Search Results

Search found 53 results on 3 pages for 'addslashes'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 2/3 | < Previous Page | 1 2 3  | Next Page >

  • php push 2d array into mysql

    - by john
    Hay All, I cant seem to get my head around this dispite the number to examples i read. Basically I have a 2d array and want to insert it into MySQL. The array contains a few strings. I cant get the following to work... $value = addslashes(serialize($temp3));//temp3 is my 2d array, do i need to use keys? (i am not at the moment) $query = "INSERT INTO table sip (id,keyword,data,flags) VALUES(\"$value\")"; mysql_query($query) or die("Failed Query"); Thanks Guys,

    Read the article

  • create_function with default parameter values?

    - by SoLoGHoST
    Ok, I'm looking into using create_function for what I need to do, and I don't see a way to define default parameter values with it. Is this possible? If so, what would be the best approach for inputting the params into the create_function function in php? Perhaps using addslashes? Well, for example, I have a function like so: function testing($param1 = 'blah', $param2 = array()) { if($param1 == 'blah') return $param1 else { $notblah = ''; if (count($param2) >= 1) { foreach($param2 as $param) $notblah .= $param; return $notblah; } else return 'empty'; } } Ok, so how would I use create_function to do the same thing, adding the parameters and their default values? The thing is, the parameters are coming from a TEXT file, as well as the function itself. So, wondering on the best approach for this using create_function and how exactly the string should be parsed. Thanks :)

    Read the article

  • How to detect padding on an integer and treat it as a string?

    - by Sirber
    I have this function to prepare variable to be used in a SQL query: function sqlize($mInput) { if (!isset($mInput)) $mInput = "null"; elseif (strtolower($mInput) == "null") { } elseif (is_numeric($mInput)) { } elseif (is_string($mInput)) { $mInput = trim($mInput); $mInput = addslashes($mInput); $mInput = '"' . $mInput . '"'; } else $mInput = "null"; return $mInput; } I have a string "0004", which is going in a "varchar field", is cought by is_numeric, and is saved as "4" and not "0004". Is there a way to detect the padding and process it as a string? Thank you!

    Read the article

  • Form Submitting Incorrect Information to MySQL Database

    - by ThatMacLad
    I've created a form that submits data to a MySQL database but the Date, Time, Year and Month fields constantly revert to the exact same date (1st January 1970) despite the fact that when I submit the information to the database the form displays the current date, time etc to me. I've already set it so that the time and date fields automatically display the current time and date. Could someone please help me with this. Form: <html> <head> <title>Blog | New Post</title> <link rel="stylesheet" href="css/newposts.css" type="text/css" /> </head> <body> <div class="new-form"> <div class="header"> <a href="edit.php"><img src="images/edit-home-button.png"></a> </div> <div class="form-bg"> <?php if (isset($_POST['submit'])) { $month = htmlspecialchars(strip_tags($_POST['month'])); $date = htmlspecialchars(strip_tags($_POST['date'])); $year = htmlspecialchars(strip_tags($_POST['year'])); $time = htmlspecialchars(strip_tags($_POST['time'])); $title = htmlspecialchars(strip_tags($_POST['title'])); $entry = $_POST['entry']; $timestamp = strtotime($month . " " . $date . " " . $year . " " . $time); $entry = nl2br($entry); if (!get_magic_quotes_gpc()) { $title = addslashes($title); $entry = addslashes($entry); } mysql_connect ('localhost', 'root', 'root') ; mysql_select_db ('tmlblog'); $sql = "INSERT INTO php_blog (timestamp,title,entry) VALUES ('$timestamp','$title','$entry')"; $result = mysql_query($sql) or print("Can't insert into table php_blog.<br />" . $sql . "<br />" . mysql_error()); if ($result != false) { print "<p class=\"success\">Your entry has successfully been entered into the blog. </p>"; } mysql_close(); } ?> <?php $current_month = date("F"); $current_date = date("d"); $current_year = date("Y"); $current_time = date("H:i"); ?> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <input class="field" type="text" name="date" id="date" size="2" value="<?php echo $current_month; ?>" /> <input class="field" type="text" name="date" id="date" size="2" value="<?php echo $current_date; ?>" /> <input class="field" type="text" name="date" id="date" size="2" value="<?php echo $current_year; ?>" /> <input type="text" name="time" id="time" size="5"value="<?php echo $current_time; ?>" /> <input class="field2" type="text" id="title" value="Title Goes Here." name="title" size="40" /> <textarea class="textarea" cols="80" rows="20" name="entry" id="entry" class="field2"></textarea> <input class="field" type="submit" name="submit" id="submit" value="Submit"> </form> </div> </div> </div> <div class="bottom"></div> </body> </html>

    Read the article

  • Simple parameter checking function, here just want the % to be allowed

    - by abas_rafiq
    I'm using PDO's bindParam. This is the function which checks every GET variable on the website. After changing it will echo it out: function Check_Get_Param($val){ $value1=addslashes($val); $string1=htmlspecialchars($value1); $string2=strip_tags($string1); $string3=intval($string2); return $string3; } Hhere this will output the result: Check_Get_Param($_GET['id']); Now the idea is any id or id= any or id = % $_GET['id'] = % will result 0 as % is not integer. How to allow % also? How do I modify this function or any other function that I could filter the GET parameters so I could keep out the web from injections?

    Read the article

  • Are SQL Injection vulnerabilities in a PHP application acceptable if mod_security is enabled?

    - by Austin Smith
    I've been asked to audit a PHP application. No framework, no router, no model. Pure PHP. Few shared functions. HTML, CSS, and JS all mixed together. I've discovered numerous places where SQL injection would be easily possible. There are other problems with the application (XSS vulnerabilities, rampant inline CSS, code copy-pasted everywhere) but this is the biggest. Sometimes they escape inputs, not using a prepared query or even mysql_real_escape_string(), mind you, but using addslashes(). Often, though, their queries look exactly like this (pasted from their code but with columns and variable names changed): $user = mysql_query("select * from profile where profile_id='".$_REQUEST["profile_id"]."'"); The developers in question claimed that they were unable to hack their application. I tried, and found mod_security to be enabled, resulting in HTTP 406 for some obvious SQL injection attacks. I believe there to be sophisticated workarounds for mod_security, but I don't have time to chase them down. They claim that this is a "conceptual" matter and not a "practical" one since the application can't easily be hacked. Their internal auditor agreed that there were problems, but emphasized the conceptual nature of the issues. They also use this conceptual/practical argument to defend against inline CSS and JS, absence of code organization, XSS vulnerabilities, and massive amounts of repetition. My client (rightly so, perhaps) just wants this to go away so they can launch their product. The site works. You can log in, do what you need to do, and things are visibly functional, if slow. SQL Injection would indeed be hard to do, given mod_security. Further, their talk of "conceptual vs. practical" is rhetorically brilliant, considering that my client doesn't understand web application security. I worry that they've succeeded in making me sound like an angry puritan. In many ways, this is a problem of politics, not technology, but I am at a loss. As a developer, I want to tell them to toss the whole project and start over with a new team, but I face a strong defense from the team that built it and a client who really needs to ship their product. Is my position here too harsh? Even if they fix the SQL Injection and XSS problems can I ever endorse the release of an unmaintainable tangle of spaghetti code?

