insert or delete or update the exception is raising and entire project is not working properly and the error i am facing is "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)" so now what should i do to resolve this error and my connection string is written as Dim CON As New SqlConnection("Integrated Security=SSPI; Persist Security Info=False;Initial Catalog=DIGITALGAMES; Data Source=TEJUS-PC\SQLEXPRESS") is there any problem with my connection string ??

Read the article

Array with nested values. Display in ul list. php html.

- by btwong

i have a record set returned from a data base that is looking like this: id | level | lft | rgt | title --------------------------------- 1 | | 1 | 8 | title 1 2 | - | 2 | 5 | sub title 1-1 3 | -- | 3 | 4 | sub sub title 1 4 | - | 6 | 7 | sub title 1-2 5 | | 9 | 12 | title 2 6 | - | 10 | 11 | sub title 2 AS you can see its a hierarchy list, with left n right values. I am trying to display this record set in a list with the correct indentation, so that it appears like this: Title 1 Sub title 1-1 Sub sub title sub title 1-2 Title 2 sub title 2 Any pointers to do this with the one record set? Or should i use multiple queries to display this?

Read the article

Authentication system - Return information that have to change every time

- by paulohr

I have a application (made in Delphi) that contains a Authentication system (login & password). This system is in PHP, and the application get results from PHP using HTTP GET method. The system returns 'OK' if login and password are correct, and 'NO' if not correct. Like this... procedure Check; var x: string; begin x:=Get('www.mywebsite.com/auth.php?user=xxxxxx&pass=zzzzzz'); if x='OK' then UnlockFeatures else MessageBox(0,'You're not VIP','Error',0); end; Well, it works fine, but it is very easy to circumvent this system with sniffers, packet editor or proxy. So, I want to get some information (in PHP) that changes every time, and that could be possible get the same information by my application. What can I do? I don't need codes. Just tips, suggestions, please... Thanks...

Read the article

Problem with mysql_query() ;Says resource expected .

- by user364651

I have this php file. The lines marked as bold are showing up the error :"mysql_query() expecets parameter 2 to be a resources. Well, the similar syntax on the line on which I have commented 'No error??' is working just fine. function checkAnswer($answerEntered,$quesId) { //This functions checks whether answer to question having ques_id = $quesId is satisfied by $answerEntered or not $sql2="SELECT keywords FROM quiz1 WHERE ques_id=$quesId"; **$result2=mysql_query($sql2,$conn);** $keywords=explode(mysql_result($result2,0)); $matches=false; foreach($keywords as $currentKeyword) { if(strcasecmp($currentKeyword,$answerEntered)==0) { $matches=true; } } return $matches; } $sql="SELECT answers FROM user_info WHERE user_id = $_SESSION[user_id]"; $result=mysql_query($sql,$conn); // No error?? $answerText=mysql_result($result,0); //Retrieve answers entered by the user $answerText=str_replace('<','',$answerText); $answerText=str_replace('>',',',$answerText); $answerText=substr($answerText,0,(strlen($answerText)-1)); $answers=explode(",",$answerText); //Get the questions that have been assigned to the user. $sql1="SELECT questions FROM user_info WHERE user_id = $_SESSION[user_id]"; **$result1=mysql_query($sql1,$conn);** $quesIdList=mysql_result($result1,0); $quesIdList=substr($quesIdList,0,(strlen($quesIdList)-1)); $quesIdArray=explode(",",$quesIdList); $reportCard=""; $i=0; foreach($quesIdArray as $currentQuesId) { $answerEnteredByUser=$answers[$i]; if(checkAnswer($answerEnteredByUser,$currentQuesId)) { $reportCard=$reportCard+"1"; } else { $reportCard=$reportCard+"0"; } $i++; } echo $reportCard; ?> Here is the file connect.php. It is working just fine for other PHP documents. <?php $conn= mysql_connect("localhost","root","password"); mysql_select_db("quiz",$conn); ?>

Read the article

How to manage PHP projects?

- by Shakti Singh

I am a PHP developer and I want to know how to manage a project with more than one developer working on the same time. Are there some tools to manage them if any please let me know I don't know about that? The tool which can show everything which developer is working on what task. when he will be available for another task. Who one is free right now? Something managing project as well as utilization of your team member. Tool which can take care of all the phases of a project from coding to delivery.