    Read the article

  • Unnecessary Error Message Being Displayed

    - by ThatMacLad
    I've set up a form to update my blog and it was working fine up until about this morning. It keeps on turning up with an Invalid Entry ID error on the edit post page when I click the update button despite the fact that it updates the homepage. All help is seriously appreciated. <html> <head> <title>Ultan's Blog | New Post</title> <link rel="stylesheet" href="css/editpost.css" type="text/css" /> </head> <body> <div class="new-form"> <div class="header"> </div> <div class="form-bg"> <?php mysql_connect ('localhost', 'root', 'root') ; mysql_select_db ('tmlblog'); if (isset($_POST['update'])) { $id = htmlspecialchars(strip_tags($_POST['id'])); $month = htmlspecialchars(strip_tags($_POST['month'])); $date = htmlspecialchars(strip_tags($_POST['date'])); $year = htmlspecialchars(strip_tags($_POST['year'])); $time = htmlspecialchars(strip_tags($_POST['time'])); $entry = $_POST['entry']; $title = htmlspecialchars(strip_tags($_POST['title'])); if (isset($_POST['password'])) $password = htmlspecialchars(strip_tags($_POST['password'])); else $password = ""; $entry = nl2br($entry); if (!get_magic_quotes_gpc()) { $title = addslashes($title); $entry = addslashes($entry); } $timestamp = strtotime ($month . " " . $date . " " . $year . " " . $time); $result = mysql_query("UPDATE php_blog SET timestamp='$timestamp', title='$title', entry='$entry', password='$password' WHERE id='$id' LIMIT 1") or print ("Can't update entry.<br />" . mysql_error()); header("Location: post.php?id=" . $id); } if (isset($_POST['delete'])) { $id = (int)$_POST['id']; $result = mysql_query("DELETE FROM php_blog WHERE id='$id'") or print ("Can't delete entry.<br />" . mysql_error()); if ($result != false) { print "The entry has been successfully deleted from the database."; exit; } } if (!isset($_GET['id']) || empty($_GET['id']) || !is_numeric($_GET['id'])) { die("Invalid entry ID."); } else { $id = (int)$_GET['id']; } $result = mysql_query ("SELECT * FROM php_blog WHERE id='$id'") or print ("Can't select entry.<br />" . $sql . "<br />" . mysql_error()); while ($row = mysql_fetch_array($result)) { $old_timestamp = $row['timestamp']; $old_title = stripslashes($row['title']); $old_entry = stripslashes($row['entry']); $old_password = $row['password']; $old_title = str_replace('"','\'',$old_title); $old_entry = str_replace('<br />', '', $old_entry); $old_month = date("F",$old_timestamp); $old_date = date("d",$old_timestamp); $old_year = date("Y",$old_timestamp); $old_time = date("H:i",$old_timestamp); } ?> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <p><input type="hidden" name="id" value="<?php echo $id; ?>" /> <strong><label for="month">Date (month, day, year):</label></strong> <select name="month" id="month"> <option value="<?php echo $old_month; ?>"><?php echo $old_month; ?></option> <option value="January">January</option> <option value="February">February</option> <option value="March">March</option> <option value="April">April</option> <option value="May">May</option> <option value="June">June</option> <option value="July">July</option> <option value="August">August</option> <option value="September">September</option> <option value="October">October</option> <option value="November">November</option> <option value="December">December</option> </select> <input type="text" name="date" id="date" size="2" value="<?php echo $old_date; ?>" /> <select name="year" id="year"> <option value="<?php echo $old_year; ?>"><?php echo $old_year; ?></option> <option value="2004">2004</option> <option value="2005">2005</option> <option value="2006">2006</option> <option value="2007">2007</option> <option value="2008">2008</option> <option value="2009">2009</option> <option value="2010">2010</option> </select> <strong><label for="time">Time:</label></strong> <input type="text" name="time" id="time" size="5" value="<?php echo $old_time; ?>" /></p> <p><strong><label for="title">Title:</label></strong> <input type="text" name="title" id="title" value="<?php echo $old_title; ?>" size="40" /> </p> <p><strong><label for="password">Password protect?</label></strong> <input type="checkbox" name="password" id="password" value="1"<?php if($old_password == 1) echo " checked=\"checked\""; ?> /></p> <p><textarea cols="80" rows="20" name="entry" id="entry"><?php echo $old_entry; ?></textarea></p> <p><input type="submit" name="update" id="update" value="Update"></p> </form> <p><strong>Be absolutely sure that this is the post that you wish to remove from the blog!</strong><br /> </p> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <input type="hidden" name="id" id="id" value="<?php echo $id; ?>" /> <input type="submit" name="delete" id="delete" value="Delete" /> </form> </div> </div> </div> <div class="bottom"></div> </body> </html>

    Read the article

  • PHP script keeps doing mmap/munmap

    - by Aurélien Momow
    Hello, My PHP script contains a loop, which does nothing much more than echoing and dereferencing pointers (like in $tab[$othertab[$i]]- stuff). It was working great until yesterday, when this script starting being VERY slow (like 50 times slower than before). After using strace, i figured out that 90% of the time, the script does mmap/munmap. Here is a random portion of the strace log : mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 munmap(0x7fac0156c000, 266240) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0156c000 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac0152b000 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fac014ea000 Here is the result of the strace -c command : % time seconds usecs/call calls errors syscall ------ ----------- ----------- --------- --------- ---------------- 82.77 0.004092 0 13542 mmap 9.69 0.000479 0 3642 write 7.54 0.000373 0 13541 munmap 0.00 0.000000 0 100 read 0.00 0.000000 0 88 poll 0.00 0.000000 0 25 4 access ------ ----------- ----------- --------- --------- ---------------- 100.00 0.004944 30938 4 total Here is the php script : function affAnnonce($tabAnnonces, $isDoublon = 0) { GLOBAL $db, $base, $tabDomaine, $doublon, $traduction, $tab_contrat, $tab_emploi, $tab_categ, $tab_metier, $tab_region, $tab_departement, $tab_secteur, $tab_experience, $calc_all, $tabLangues, $tabLanguesNiveau, $tabNoAffAnnonce, $tabHisto; foreach($tabAnnonces AS $tmp) { if (in_array($tmp['id'], $tabNoAffAnnonce) === true) { continue; } $value->host = "../"; foreach($tabDomaine AS $domaine => $valeur) { if ($domaine == $tmp['domaine']) { $value->host = $valeur->host; break; } } // Ordre // secteur;metier;contrat;emploi;region;langues;domaine $tabPushModif = array(); if ($tmp['push_preview'] != '') { $tabPushModif = explode(';', $tmp['push_preview']); $tabPushModif['secteur'] = $tabPushModif[0]; $tabPushModif['metier'] = $tabPushModif[1]; $tabPushModif['contrat'] = $tabPushModif[2]; $tabPushModif['id_emploi'] = $tabPushModif[3]; $tabPushModif['regions'] = $tabPushModif[4]; $tabPushModif['langues'] = $tabPushModif[5]; $tabPushModif['domaine'] = $tabPushModif[6]; } $infoSoc = get_nom_societe($tmp['id_societe']); $number = ($tmp['nb_preview_push'] != '' ? $tmp['nb_preview_push'] : '&nbsp;'); $secteurs = explode ("/", $tmp[secteur]); $sector = ""; $count_sect = count($secteurs); for ($k = 0; $k < $count_sect; $k++) { if ($secteurs[$k] != '') { $sector .= $tab_secteur[$secteurs[$k]].'/'; } } $tmp['poste'] = apresinsertion($tmp['poste']); $tmp['metier'] = $tab_metier[$tmp['metier']]; $tmp['region'] = $tab_region[$tmp['region']]; $tmp['departement'] = $tab_departement[$tmp['departement']]; $tmp['secteur'] = $sector; $tmp['id_contrat'] = $tmp['contrat']; $tmp['contrat'] = $tab_contrat[$tmp['contrat']]; $tmp['emploi'] = $tab_emploi[$tmp['id_emploi']]; $tmp['categorie'] = $tab_categ[$tmp['categorie']]; echo '<tr id="'.($isDoublon ? 'dbl_' : '').$tmp['id'].'"><td align="center" class="tdFirst nowrap dbl_'.$tmp['id'].'" id="aff_'.$tmp['id'].'"'; switch($tmp['affiche']) { case '0': echo ' bgcolor=#DBB7FF'; break; default : ; } echo '><a href=?op=annonces&search4='.$tmp[id].' target=_new>'.$tmp[id].'</a><br />'; echo '<a href="'.$value->host.'" target="blank">'.strtoupper($tmp['domaine']).'<br /><img src="../images/flags/'.$tmp['domaine'].'.png" border=0 align=middle></a>'; echo '</TD><TD align=center class=tdNext'; if ($tmp['filtre'] == 1) echo ' bgcolor=#FF0000'; echo '>'; if ($isDoublon) echo '<a id="'.$tmp['id'].'" class="doublon" href="#">DOUBLON</a> - '; if (($tmp[id_reponse] == 1) || ($tmp[id_reponse] == 2) || ($tmp[id_reponse] == 4) || ($tmp[id_reponse] == 5)) echo '<a href="javascript:voir_annonce(\''.$tmp['id'].'\', \''.$value->host.'\')" onMouseOver="showPreview('.$tmp['id'].');" onMouseOut="hidePreview('.$tmp['id'].');">'.$tmp['poste'].'</a>'; if ($tmp[id_reponse] == 3) echo '<a href="javascript:voir_annonce3(\''.$tmp['url_reponse'].'\')" onMouseOver="showPreview('.$tmp['id'].');" onMouseOut="hidePreview('.$tmp['id'].');">'.$tmp['poste'].'</a>'; if ($tmp['urgent'] == 1) print " - <font class=r_bold>urgent</font>"; if ($tmp['gold'] == 1) print " - <font class=g_bold>gold</font>"; if ($tmp['cvtheque'] == 1) print " - CVthèque"; if ($tmp['url_reponse'] != '' && $tmp['id_reponse'] != 3) { echo '<br /><br />URL - '; $len = strlen($tmp['url_reponse']); if ($len > 50) { $link = substr($tmp['url_reponse'], 0, 47).'...'; } else { $link = $tmp['url_reponse']; } echo '<a href="'.$tmp['url_reponse'].'" style="color: #666;" target="_blank">'.$link.'</a>'; } // Début du div ou sera placé l'annonce echo '<br /><div id="preview_'.$tmp['id'].'" name="preview_'.$tmp['id'].'" class="tdStyle1" style="z-index: 1000; display: none; position: fixed; left: 0px; top: 0px; padding: 4px; border: 1px solid #666; background: #fff; text-align: left; width: 777px;" onMouseOver="showPreview('.$tmp['id'].');" onMouseOut="hidePreview('.$tmp['id'].');">'; $tmp["url"] = substr($tmp["url"], 7); $id_modele = getIdModeleByAnnonce($tmp['id_societe'], $tmp["id"], $tmp['domaine']); $tmp["poste"] = mb_strtoupper($tmp["poste"]); $isFnh = isFnhAnnonce($tmp['id']); $logo = ""; if ($isFnh) { $logo_jpg = getFnhLogo(); $logo = "<img align='center' border='0' src='".$logo_jpg."' />"; } else { if ($id_modele > 0) { if ($tmp['id_reponse'] == 1) { $logo_gif = "../fichiers/societes/".$tmp['id_societe']."/".$id_modele.".gif"; if (file_exists($logo_gif)) { $logo = "<img align=center border=0 src=".$logo_gif.">"; } } else { $rep = "../fichiers/societes/".$tmp['id_societe']."/".$id_modele; $logo_jpg = $rep.".jpg"; $logo_swf = $rep.".swf"; $logo_gif = $rep.".gif"; if (file_exists($logo_jpg)) { $logo = "<img align=center border=0 src=".$logo_jpg.">"; } elseif (file_exists($logo_swf)) $logo = '<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,0,0" width="120" height="600"> <param name=movie value="'.$logo_swf.'"> <param name=quality value=high> <embed src="'.$logo_swf.'" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="120" height="600"></embed> </object>'; elseif (file_exists($logo_gif)) { $logo = "<img align=center border=0 src=".$logo_gif.">"; } } } } if (strlen($logo) > 0 && strlen($tmp['url']) > 0) $logo = "<a href=http://".$tmp['url']." target=_blank>".$logo."</a>"; if (strlen($tmp['url_reponse']) <= 0) { $tmp['url_reponse'] = "../jobs/repondre_annonce.php?id=".$tmp['id']."\" onClick=\""; if ($tmp['contact_email'] == "") $tmp['url_reponse'] .= "alert('".$traduction->aff_word("repondre_courrier", $tabTrad['only_word']).'\n'.$tmp['societe'].'\n'.str_replace("<br />", '\n', ereg_replace("[\r\n\t]", "", $tmp['adresse']))."');"; else $tmp['url_reponse'] .= "popUp(this.href, 'scroll', 540, 400);"; $tmp['url_reponse'] .= "return false;"; } ?> <table width="775" cellspacing="0" cellpadding="0" border=0> <? if ($tmp['id_reponse'] != "2") { ?> <tr> <td width="575" align=center valign=top> <table width="535" border=0 cellspacing=0 cellpadding=2> <tr> <td colspan="2" class="nom_societe"><?=$tmp['societe']?></td> </tr> <tr> <td colspan="2"><hr size=1 color=#000000></td> </tr> <tr> <td colspan="2" align="right"><?=date_2fr($tmp["date_affichage"], 1)?></td> </tr> <tr> <td align="right" class=bold><?=$traduction->aff_word("pays")?>&nbsp;:</td> <td align="left"><?=$tmp['pays0']?></td> </tr> <? if ($tmp['region']) { ?> <tr> <td align="right" class=bold><?=$traduction->aff_word("region")?>&nbsp;:</td> <td align="left"><?=$tmp['region']?></td> </tr> <? } if ($tmp['departement']) { ?> <tr> <td align="right" class=bold><?=$traduction->aff_word("departement")?>&nbsp;:</td> <td align="left"><?=$tmp['departement']?></td> </tr> <? } if ($tmp['ville']) { ?> <tr> <td align="right" class=bold><?=$traduction->aff_word("ville")?>&nbsp;:</td> <td align="left"><?=$tmp['ville']?></td> </tr> <? } if ($tmp['debut']) { ?> <tr> <td align="right" class=bold><?=$traduction->aff_word("debut_travail")?>&nbsp;:</td> <td align="left"><?=$tmp['debut']?></td> </tr> <? } ?> <tr> <td align="right" class=bold><?=$traduction->aff_word("type_contrat")?>&nbsp;:</td> <td align="left"><?=$tmp['contrat']?></td> </tr> <? if ($tmp['emploi']) { ?> <tr> <td align="right" class=bold><?=$traduction->aff_word("type_emploi")?>&nbsp;:</td> <td align="left"><?=$tmp['emploi']?></td> </tr> <? } if ($tmp['salaire']) { ?> <tr> <td align="right" class=bold><?=$traduction->aff_word("salaire")?>&nbsp;:</td> <td align="left"><?=$tmp['salaire']?></td> </tr> <? } if ($tmp['experience']) { ?> <tr> <td align="right" class=bold><?=$traduction->aff_word("experience_metier")?>&nbsp;:</td> <td align="left"><?=$tab_experience[$tmp['experience']]?></td> </tr> <? } if ($tmp['reference']) { ?> <tr> <td align="right" class=bold><?=$traduction->aff_word("reference")?>&nbsp;:</td> <td align="left"><?=$tmp['reference']?></td> </tr> <? } ?> <tr> <td>&nbsp;</td> <td><hr size=1 color=#000000 width=405></td> </tr> <? if ($tmp['presentation']) { ?> <tr> <td valign=top align="right" class=bold><?=$traduction->aff_word("presentation")?>&nbsp;:</td> <td style="text-align: justify;"><?=$tmp['presentation']?></td> </tr> <tr> <td>&nbsp;</td> <td><hr size=1 color=#000000 width=405></td> </tr> <? } ?> <tr> <td valign="top" class=bold align="right"><?=$traduction->aff_word("poste")?>&nbsp;:</td> <td valign="top" class=titre_poste align=center><?=$tmp['poste']?></td> </tr> <tr> <td colspan=2>&nbsp;</td> </tr> <tr> <td valign="top" class=bold align="right"><?=$traduction->aff_word("description")?>&nbsp;:</td> <td style="text-align: justify;"><?=$tmp['description']?></td> </tr> <tr> <td width=100%>&nbsp;</td> <td width=405><hr size=1 color=#000000 width=405></td> </tr> <? if ($tmp['profil']) { ?> <tr> <td valign="top" align="right" class=bold><?