Read the article

"44 Tips" in PHP Magazin and Other NetBeans IDE Screencasts

- by Geertjan

My recent YouTube series "44 Tips for Front End Web Devs" (part 1, part 2) has been picked up by PHP Magazin: http://phpmagazin.de/news/Frontend-Entwicklung-mit-NetBeans-IDE-168339 Great. I'm working on more screencasts like that, from different angles. For example, one will methodically explain each and every window in NetBeans IDE; another will step through the creation of an application from conception to deployment; while another will focus on the NetBeans IDE extension points and how easily they can be used to add new features to NetBeans IDE. The screencast approach has, I think, a lot of advantages. They take less time to make and they seem to be more effective, in several ways, than tutorials. Hearing someone talk through a scenario seems to also put things in a clearer perspective than when you have everything written out in a document, where small details get lost and diversions are more difficult to make. Anyway, onwards to more screencasts. Any special requests?

Read the article

Temporary website redirect: 3xx or php/meta?

- by Damien Pirsy

Hi, I run a (small) news website which has also a forum in a subfolder of the root. I'm planning to give the site a facelift and a code restructuration, so I wanted to put some redirect on the home page that will point directly to forum's index (www.mysite.com -- www.mysite.com/forum) while I tinker with it. And that, given the little free time I have, will take no less than a couple of month. Being a news site I'm pretty sure that would affect it's overall ranking, but I need to do it, so: which is the best way to redirect? I pondered and read here and there about the different means, but I couldn't figure out which is worst for SEO. Do I use a 302 redirect or use "Location:newurl" in page headers using php? Or I just put a meta tag in the html page (or a javascript, what's better). Sorry but I'm not really into these things, I may have said something silly, I know... Thanks

Read the article

Rendering citations and references in HTML using PHP/Perl/Python/

- by Nick

Is there a PHP/Perl/Python/... library for picking citations out of an HTML file and rendering a nice list of references at the bottom, like in Wikipedia? I'm developing a website with heavily-sourced content, and I'd really like to have automatically-generated lists of formatted references, like in Wikipedia. (Check out their philosophy page, and see how the superscript numbered citations interact with the references at the bottom. This is all dynamically generated, automatically ordered & linked.) They do it really well: the citations are linked to the references (which are backlinked to the citations), when you click on one of the links, the target is highlighted, etc. I'm tempted to build the site on MediaWiki just for this one feature, but it seems like overkill. Do I have any options?

Read the article

Next steps for Asp.Net C# developer (RoR vs Python Django vs PhP Drupal)

- by ProfessorB

A majority of my web development experience has been on the .Net stack (mainly Asp.net C#). I am looking to learn something new in my spare time, for the use of personal projects and possibly for use professionally (as an ISV). I know some Python, done some scripting with it in the past, nothing on the web though. Php has been around for a long time and RoR has gained a lot of popularity. Are there any developers from the .NET world that have migrated over to one or more of the other platforms? If so, which do you prefer and why? Which would you suggest and why?

Read the article

php file upload problem [closed]

- by newcomer

This code works properly in my localhost. I am using xampp 1.7.3. but when I put it in the live server it shows Possible file upload attack!. 'upload/' is the folder under 'public_html' folder on the server. I can upload files via other script in that directory. <?php $uploaddir = '/upload/';//I used C:/xampp/htdocs/upload/ in localhost. is it correct here? $uploadfile = $uploaddir . basename($_FILES['file_0']['name']); echo '<pre>'; if (move_uploaded_file($_FILES['file_0']['tmp_name'], $uploadfile)) { echo "File is valid, and was successfully uploaded.\\n"; } else { echo "Possible file upload attack!\\n"; } echo 'Here is some more debugging info:'; print_r($_FILES); print "</pre>"; ?>

Read the article

Dailymotion dévoile ses API et publie des SDK pour PHP, JavaScript et Objective-C

Dailymotion dévoile ses API Et publie des SDK pour PHP, JavaScript et Objective-C Dailymotion vient de rendre publiques certaines de ses API. Une démarche qui permettra aux développeurs de mieux intégrer ses services à leurs sites et à leurs applications. Ces interfaces de programmation permettent d'intégrer les vidéos du site et leurs options de partage aux sites web et aux applications iOS. Une API très simplifiée (de type REST) permet d'interroger les services du site sans authentification et même directement à partir du code client JavaScript grâce à JSONP (une technique qui permet aux applications de contourner les restrictions des navigateurs quant à la cible ...