=$traduction->aff_word("profil")?>&nbsp;:</td> <td valign="top" style="text-align: justify;"><?=$tmp['profil']?></td> </tr> <tr> <td>&nbsp;</td> <td><hr size=1 color=#000000 width=405></td> </tr> <? } if ($tmp['recommandation']) { ?> <tr> <td valign="top" align="left"></td> <td valign="top" style="text-align: justify;"><?=$tmp['recommandation']?></td> </tr> <tr> <td>&nbsp;</td> <td><hr size=1 color=#000000 width=405></td> </tr> <? } if ($tmp['contact_nom'] || $tmp['contact_prenom']) { ?> <tr> <td valign="top" align="right" class=bold><?=$traduction->aff_word("contact")?>&nbsp;:</td> <td valign="top" align="left"><?=$tmp['contact_prenom']?>&nbsp;<?=$tmp['contact_nom']?></td> </tr> <tr> <td>&nbsp;</td> <td><hr size=1 color=#000000 width=405></td> </tr> <? } ?> <? } elseif ($tmp['domaine'] != 'de') { ?> <tr> <td colspan=2><table width="755" align=right valign=top><tr><td><?=$tmp['presentation']?></td></tr></table></td> </tr> <? } ?> <tr> <td rowspan=6>&nbsp;</td> <td><a href="<?=$tmp['url_reponse']?>" target="_blank">&gt;&gt;&nbsp;<?=$traduction->aff_word("repondre_en_ligne")?></a></td> </tr> <tr> <td><a href="../jobs/affiche_imprime_annonce.php?id=<?=$tmp['id']?>" onClick="popUp(this.href, 'scroll', 540, 400);return false;" target="_blank">&gt;&gt;&nbsp;<?=$traduction->aff_word("version_imprimer")?></a></td> </tr> <tr> <td><a href="../jobs/send_friend_annonce.php?id=<?=$tmp['id']?>" onClick="popUp(this.href, 'clean', 400, 300);return false;" target="_blank">&gt;&gt;&nbsp;<?=$traduction->aff_word("envoi_ami")?></a></td> </tr> <tr> <td><a href="./affiche_liste.php?soc=<?=$tmp['societe_clean']?>">&gt;&gt;&nbsp;<?=$traduction->aff_word("toutes_offres")?> <?=$tmp['societe']?></a></td> </tr> <tr> <td><a href="../jobs/index.php">&gt;&gt;&nbsp;<?=$traduction->aff_word("nouvelle_recherche")?></a></td> </tr> <tr> <td><a href="../jobs/index.php" onClick="javascript:retour(); return false;">&lt;&lt;&nbsp;<?=$traduction->aff_word("retour")?></a></td> </tr> <? if ($tmp['id_reponse'] != "2") { ?> </table> </td> <td width="200" align=center class=black_bord valign=top> <table width="190" cellspacing=0 cellpadding=0 border=0> <tr> <td colspan="2" align="center" valign="top" class=bold><? if ($tmp['id_reponse'] != "5") { ?><br><? } ?><?=$logo?><br><br><?=$tmp['societe']?></td> </tr> <? if ($tmp['adresse']) { ?> <tr> <td align="center" colspan=2><?=$tmp['adresse']?></td> </tr> <tr> <td colspan=2>&nbsp;</td> </tr> <? } if ($tmp['contact_tel']) { ?> <tr> <td class=bold align=right><?=$traduction->aff_word("tel")?> :</td> <td align=center><?=$tmp['contact_tel']?></td> </tr> <? } if ($tmp['contact_fax']) { ?> <tr> <td class=bold align=right><?=$traduction->aff_word("fax")?> :</td> <td align=center><?=$tmp['contact_fax']?></td> </tr> <? } if ($tmp['url']) { ?> <tr> <td colspan=2 align=center><a href="http://<?=$tmp['url']?>" target="_blank"><?=$tmp['url']?></a></td> </tr> <? } ?> </table> </td> </tr> <? } ?> </table> <? echo '</div>'; // Fin du div ou sera placé l'annonce echo "</TD><TD align=center class=tdNext><b>".date_2fr($tmp['date_creation'], 1)."</b><br>".date_2fr($tmp['date_affichage'], 1); echo "</TD><TD align=center class=tdNext>".$tmp[societe]."<br>(<i><a href=".$value->host."login/login.php?login=".$infoSoc->email."&pass=".$infoSoc->password." target=_blank>".$infoSoc->nom."</a></i>)<br><a href=index.php?op=entreprise&ac=tableau_bord&id_societe=".$tmp['id_societe'].">compte</a></TD>"; $color = ''; switch($tmp[push_mail]) { case "0": $color = " bgcolor=#DBB7FF"; break; case "2": $color = " bgcolor=#CCCCCC"; break; default : ; } $type_rep = ""; switch ($tmp[id_reponse]) { case 1: $type_rep = "Standard"; break; case 2: $type_rep = "Chartée"; break; case 3: $type_rep = "Metamoteur"; break; case 4: $type_rep = "Reponse sur site"; break; case 5: $type_rep = "Semi-chartée"; break; } print " <td align=center class=tdNext> <table width=100% border=0 cellspacing=0 cellpadding=0> <tr> <td align=center class=cadreBas>".$tmp['contrat']." - ".$tmp['emploi']."</td> <td $color align=center rowspan=4 width=40%> <a onclick=\"javascript:colorannonce(this, '#CFFFCF');\" href=?op=agentalertes&action=modify_push&amp;id_annonce=".$tmp[id]." target=_blank>Modifier push</a><br><br> <a onclick=\"sendPush(this, ".$tmp['id']."); return false;\" href=\"#\">Envoyer Push</a> </td> </tr> <tr> <td align=center class=cadreBas>".(strlen($tmp['metier']) > 0 ? $tmp['metier'] : '<font class=gris_i>'.$tmp['categorie'].'</font>')."</td> </tr> <tr> <td align=center class=cadreBas>".$tmp[secteur]."</td> </tr> <tr> <td align=center>".($number < 500 ? '<font color="red">' : ($number > 1500 ? '<font color="orange">' : '<font color="green">')).$number."</font></td> </tr> </table> </td> <td align=center class=tdNext> <table width=100% border=0 cellspacing=0 cellpadding=0> <tr> <td align=center class=cadreBas>"; if (strlen($tabPushModif['regions']) > 0) { $tab = explode('/', $tabPushModif['regions']); foreach($tab AS $elem) { if (strlen($elem) <= 0) continue; if (strpos($elem, 'dep-') !== false) { echo $tab_departement[substr($elem, 4)]; $query_tmp = 'SELECT region FROM ref_departement WHERE id = "'.substr($elem, 4).'"'; $obj = $db->getObj($query_tmp); if ($obj) { echo ' - '.$tab_region[$obj->region]; $query_tmp = 'SELECT rp.code_pays FROM ref_pays rp INNER JOIN ref_region rr ON rr.pays = rp.id WHERE rr.id = "'.$obj->region.'"'; $obj = $db->getObj($query_tmp); if ($obj) echo ' ('.$obj->code_pays.')'; } } elseif (is_numeric($elem) === false) { echo '<font class=gris_i>'.$tmp['departement'].' - '.$tmp['region'].'</font> ('.$elem.')'; } else { echo '<font class=gris_i>'.$tmp['departement'].'</font> - '.$tab_region[$elem]; $query_tmp = 'SELECT rp.code_pays FROM ref_pays rp INNER JOIN ref_region rr ON rr.pays = rp.id WHERE rr.id = "'.$obj->region.'"'; $obj = $db->getObj($query_tmp); if ($obj) echo ' ('.$obj->code_pays.')'; } } } else echo $tmp['departement']." - ".$tmp['region']." (".$tmp['code_pays'].")"; echo "</td> </tr> <tr> <td align=center class=cadreBas>".$tmp[ville]."</td> </tr> <tr> <td align=center class=cadreBas>"; if (strlen($tabPushModif['metier']) > 0) { $tmpExp = array(); $tab = explode('/', $tabPushModif['metier']); foreach($tab AS $elem) { if (strlen($elem) <= 0) continue; $tmpMetier = explode('-', $elem); if (isset($tmpMetier[1])) { if (in_array($tmpMetier[1], $tmpExp) === true) continue; $tmpExp[] = $tmpMetier[1]; if ($tmpMetier[1] == $tmp['experience']) echo '<b>'.$tab_experience[$tmpMetier[1]].'</b>/'; else echo $tab_experience[$tmpMetier[1]].'/'; } } if (count($tmpExp) <= 0) echo '<font class=gris_i>'.$tab_experience[$tmp['experience']].'</font>'; } else echo $tab_experience[$tmp['experience']]; echo "</td> </tr> <tr> <td align=center>".$tabLangues[$tmp['id_langue']]->langue." - ".$tabLanguesNiveau[$tmp['id_langue_niveau']]->langue_niveau."</td> </tr> </table> </td> <td align=center class=tdNext> <table width=100% cellspacing=0 cellpadding=0 border=0> <tr> <td align=center class=cadreBas>$type_rep</td> </tr> <tr> <td align=center>".$tmp[compteur_vu]."&nbsp;/&nbsp;<a href=?op=gcand&ac=liste&id_annonce=".$tmp[id]."&statut=all target=_new>".$tmp[compteur_repondu]."</a></td> </tr> </table> </td> <td align=center class=tdNext> <table width=100% cellspacing=0 cellpadding=0 border=0> <tr> <td align=center class=cadreBas><a href=?op=annonces&ac=modifier&id_annonce=".$tmp['id']." target=_new>Modifier</a></td> </tr> <tr> <td align=center class=cadreBas><a href='' onClick=\"valid_delete('".$tmp['id']."'); return false;\">Supprimer</a></td> </tr> <tr> <td align=center><a href='' onClick='changeAff(".$tmp['id']."); return false;' id='changeAff_".$tmp['id']."'>".($tmp['affiche'] == 1 ? 'Mettre hors ligne' : 'Mettre en ligne')."</a></td> </tr> </table> </td> <td align=center class='tdNext gris'> <p style=\"color:#444;\"> &nbsp;".nl2br($tmp['push_res']).'</p>'; if (is_array($tabHisto[$tmp['id']])) { echo '<p style="color:#888; padding-top:5px;">'; foreach($tabHisto[$tmp['id']] as $histo) { echo $histo['type_modif'].' '.HumanDateTime($histo['date']).' par '.$histo['user']; if ($histo['new_annonce']) { echo ' [New ID : <a href="index.php?op=annonces&search4='.$histo['new_annonce'].'">'.$histo['new_annonce'].'</a>]'; } echo '<br />'; } echo '</p>'; } echo " </td> <td align=center>&nbsp;".$tmp['source']; if (!empty($tmp['source_ref'])) { echo '<br /><a href="redirect.php?site='.$tmp['source_ref'].'" target="_blank">Voir original</a>'; } echo '</td></tr>'; if (isset($doublon) && !$isDoublon) { $query2 = " SELECT a.*, rp.pays0, rp.code_pays FROM annonces a INNER JOIN ref_pays rp ON rp.id = a.pays WHERE a.id_societe = '".$tmp['id_societe']."' AND a.contrat = '".$tmp['id_contrat']."' AND a.domaine = '".$tmp['domaine']."' AND a.id != '".$tmp['id']."' AND ADDDATE(a.date_creation, INTERVAL 2 MONTH) > '".$tmp['date_creation']."' AND a.poste = \"".addslashes($tmp['poste'])."\" AND a.ville = \"".addslashes($tmp['ville'])."\" AND a.societe = \"".addslashes($tmp['societe'])."\" AND (a.id_societe != 1 OR (a.id_societe = 1 AND a.contact_email = \"".$tab_annonce['contact_email']."\")) ORDER BY a.id DESC"; $tabAnnonces2 = $db->getTab($query2); if (count($tabAnnonces2) > 0) { $tabId = array(); foreach($tabAnnonces2 as $annonc) { $tabId[] = $annonc['id']; } $tmpListAnnonceTab = annoncelist::getHistorique($tabId); $tmpTabHisto = createTabHisto($tmpListAnnonceTab); $tabHisto += $tmpTabHisto; //Additionne les 2 tableaux, contrairement à array_merge il garde les clés !! affAnnonce($tabAnnonces2, 1); foreach($tabAnnonces2 AS $tmpAnn) $tabNoAffAnnonce[] = $tmpAnn['id']; } } } } ?> Only this script is slow, all the others on the same server/domain/directory work great. On an other server, the same script works fine. The script takes up to 90% of CPU when running. Any ideas?

    Read the article

  • PHP, javascript, single quote problems with IE when passing variable from ajax post to javascript fu

    - by Mattis
    Hi! I have been trying to get this to work for a while, and I suspect there's an easy solution that I just can't find. My head feels like jelly and I would really appreciate any help. My main page.php makes a .post() to backend.php and fetches a list of cities which it echoes in the form of: <li onclick="script('$data');">$data</li> The list is fetched and put onto the page via .html(). My problem occurs when $data has a single quote in it. backend.php passes the variable just fine to page.php but when i run html() it throws a javascript error (in IE, not FF obviously); ')' is expected IE parses the single quote and messes up the script()-call. I've been trying to rebuild the echoed string in different ways, escaping the 's on the php side and/or on the javascript side - but in vain. Do I have to review the script in total? page.php $.post("backend.php", {q: ""+str+""}, function(data) { if(data.length >0) { $('#results').html(data); } backend.php while ($row = $q->fetch()) { $city = $row['City']; // $city = addslashes($row['City']); // $city = str_replace("'","&#39;",$row['City']); echo "<li onclick=\"script('$city');\">".$city."</li>"; }

    Read the article

  • Encoding issue: Cocoa Error 261?

    - by Attacus
    So I'm fetching a JSON string from a php script in my iPhone app using: NSURL *baseURL = [NSURL URLWithString:@"test.php"]; NSError *encodeError = [[NSError alloc] init]; NSString *jsonString = [NSString stringWithContentsOfURL:baseURL encoding:NSUTF8StringEncoding error:&encodeError]; NSLog(@"Error: %@", [encodeError localizedDescription]); NSLog(@"STRING: %@", jsonString); The JSON string validates when I test the output. Now I'm having an encoding issue. When I fetch a single echo'd line such as: { "testKey":"é" } (I'm aware I could\should be using NSUrlConnection for asynchronous fetching of data, but at this point in the app development, I don't really need it.) The JSON parser works fine and I am able to create a valid JSON object. However, when I fetch my 2MB JSON string, I get presented with: Error: Operation could not be completed. (Cocoa error 261.) and a Null string. My PHP file is UTF8 itself and I am not using utf8_encode() because that seems to double encode the data since I'm already pulling the data as NSUTF8StringEncoding. Either way, in my single-echo test, it's the approach that allowed me to successfully log \ASDAS style UTF8 escapes when building the JSON object. What could be causing the error in the case of the larger string? Also, I'm not sure if it makes a difference, but I'm using the php function addslashes() on my parsed php data to account for quotes and such when building the JSON string.

    Read the article

  • Save a PDF created with FPDF php library in a MySQL blob field

    - by Davide Gualano
    I need to create a pdf file with the fpdf library and save it in a blob field in my MySQL database. The problem is, when I try to retrieve the file from the blob field and send it to the browser for the download, the donwloaded file is corrupted and does not display correctly. The same pdf file is correctly displayed if I send it immediately to the browser without storing it in the db, so it seems some of the data gets corrupted when is inserted in the db. My code is something like this: $pdf = new MyPDF(); //class that extends FPDF and create te pdf file $content = $pdf->Output("", "S"); //return the pdf file content as string $sql = "insert into mytable(myblobfield) values('".addslashes($content)."')"; mysql_query($sql); to store the pdf, and like this: $sql = "select myblobfield from mytable where id = '1'"; $result = mysql_query($sql); $rs = mysql_fetch_assoc($result); $content = stripslashes($rs['myblobfield']); header('Content-Type: application/pdf'); header("Content-Length: ".strlen(content)); header('Content-Disposition: attachment; filename=myfile.pdf'); print $content; to send it to the browser for downloading. What am I doing wrong? If I change my code to: $pdf = new MyPDF(); $pdf->Output(); //send the pdf to the browser the file is correctly displayed, so I assume that is correctly generated and the problem is in the storing in the db. Thanks in advance.

    Read the article

  • How can I put double quotes inside a string within an ajax JSON response from php?

    - by karlthorwald
    I receive a JSON response in an Ajax request from the server. This way it works: { "a" = "1", "b" = "hello 'kitty'" } But I did not succeed in putting double quotes around kitty. When I convert " to \x22 in the Ajax response, it is still interpreted as " by JavaScript and I cannot parse the JSON. Should I also escape the \ and unescape later (which would be possible)? How to do this? Edit: I am not sure if i expressed it well: I want this string inside of "b" after the parse: hello "kitty" If necessary I could also add an additional step after the parse to convert "b", but I guess it is not necessary, there is a more elegant way so this happens automatically? Edit2: The ajax page is generated by php. I tried several things now to create the value of b, all result in JSON parse error on the page: $b = 'hello "kitty"'; // no 1: //$b = str_replace('"',"\x22",$b); // or no 2: // $b = addslashes($b); // or no 3: //$b = str_replace('"','\"',$b); // or no 4: $b = str_replace('"','\\"',$b); echo '"b" : "' . $b . '"';