Read the article

PHP URL Rewrite engine for small project

- by Jens Törnell

I use PHP. I want to setup a micro site as a prototype, where I can work with the frontend only, separated from any CMS. URL Rewrite I also want the URL rewrite to be correct, like http://www.test.com/products/tables/green/little-wood123/ Question(s) Is there any free class for URL rewriting? I searched but found none. If that is not the way to go, what framework is nice for this? It should be tiny, easy to use and support URL rewrite.

Read the article

HTML5, PHP, JAVA or asp?

- by user67418

I am building a new website for a friend of mine. Its all plain html, and a server side include. The problem is to build static pages for 500 products would not be fun to create, or maintain. So i am forced to at least put dynamic information on these pages based off a spreadsheet, or dynamic pages all together. What i want to do is have a spreadsheet that can be used to keep track of in stock quantity, sku numbers, ecc.. that way i dont have to update hundreds of pages every night. He can just edit the spreadsheet and the pages will automatically adjust. I am a busy man, and i am not asking anyone to just give me the answer. But to save some time what is more worth learning to get this done fastest. HTML5, PHP, JAVA asp, or is there somehthing else better suited?

Read the article

html-encode output && incorrect string error

- by fusion

my data includes arabic characters which looks like garbage in mysql but displays correctly when run on browser. my questions: how do i html-encode the output? if i add this to all my files: <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> i get this error: Error: Incorrect string value: '\xE4\xEE\xC3\xD8\xEF\xE6...' for column 'cQuotes' at row 1 i'm working on php/mysql platform. insertion form in html: <!doctype html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Your Favorite Quotes</title> <link rel="stylesheet" type="text/css" href="style.css" /> <link rel="stylesheet" href="css/validationEngine.jquery.css" type="text/css" media="screen" charset="utf-8" /> <script type="text/javascript" src="scripts/jquery-1.4.2.js"></script> <script src="scripts/jquery.validationEngine-en.js" type="text/javascript"></script> <script src="scripts/jquery.validationEngine.js" type="text/javascript"></script> <script type="text/javascript"> $(document).ready(function() { $("#submitForm").validationEngine() }) </script> </head> <body> <div class="container"> <div class="center_div"> <h2>Submit Your Quote</h2> <fieldset> <form id="submitForm" action="qinsert.php" method="post"> <div class="field"> <label>Author: </label> <input id="author" name="author" type="text" class="validate[required,custom[onlyLetter],length[0,100]]"> </div><br /> <div class="field"> <label>Quote: </label> <textarea id="quote" name="quote" class="validate[required, length[0,1000]]"></textarea> <br /> </div> <input id="button1" type="submit" value="Submit" class="submit" /><br /> <input id="button2" type="reset" value="Reset" /> </form> </fieldset> </div> </div> </body> </html> ////////////////////// query in php: //<?php //header('Content-Type: text/html; charset=UTF-8'); //?> <!doctype html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <link rel="stylesheet" type="text/css" href="style2.css" /> <title>Your Quote Databank</title> </head> <body> <?php include 'config.php'; echo "Connected <br />"; //check for quotes and apostrophes $author = ''; $quote = ''; $author = $_POST['author']; $quote = $_POST['quote']; $author = mysql_real_escape_string(trim($author)); $quote = mysql_real_escape_string(trim($quote)); //************************** //validating data $query = "SELECT * FROM Quotes where cQuotes = '$quote' limit 1;"; $result = mysql_query($query, $conn); //now check that the number of rows is 0 if (mysql_num_rows($result) > 0 ) { header("Location: /error.html"); exit; } //inserting data //mysql_query("SET NAMES 'utf8'"); //mysql_query("SET CHARACTER SET utf8"); $sql="INSERT INTO Quotes (vauthor, cquotes) VALUES ('$author', '$quote')"; if (!mysql_query($sql,$conn)) { die('Error: ' . mysql_error()); } echo "<div class='container'><p><label class='lbl_record'> Record Added Successfully!</label>"; echo "<a href='qform.html'> Submit a New Quote!</a></p>"; //************************** //selecting data $result = mysql_query("SELECT * FROM Quotes ORDER BY idQuotes DESC"); echo "<div class='center_div'>"; echo "<table> <thead> <tr> <th>Author</th> <th>Quotes</th> </tr> </thead>"; while($row = mysql_fetch_array($result)) { echo "<tbody><tr>"; echo "<td width='150px'>" . $row['vAuthor'] . "</td>"; echo "<td>" . $row['cQuotes'] . "</td>"; echo "</tr>"; } echo "</tbody></table>"; echo "</div></div>"; //************************** include 'close_config.php'; ?> </body> </html>