    Read the article

  • Php code works on every browser but not on IE8, help please

    - by DomingoSL
    I think the error has to be in a incompatibility with IE8 and the cookies manipulation, cuz in IE8 you can see the password and login asking screen but when you enter the data and send it the browser seems to do nothing, this is a url you were you can try my code: http://200.8.27.127/tiempo/teacher.php and this is the code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta content="it" http-equiv="Content-Language" /> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" /> <title>Formulario</title> <style type="text/css"> h1 { font: 50px Tahoma, Helvetica, Arial, Sans-Serif; text-align: center; color: #111; text-shadow: 0px 2px 3px #555; } h2 { font: 14px Tahoma, Helvetica, Arial, Sans-Serif; text-align: center; color: #CCC; text-shadow: 0px 1px 2px #555; } h3 { font: 10px Tahoma, Helvetica, Arial, Sans-Serif; text-align: center; color: #CCC; } b1 { font: 16px Tahoma, Helvetica, Arial, Sans-Serif; color: #DDD; } b2 { font: 10px Tahoma, Helvetica, Arial, Sans-Serif; color: #F9F7ED; } .caja { width: 690px; height: 40px; background-color: transparent; border: 0px solid #000000; font-size:x-large; color: #222; font-family: 'Trebuchet MS', 'Lucida Sans Unicode', 'Lucida Grande', 'Lucida Sans', Arial, sans-serif; font-weight: bold;" size="299"; } .style1 { text-align: right; } </style> </head> <body style="background-image: url('IMG/bg.png')"> <script type="text/javascript" src="JS/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="JS/jquery.notifications-1.1.min.js"></script> <link rel="stylesheet" type="text/css" href="JS/jquery.notifications.css" /> <script> function checkCharCount(textfield) { if(textfield.value.length > 300) textfield.value = textfield.value.substr(0, 300); document.getElementById("charCounter").innerHTML = 300 - textfield.value.length; } </script> <?php include("/LIB/HeadSQL.php"); include("/LIB/error.php"); if (isset($_COOKIE['ID_tablon'])) { $username = $_COOKIE['ID_tablon']; $pass = $_COOKIE['Key_tablon']; $check = mysql_query("SELECT * FROM usuarios WHERE nombre = '$username'") or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['clave']) { login(); } else { entro($info['email'],$username); } } } else { login(); } function login() { if (isset($_POST['quiere'])) { if(!$_POST['username'] | !$_POST['pass']) { include("LIB/login.php"); error('Debes llenar todos los campos.',0); } else { $check = mysql_query("SELECT * FROM usuarios WHERE nombre = '".$_POST['username']."'") or die(mysql_error()); $check2 = mysql_num_rows($check); if ($check2 == 0) { include("LIB/login.php"); error('Ese usuario no existe.',0); } while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['clave'] = stripslashes($info['clave']); //$_POST['pass'] = md5($_POST['pass']); if ($_POST['pass'] != $info['clave']) { include("LIB/login.php"); error('La clave es incorrecta.',0); } else { $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie("ID_tablon", $_POST['username'], $hour); setcookie("Key_tablon", $_POST['pass'], $hour); entro($info['email'],$_POST['username']); } } } } else { include("LIB/login.php"); } exit; } function entro($email,$username) { ?> <div id="todo" align="center" > <div id="cabeza" style="width:850px;height:100px"> </div> <div id="contenido" style="width:850px;height:420px;background-image: url(IMG/cuadro.png)" > <div id="titulo" style="width:765px;height:75px;padding-top: 18px;margin: auto;text-align: left;"> <b1>Bienvenido <b><?php echo($username); ?></b></b1><br> <?php $check = mysql_query("SELECT * FROM sms WHERE ref = '".$username."' ORDER BY fecha DESC LIMIT 0, 1") or die(mysql_error()); while($info = mysql_fetch_array( $check )) { echo("<b1> Tu ultimo mensaje enviado fue: </b1><b2>" . $info['texto'] . " enviado el " . $info['fecha'] . "</b2>"); } ?> </div> <form method="post"> <div id="formulario" style="width:850px;height:255px;margin-top: 10px"> <div id="foto" align="right" style="width:725px; height:40px;padding-top: 11px;margin: auto"> <?php $size = 60; $grav_url = "http://www.gravatar.com/avatar/" . md5( strtolower( $email ) ) . "?size=" . $size; $size = 256; $grav_urlB = "http://www.gravatar.com/avatar/" . md5( strtolower( $email ) ) . "?size=" . $size; echo('<img alt="Image" src="' . $grav_url . '" />'); ?> </div> <div id="texto" style="width:850px;height:29px; margin-top: 38px;margin-left: 4px"> <input name="sms" type="text" onKeyUp="checkCharCount(this)" class="caja" /> </div> <div id="botones" style="width:725px;height:27px; margin-top: 15px" class="style1"> <input name="usuario" type="hidden" value="<?php echo($username); ?>" /> <input name="Submit1" type="image" value="submit" src="IMG/envia.png" /> </div> <div id="resta" style="width:850px;height:29px; margin-top: 53px;margin-left: 4px"> <h2><span id="charCounter">300</span> caracteres restantes.</h2> <h3><a href=logout.php>Cerrar Sesion</a></h3> </div> </div> </form> </div> </div> </body> </html> <?php session_start(); if (isset($_POST['Submit1'])) { if (isset($_SESSION['token']) && (time() - $_SESSION['token']) < 5) { error('Debes esperar 5 segundos para poder enviar otra informacion.',0); } else { $_SESSION['token'] = time(); include("/LIB/HeadSQL.php"); include("/LIB/comprueba.php"); $insert = "INSERT INTO sms (ref, texto, fecha) VALUES ('" . addslashes($_POST['usuario']) . "', '" . addslashes($_POST['sms']) . "', NOW() )"; $add_member = mysql_query($insert); error("Tu mensage ha sido enviado con exito.",1); } } exit; } ?> do you think the isuue can be on the javascript? try the code firts with Firefox or google chrome, then try in IE8.

    Read the article

  • What's wrong with this iCalendar event?

    - by rihallix
    I'm generating iCalendar events using PHP. They pass the validation checkers but won't add to Google Calendar or iCalendar. Help - what am I doing wrong? When I attempt to import I get "iCal can't read this calendar file. No events have been added to your calendar. Google just appears to import the calendar but it's not there. BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Foobar Name//NONSGML Foobar Name//EN BEGIN:VEVENT UID:20111129T103025-268Z@foobar DTSTAMP:20111210T103025Z DTSTART:20111210T210000Z DTEND:20111210T230000Z TRANSP: TRANSPARENT SUMMARY:Foobar - Book Fair - text DESCRIPTION: Foobar: Book Fair - text END:VEVENT END:VCALENDAR Should I addslashes or not write colons in my summary or description text? Here are the headers I'm writing out... header("Content-Type: text/Calendar"); header('Content-Disposition: inline; filename="calendar.ics"'); echo "BEGIN:VCALENDAR</br>"; echo "VERSION:2.0</br>"; echo "PRODID:-//$orgname//NONSGML $orgname//EN</br>"; echo "METHOD:REQUEST</p>"; // required by Outlook The file I'm generating has the extension .php (not .ics). Thanks for any insight into what I might be doing wrong. rihallix (PHP5.2 / Windows)

    Read the article

  • uploading image & getting back from database

    - by Anup Prakash
    Putting a set of code which is pushing image to database and fetching back from database: <!-- <?php error_reporting(0); // Connect to database $errmsg = ""; if (! @mysql_connect("localhost","root","")) { $errmsg = "Cannot connect to database"; } @mysql_select_db("test"); $q = <<<CREATE create table image ( pid int primary key not null auto_increment, title text, imgdata longblob, friend text) CREATE; @mysql_query($q); // Insert any new image into database if (isset($_POST['submit'])) { move_uploaded_file($_FILES['imagefile']['tmp_name'],"latest.img"); $instr = fopen("latest.img","rb"); $image = addslashes(fread($instr,filesize("latest.img"))); if (strlen($instr) < 149000) { $image_query="insert into image (title, imgdata,friend) values (\"". $_REQUEST['title']. "\", \"". $image. "\",'".$_REQUEST['friend']."')"; mysql_query ($image_query) or die("query error"); } else { $errmsg = "Too large!"; } $resultbytes=''; // Find out about latest image $query = "select * from image where pid=1"; $result = @mysql_query("$query"); $resultrow = @mysql_fetch_assoc($result); $gotten = @mysql_query("select * from image order by pid desc limit 1"); if ($row = @mysql_fetch_assoc($gotten)) { $title = htmlspecialchars($row[title]); $bytes = $row[imgdata]; $resultbytes = $row[imgdata]; $friend=$row[friend]; } else { $errmsg = "There is no image in the database yet"; $title = "no database image available"; // Put up a picture of our training centre $instr = fopen("../wellimg/ctco.jpg","rb"); $bytes = fread($instr,filesize("../wellimg/ctco.jpg")); } if ($resultbytes!='') { echo $resultbytes; } } ?> <html> <head> <title>Upload an image to a database</title> </head> <body bgcolor="#FFFF66"> <form enctype="multipart/form-data" name="file_upload" method="post"> <center> <div id="image" align="center"> <h2>Heres the latest picture</h2> <font color=red><?php echo $errmsg; ?></font> <b><?php echo $title ?></center> </div> <hr> <h2>Please upload a new picture and title</h2> <table align="center"> <tr> <td>Select image to upload: </td> <td><input type="file" name="imagefile"></td> </tr> <tr> <td>Enter the title for picture: </td> <td><input type="text" name="title"></td> </tr> <tr> <td>Enter your friend's name:</td> <td><input type="text" name="friend"></td> </tr> <tr> <td><input type="submit" name="submit" value="submit"></td> <td></td> </tr> </table> </form> </body> </html> --> Above set of code has one problem. The problem is whenever i pressing the "submit" button. It is just displaying the image on a page. But it is leaving all the html codes. even any new line message after the // Printing image on browser echo $resultbytes; //************************// So, for this i put this set of code in html tag: This is other sample code: <!-- <?php error_reporting(0); // Connect to database $errmsg = ""; if (! @mysql_connect("localhost","root","")) { $errmsg = "Cannot connect to database"; } @mysql_select_db("test"); $q = <<<CREATE create table image ( pid int primary key not null auto_increment, title text, imgdata longblob, friend text) CREATE; @mysql_query($q); // Insert any new image into database if (isset($_POST['submit'])) { move_uploaded_file($_FILES['imagefile']['tmp_name'],"latest.img"); $instr = fopen("latest.img","rb"); $image = addslashes(fread($instr,filesize("latest.img"))); if (strlen($instr) < 149000) { $image_query="insert into image (title, imgdata,friend) values (\"". $_REQUEST['title']. "\", \"". $image. "\",'".$_REQUEST['friend']."')"; mysql_query ($image_query) or die("query error"); } else { $errmsg = "Too large!"; } $resultbytes=''; // Find out about latest image $query = "select * from image where pid=1"; $result = @mysql_query("$query"); $resultrow = @mysql_fetch_assoc($result); $gotten = @mysql_query("select * from image order by pid desc limit 1"); if ($row = @mysql_fetch_assoc($gotten)) { $title = htmlspecialchars($row[title]); $bytes = $row[imgdata]; $resultbytes = $row[imgdata]; $friend=$row[friend]; } else { $errmsg = "There is no image in the database yet"; $title = "no database image available"; // Put up a picture of our training centre $instr = fopen("../wellimg/ctco.jpg","rb"); $bytes = fread($instr,filesize("../wellimg/ctco.jpg")); } } ?> <html> <head> <title>Upload an image to a database</title> </head> <body bgcolor="#FFFF66"> <form enctype="multipart/form-data" name="file_upload" method="post"> <center> <div id="image" align="center"> <h2>Heres the latest picture</h2> <?php if ($resultbytes!='') { // Printing image on browser echo $resultbytes; } ?> <font color=red><?php echo $errmsg; ?></font> <b><?php echo $title ?></center> </div> <hr> <h2>Please upload a new picture and title</h2> <table align="center"> <tr> <td>Select image to upload: </td> <td><input type="file" name="imagefile"></td> </tr> <tr> <td>Enter the title for picture: </td> <td><input type="text" name="title"></td> </tr> <tr> <td>Enter your friend's name:</td> <td><input type="text" name="friend"></td> </tr> <tr> <td><input type="submit" name="submit" value="submit"></td> <td></td> </tr> </table> </form> </body> </html> --> ** But in this It is showing the image in format of special charaters and digits. 1) So, Please help me to print the image with some HTML code. So that i can print it in my form to display the image. 2) Is there any way to convert the database image into real image, so that i can store it into my hard-disk and call it from tag? Please help me.