Read the article

delete function and upload

- by Jesper Petersen

it must be said that I download the database and all my function is in class. That's how I was incredible pleased function and think they are nice .. That's how I'm going to build a gallery where the id of the upload to the site if it fits with the id_session is log in page, you have the option to delete it. and so it must just go back to / latest pictures / when it delete it from the folder and database. but it comes up with an error as you can see here; Fatal error: Call to a member function bind_param () on a non-object in / home / jesperbo / public_html / mebe.dk / function / function.php on line 411 It is such that I am also in the process of building an upload system where the underlying database and make it smaller after what I have now set it and when it did the 2 things must send me back to / latest-images / but it do not reach the only available picture up on the server and do it with the picture but it will not go back in some way at all. So to / latest-images / Where wrong with it to delete, etc. I lie just here, $stm1->bind_param('i', $id_gallery); function img_slet_indhold(){ if($_SESSION["logged_in"] = true && $_SESSION["rank"] == '1' || $_SESSION["rank"] == 2) { if($stmt = $this->mysqli->prepare('SELECT `title` FROM `gallery` WHERE `id_gallery` = ?')) { $stm1->bind_param('i', $id_gallery); $id_gallery = $_GET["id_gallery"]; $stm1->execute(); $stm1->store_result(); $stm1->bind_result($title); $UploadDir = "/gallery/"; //ligger i toppen af documentet, evt som en define if($stm1->fetch()) { $tmpfile = $UploadDir . "" . $title; if(file_exists($tmpfile)) { unlink($tmpfile); } $tmpfile = $UploadDir . "lille/" . $title; if(file_exists($tmpfile)) { unlink($tmpfile); } $tmpfile = $UploadDir . "store/" . $title; if(file_exists($tmpfile)) { unlink($tmpfile); } } $stm1->close(); } else { /* Der er opstået en fejl */ echo 'Der opstod en fejl i erklæringen: ' . $mysqli->error; } } if($stmt = $this->mysqli->prepare('DELETE FROM `gallery` WHERE `id_gallery` = ?' )) { $stmt->bind_param('i', $id); $id = $_GET["id_gallery"]; $stmt->execute(); header('Location: /nyeste-billeder/'); $stmt->close(); } else { /* Der er opstået en fejl */ echo 'Der opstod en fejl i erklæringen: ' . $mysqli->error; } } So into the file as it should delete from, I have chosen to do so here; <?php session_start(); require_once ("function/function.php"); $mebe = new mebe; $db = $mebe->db_c(); error_reporting(E_ERROR); $img_slet_indhold = $mebe->img_slet_indhold(); ?> So when I upload image to folder and database, and just after can be returned when uploading function img_indhold(){ if($_SESSION["logged_in"] = true && $_SESSION["rank"] == '1' || $_SESSION["rank"] == 2) { include "function/class.upload.php"; $handle = new Upload($_FILES["filename"]); if($handle->uploaded) { //lidt mere store billeder $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_x = 220; $handle->Process("gallery/store"); //til profil billede lign.. $handle->image_resize = true; $handle->image_ratio_crop = true; $handle->image_y = 115; $handle->image_x = 100; $handle->Process("gallery"); //til profil billede lign.. $handle->image_resize = true; $handle->image_ratio_crop = true; $handle->image_y = 75; $handle->image_x = 75; $handle->Process("gallery/lille"); $pb = $handle->file_dst_name; } if($stmt = $this->mysqli->prepare('INSERT INTO `gallery` (`title`, `id_bruger`) VALUES (?, ?)')) { $stmt->bind_param('si', $title, $id_bruger); $title = $pb; $id_bruger = $_SESSION["id"]; $stmt->execute(); header('Location: /nyeste-billeder/'); $stmt->close(); } } } So when I call it on the page when it is required to do so do it like this; <?php session_start(); require_once ("function/function.php"); $mebe = new mebe; $db = $mebe->db_c(); error_reporting(E_ERROR); $img_slet_indhold = $mebe->img_slet_indhold(); ?> it is here as to when I will upload to the site and show gallery / pictures on the page function vise_img(){ if ($stmt = $this->mysqli->prepare('SELECT `id_gallery`, `title`, `id_bruger` FROM `gallery` ORDER BY `gallery`.`id_gallery` DESC')) { $stmt->execute(); $stmt->store_result(); $stmt->bind_result($id_gallery, $title, $id_bruger); while ($stmt->fetch()) { echo "<div id=\"gallery_box\">"; echo "<a href=\"/profil/$id_bruger/\"><img src=\"/gallery/$title\" alt=\"\" height=\"115\" width=\"100\" border=\"0\"></a>"; if($_SESSION["logged_in"]) { if($id_bruger == $_SESSION["id"]) { echo "<ul>"; echo "<li><a href=\"/nyeste-billeder-slet/$id_gallery/\">Slet</a></li>"; echo "</ul>"; } } echo "</div>"; } /* Luk statement */ $stmt->close(); } else { /* Der er opstået en fejl */ echo 'Der opstod en fejl i erklæringen: ' . $mysqli->error; } } function upload_img(){ if($_SESSION["logged_in"] = true && $_SESSION["rank"] == '1' || $_SESSION["rank"] == 2) { ?> <form name="opslag" method="post" action="/nyeste-ok/" enctype="multipart/form-data"> <input type="file" name="filename" id="filename" onchange="checkFileExt(this)"> <input name="upload" value="Upload" id="background_indhold" onclick="return check()" type="submit"> </form> <?php } elseif ($_SESSION["logged_in"] != true && $_SESSION["rank"] != '1' || $_SESSION["rank"] != 2) { echo "<p>Du har ingen mulighed for at upload billeder på siden</p>"; } } Really hope you are able to help me further!