    Read the article

  • file cretaed using exec could not be accessed immediately after creation?

    - by Holicreature
    HI I'm using exec in php to execute a command and it will create a .png file in a temp folder.. After creating that i'm trying to open that file and read contents and process them,, but i end up file could not read error.. I think the time taken by the exec to execute and create a file is the cause for the issue.. but i dont know how to fix it? i tried sleep() but it makes my script to run slow <?php error_reporting(E_ALL); extension_loaded('ffmpeg') or die('Error in loading ffmpeg'); //db connection codes $max_width = 120; $max_height = 72; $path ="/path/"; $qry="select id, input_file, output_file from videos where thumbnail='' or thumbnail is null;"; $res=mysql_query($qry); $cnt = 1; while($row = mysql_fetch_array($res,MYSQL_ASSOC)) { $outfile = $row[output_file]; $imgname = $cnt.".png"; $srcfile = "/path/".$outfile; echo "####$srcfile####"; exec("ffmpeg -i ".$srcfile." -r 1 -ss 00:00:05 -f image2 -s 120x72 ".$path.$imgname); $nname = "./temp/".$imgname; echo "nname===== $nname"; $fileo = fopen($nname,"rb"); if($fileo) { $imgData = addslashes(file_get_contents($nname)); .. ... .... } else echo "Could not open<br><br>"; $cnt = $cnt + 1: } ?>

    Read the article

  • Problem with unlink() in php!

    - by Holicreature
    I'm creating a temp image always named 1.png under specific folder and once i read the image_contents and process, i use unlink() to delete that specific image from that folder. But sometimes the image file is not deleted and the same image is file is read and processed. That script is working otherwise fine... There is no permission related issues , as the files are deleted sometimes... Will there be any issue when the script is repeatedly called and the image with the name is already present and not deleted etc.. ??? Please suggest me what would be the problem extension_loaded('ffmpeg'); $max_width = 120; $max_height = 72; $path ="/home/fff99/public_html/temp/"; ..... ..... $nname = "/home/friend99/public_html/temp/".$imgname; $fileo = fopen($nname,"rb"); if($fileo) { $imgData = addslashes(file_get_contents($nname)); .... ... .. } unlink('$nname');

    Read the article

  • Want to show <embed> and <object> tags from YUI editor as a text rather then a video.

    - by user208678
    I am using YUI rich text editor on my website (php/mysql), so that a user may enter textual matter/articles through it. But if a user copies and paste some embed code in the textarea, from any video sites like youtube, it should get saved as a text block and not as a playing video when showing the text content on the browser. Now YUI automatically converts the characters into html entities which ever is needed. Please note that if I put a new line in the yui editor (by pressing "Enter" key), it will be converted into a "<br>" tag in the background and this will not get html entity encoded when passing the value to my backend PHP script. But If I copy and paste any embed tag or for that reason any valid html tags in the textarea, it will be html entity encoded by YUI. Now to support UTF-8 characters, I am using a function (DBVarConv) in my php script before saving it into my database. The code for the function is given below function DBVarConv($var,$isEncoded = false) { if($isEncoded) return addslashes(htmlentities($var, ENT_QUOTES, 'UTF-8', false)); else return htmlentities ($var, ENT_QUOTES, 'UTF-8', false); } $myeditorData = DBVarConv($myeditorData, true); // Save $myeditorData in database. While showing the data in the browser, I am using another function called "smart_html_entity_decode". The code is given below. function smart_html_entity_decode($text, $isAddslashesUsed = false) { if($isAddslashesUsed) $tmp = stripslashes(html_entity_decode($text, ENT_QUOTES, 'UTF-8')); else $tmp = html_entity_decode($text, ENT_QUOTES, 'UTF-8'); if ($tmp == $text) return $tmp; return smart_html_entity_decode($tmp, $isAddslashesUsed); } // Get $myData from database $myData=smart_html_entity_decode($myData, true); echo $myData; The problem is that in doing so, it is also decoding the embed and object tags from their html encoded entities and as a result my obejct tags are shown as a video and not as a simple text. Try using the text editor at tumblr.com. If you paste an embed code in the editor, it will be shown as a text block not as a video. I am trying to build the same functionality on my website with UTF-8 support. Any help will be highly appreciated.

    Read the article

  • Problem with files consists of spaces and single quotes?

    - by Vijay
    I'using the following code to create thumbnails using ffmpeg but it was working fine for the files which have no spaces or any quotes.. But when the file has a space (like 'sachin knock.flv') or files which have quotes (like sachin's_double_cent.mp4) it doesn't work.. What can i do to get those files work accurately? One restriction is that i can't rename files as they are lump some.. My code is <?php error_reporting(E_ALL); extension_loaded('ffmpeg') or die('Error in loading ffmpeg'); $link = mysql_connect('localhost', 'root', ''); if (!$link) { die('Not connected : ' . mysql_error()); } $db_selected = mysql_select_db('db', $link); $max_width = 120; $max_height = 72; $path ="/home/rootuser/public_html/temp/"; $qry="select id, input_file, output_file from videos where thumbnail='' or thumbnail is null;"; $res=mysql_query($qry); while($row = mysql_fetch_array($res,MYSQL_ASSOC)) { $orig_str = array(" "); $rep_str = array("\ "); $outfile = $row[output_file]; // $infile = $row[input_file]; $infile1 = str_replace($orig_str, $rep_str, $outfile); $tmp = explode(".",$infile1); $tmp_name = $tmp[0]; $imgname = $tmp_name.".png"; $srcfile = "/home/rootuser/public_html/uploaded_vids/".$outfile; echo exec("ffmpeg -i ".$srcfile." -r 1 -ss 00:00:05 -f image2 -s 120x72 ".$path.$imgname); $nname = "./temp/".$imgname; $fileo = fopen($nname,"rb"); if($fileo) { $imgData = addslashes(file_get_contents($nname)); echo $imgdata; $qryy="update videos set thumbnail='{$imgData}' where input_file='$outfile'"; $ress=mysql_query($qryy); } else echo "Could not open<br><br>"; unlink('$nname'); } ?>

    Read the article

  • mysql: can't set max_allowed_package to anything grater than 16MB

    - by sas
    I'm not sure if this is the right place to post these kind of questions, if it's not so, please (politely) let me know... :-) I need to save files greater than 16MB on a mysql database from a php site... I've already changed the c:\xampp\mysql\bin\my.cnf and set max_allowed_packet to 16 MB, and everything worked fine then I set it to 32 MB but there´s no way I can handle a file bigger than 16 MB I get the following error: 'MySQL server has gone away' (the same error I had when max_allowed_packet was set to 1MB) there must be some other setting that doesn´t allow me to handle files bigger than 16MB maybe the php client, I guess, but I don't know where to edit it this is the code I'm running when file.txt is smaller than 16.776.192 bytes long, it works fine, but if file.txt has 16.777.216 bytes i get the aforementioned error oh, and the field download.content is a longblob... $file = 'file.txt'; $file_handle = fopen( $file, 'r' ); $content = fread( $file_handle, filesize( $file ) ); fclose( $file_handle ); db_execute( 'truncate table download', true ); $sql = "insert into download( code, title, name, description, original_name, mime_type, size, content, user_insert_id, date_insert, user_update_id, date_update ) values ( 'new file', 'new file', 'sas.jpg', 'new file', '$file', 'mime', " . filesize( $file ) . ", '" . addslashes( $content ) . "', 0, " . db_char_to_sql( now_char(), 'datetime' ) . ", 0, " . db_char_to_sql( now_char(), 'datetime' ) . " )"; db_execute( $sql, true ); (the db_execute funcion just opens the connections and executes the sql stuff) running on windows XP sp2 server version: 5.0.67-community PHP Version 4.4.9 mysql client API version: 3.23.49 using: ApacheFriends XAMPP (Basispaket) version 1.6.8 that comes with + Apache 2.2.9 + MySQL 5.0.67 (Community Server) + PHP 5.2.6 + PHP 4.4.9 + PEAR + phpMyAdmin 2.11.9.2 ... this is part of the content of c:\xampp\mysql\bin\my.cnf # The MySQL server [mysqld] port= 3306 socket= "C:/xampp/mysql/mysql.sock" basedir="C:/xampp/mysql" tmpdir="C:/xampp/tmp" datadir="C:/xampp/mysql/data" skip-locking key_buffer = 16M # max_allowed_packet = 1M max_allowed_packet = 32M table_cache = 128 sort_buffer_size = 512K net_buffer_length = 8K read_buffer_size = 256K read_rnd_buffer_size = 512K myisam_sort_buffer_size = 8M