Read the article

All is working except if($_POST['submit']=='Update')

- by user1319909

I have a working registration and login system. I am trying to create a form where a user can add product registration info (via mysql update). I can't seem to get the db to actually update the fields. What am I missing here?!? <?php define('INCLUDE_CHECK',true); require 'connect.php'; require 'functions.php'; // Those two files can be included only if INCLUDE_CHECK is defined session_name('tzLogin'); // Starting the session session_set_cookie_params(2*7*24*60*60); // Making the cookie live for 2 weeks session_start(); if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe']) { // If you are logged in, but you don't have the tzRemember cookie (browser restart) // and you have not checked the rememberMe checkbox: $_SESSION = array(); session_destroy(); // Destroy the session } if(isset($_GET['logoff'])) { $_SESSION = array(); session_destroy(); header("Location: index_login3.php"); exit; } if($_POST['submit']=='Login') { // Checking whether the Login form has been submitted $err = array(); // Will hold our errors if(!$_POST['username'] || !$_POST['password']) $err[] = 'All the fields must be filled in!'; if(!count($err)) { $_POST['username'] = mysql_real_escape_string($_POST['username']); $_POST['password'] = mysql_real_escape_string($_POST['password']); $_POST['rememberMe'] = (int)$_POST['rememberMe']; // Escaping all input data $row = mysql_fetch_assoc(mysql_query("SELECT * FROM electrix_users WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'")); if($row['usr']) { // If everything is OK login $_SESSION['usr']=$row['usr']; $_SESSION['id'] = $row['id']; $_SESSION['email'] = $row['email']; $_SESSION['first'] = $row['first']; $_SESSION['last'] = $row['last']; $_SESSION['address1'] = $row['address1']; $_SESSION['address2'] = $row['address2']; $_SESSION['city'] = $row['city']; $_SESSION['state'] = $row['state']; $_SESSION['zip'] = $row['zip']; $_SESSION['country'] = $row['country']; $_SESSION['product1'] = $row['product1']; $_SESSION['serial1'] = $row['serial1']; $_SESSION['product2'] = $row['product2']; $_SESSION['serial2'] = $row['serial2']; $_SESSION['product3'] = $row['product3']; $_SESSION['serial3'] = $row['serial3']; $_SESSION['rememberMe'] = $_POST['rememberMe']; // Store some data in the session setcookie('tzRemember',$_POST['rememberMe']); } else $err[]='Wrong username and/or password!'; } if($err) $_SESSION['msg']['login-err'] = implode('<br />',$err); // Save the error messages in the session header("Location: index_login3.php"); exit; } else if($_POST['submit']=='Register') { // If the Register form has been submitted $err = array(); if(strlen($_POST['username'])<4 || strlen($_POST['username'])>32) { $err[]='Your username must be between 3 and 32 characters!'; } if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username'])) { $err[]='Your username contains invalid characters!'; } if(!checkEmail($_POST['email'])) { $err[]='Your email is not valid!'; } if(!count($err)) { // If there are no errors $pass = substr(md5($_SERVER['REMOTE_ADDR'].microtime().rand(1,100000)),0,6); // Generate a random password $_POST['email'] = mysql_real_escape_string($_POST['email']); $_POST['username'] = mysql_real_escape_string($_POST['username']); $_POST['first'] = mysql_real_escape_string($_POST['first']); $_POST['last'] = mysql_real_escape_string($_POST['last']); $_POST['address1'] = mysql_real_escape_string($_POST['address1']); $_POST['address2'] = mysql_real_escape_string($_POST['address2']); $_POST['city'] = mysql_real_escape_string($_POST['city']); $_POST['state'] = mysql_real_escape_string($_POST['state']); $_POST['zip'] = mysql_real_escape_string($_POST['zip']); $_POST['country'] = mysql_real_escape_string($_POST['country']); // Escape the input data mysql_query(" INSERT INTO electrix_users(usr,pass,email,first,last,address1,address2,city,state,zip,country,regIP,dt) VALUES( '".$_POST['username']."', '".md5($pass)."', '".$_POST['email']."', '".$_POST['first']."', '".$_POST['last']."', '".$_POST['address1']."', '".$_POST['address2']."', '".$_POST['city']."', '".$_POST['state']."', '".$_POST['zip']."', '".$_POST['country']."', '".$_SERVER['REMOTE_ADDR']."', NOW() )"); if(mysql_affected_rows($link)==1) { send_mail( '[email protected]', $_POST['email'], 'Your New Electrix User Password', 'Thank you for registering at www.electrixpro.com. Your password is: '.$pass); $_SESSION['msg']['reg-success']='We sent you an email with your new password!'; } else $err[]='This username is already taken!'; } if(count($err)) { $_SESSION['msg']['reg-err'] = implode('<br />',$err); } header("Location: index_login3.php"); exit; } if($_POST['submit']=='Update') { { mysql_query(" UPDATE electrix_users(product1,serial1,product2,serial2,product3,serial3) WHERE usr='{$_POST['username']}' VALUES( '".$_POST['product1']."', '".$_POST['serial1']."', '".$_POST['product2']."', '".$_POST['serial2']."', '".$_POST['product3']."', '".$_POST['serial3']."', )"); if(mysql_affected_rows($link)==1) { $_SESSION['msg']['upd-success']='Thank you for registering your Electrix product'; } else $err[]='So Sad!'; } if(count($err)) { $_SESSION['msg']['upd-err'] = implode('<br />',$err); } header("Location: index_login3.php"); exit; } if($_SESSION['msg']) { // The script below shows the sliding panel on page load $script = ' <script type="text/javascript"> $(function(){ $("div#panel").show(); $("#toggle a").toggle(); }); </script>'; } ?>

Search Results

Search found 43347 results on 1734 pages for 'php security'.

Page 569/1734 | < Previous Page | 565 566 567 568 569 570 571 572 573 574 575 576 | Next Page >

- by Nano HE

- by Camran

- by moustafa

- by Dirty Bird Design

- by Sean

- by user3684783

- by camran

- by rasouza

- by JayRizzo03

- by teju

- by btwong

- by paulohr

- by user364651

- by Shakti Singh

- by Geertjan

- by Damien Pirsy

- by Nick

- by ProfessorB

- by newcomer

- by Jens Törnell

- by user67418

- by fusion

- by Jesper Petersen

- by user1319909

< Previous Page | 565 566 567 568 569 570 571 572 573 574 575 576 | Next Page >