    Read the article

  • Duplicate Blob field with foreach

    - by JGSilva
    I have some fields (blob) where I have uploaded some images. The images display correctly and I can open it without problem in Photoshop for example. I created a button where user can duplicate the product and everything works fine, but when it comes to duplicate the image entry I got some errors, like 1064 and others ones that I can't remember cause I am working 3 days inside this. Because de original product have 3 or more images I select then and gave an foreach. What I notice when a print de blob is that in the end it eats the next array, like if don't have an end. In other words, the next item got inside that utf-8 character in the print. That gave me some clue. The next approach was to save it in somewhere, and reupload it. The problem is that only the first one works. When I download the image saved, it opens normally so, it is not a saving in disk problem. When I gave a print in the $result, the same happens, is like the image is hungry and ate the next one. Here is the code. Notice = I created the [$count] to see if was not an rewrite in array error. Even tried to , in beging of the foreach, kind of clean the vars… $count=0; foreach ($original_image as $key => $val) { $count++; //$arquivo = ''; //$image = ''; //$file = ''; //$this->image = ''; //$return = ''; $arquivo[$count] = $val['pi_id'].'.'.$val['pi_type']; $image[$count] = $caminho_url.$arquivo[$count]; if (file_exists($image[$count])) { $this->image = Image::factory($image[$count]); $this->image->save($image[$count]); $file[$count]=mysql_real_escape_string(addslashes(fread(fopen($image[$count], "r"), filesize($image[$count])))); $return[$count] = Product::add_image($id_prod, $file[$count], $val['pi_type'],$val['pi_main']); }else { die('no'); } }

    Read the article

  • Problem carrying Session over to other pages

    - by AAA
    I am able to login a user, but while processing to the next page (memebers area) I can't display any user info let alone print the $_SESSION[email]. I am not sure what's up. Below is the login code and the testing members are page. Login page: session_start(); //also in a real app you would get the id dynamically $sql = "select `email`, `password` from `accounts` where `email` = '$_POST[email]'"; $query = mysql_query($sql) or die ("Error: ".mysql_error()); while ($row = mysql_fetch_array($query)){ $email = $row['email']; $secret = $row['password']; //we will echo these into the proper fields } mysql_free_result($query); // Process the POST variables $email = $_POST["email"]; //Variables $_SESSION["email"] = $_POST["email"]; $secret = $info['password']; //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $email = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT email, password FROM accounts WHERE email = '$email'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if (@ $info['password'] != $pass) { } else { header("Location: home.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['email'] | !$_POST['password']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT email,password FROM accounts WHERE email = '".$_POST['email']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) //gives error if the password is wrong if (@ $_POST['password'] != $info['password']) { die('Incorrect password, please try again'); } else { // if login is ok then we add a cookie $_POST['email'] = stripslashes($_POST['email']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['email'], $hour); setcookie(Key_my_site, $_POST['password'], $hour); //then redirect them to the members area header("Location: home.php"); } } } else { // if they are not logged in ?> <?php } ?> home.php session_start(); if(!isset($_SESSION['email'])) { header('Location: login_test3.php'); die('<a href="login_test3.php">Login first!</a>'); } //Variables $_SESSION["email"] = $email; print $_SESSION['name']; UPDATE Just realized the existing code gets in to the home.php file but will not echo anything. But as soon as you hit refresh the session is gone.

    Read the article

  • Is it possible to download a large database using mysql query

    - by Rose
    i am downloading files from server using WinSCP.Is it possible to write a query to download a large database using mysql query? Or using any other method i have tried with this code but i am not able to get the whole database structure <?php if(file_exists('backup_sql/my_backup.zip')) { unlink('backup_sql/my_backup.zip'); } $tables='*'; $host='MY HOST NAME'; $user='MY_USERNAME'; $pass='MYPASSWORD'; $name='MY_DB_NAME'; $link = mysql_connect($host,$user,$pass); mysql_select_db($name,$link); //get all of the tables if($tables == '*') { $tables = array(); $result = mysql_query('SHOW TABLES'); while($row = mysql_fetch_row($result)) { $tables[] = $row[0]; } } else { $tables = is_array($tables) ? $tables : explode(',',$tables); } $return=''; //cycle through foreach($tables as $table) { $result = mysql_query('SELECT * FROM '.$table); $num_fields = mysql_num_fields($result); //$return.= 'DROP TABLE '.$table.';'; $row2 = mysql_fetch_row(mysql_query('SHOW CREATE TABLE '.$table)); $return.= "\n\n".$row2[1].";\n\n"; for ($i = 0; $i < $num_fields; $i++) { while($row = mysql_fetch_row($result)) { $return.= 'INSERT INTO '.$table.' VALUES('; for($j=0; $j<$num_fields; $j++) { $row[$j] = addslashes($row[$j]); //$row[$j] = ereg_replace("\n","\\n",$row[$j]); if (isset($row[$j])) { $return.= '"'.$row[$j].'"' ; } else { $return.= '""'; } if ($j<($num_fields-1)) { $return.= ','; } } $return.= ");\n"; } } $return.="\n\n\n"; } $rand_var=time(); $files_to_zip = array( "'backup_sql/db-backup-'.$rand_var.'.sql'", ); $name = 'db-backup-'.$rand_var.'.sql'; $data = $return; ?> any one please help me... thank you

    Read the article

  • Missing Password check

    - by AAA
    I am using the code below, it checks for empty fields and verifies email, but even if the password is correct it won't login. the password has been inserted with md5 protection, below is the code. I am new to this so please bare with me. Thanks! PHP: session_start(); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $email = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM accounts WHERE email = '$email'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: home.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['email'] | !$_POST['password']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM accounts WHERE email = '".$_POST['email']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['password'] = stripslashes($_POST['password']); $info['password'] = stripslashes($info['password']); $_POST['password'] = md5($_POST['password']); //gives error if the password is wrong if ($_POST['password'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['email'] = stripslashes($_POST['email']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['email'], $hour); setcookie(Key_my_site, $_POST['password'], $hour); //then redirect them to the members area header("Location: home.php"); } } } else { // if they are not logged in <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>email:</td><td> <input type="text" name="email" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="password" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> } Here is the registration code: PHP: // here we encrypt the password and add slashes if needed $_POST['password'] = md5($_POST['password']); if (!get_magic_quotes_gpc()) { $_POST['password'] = mysql_escape_string($_POST['password']); $_POST['email'] = mysql_escape_string($_POST['email']); $_POST['full_name'] = mysql_escape_string($_POST['full_name']); $_POST['user_url'] = mysql_escape_string($_POST['user_url']); } // now we insert it into the database $insert = "INSERT INTO accounts (Uniquer, Full_name, Email, Password, User_url) VALUES ('".$uniquer."','".$_POST['full_name']."', '".$_POST['email']."','".$_POST['password']."', '".$_POST['user_url']."')"; $add_member = mysql_query($insert); After using ini_set function i got to see the error, i am getting this message but not sure what it means: Notice: Undefined index: password in /var/www/domain.com/htdocs/login.php on line 103 Notice: Use of undefined constant password - assumed 'password' in /var/www/domain.com/htdocs/login.php on line 11

    Read the article

  • Bookmarking n Joomla

    - by Aruna
    Hi, i am using the Plugin Content Bookmarker downloaded from http://dev.aarthikaindia.com/downloads/category/3-plugins.html for my site. Some of the Articles are able to Bookmark like if i click on the Bookmark (twitter) , it directly bookmarks in Twitter with Some description of the Article where some of the Articles are not bookmarked instead it just links to http://www.twitter.com.. Code : <?php // no direct access defined( '_JEXEC' ) or die( 'Restricted access' ); $mainframe->registerEvent( 'onAfterDisplayContent', 'plgContentBookmarker' ); function plgContentBookmarker( &$row, &$params, $page=0 ) { $plugin = & JPluginHelper::getPlugin('content', 'bookmarker'); // Load plugin params info $pluginParams = new JParameter($plugin->params); $id = $row-id; $desc_tags = addslashes(str_replace("\n","", $row->title )); $desc_tags = trim($desc_tags); $desc_tags_space= str_replace(',', ' ', @$desc_tags_space); $desc_tags_semi = str_replace(',', ';', @$desc_tags_semi); $desc_tags_space = str_replace(' ', ' ', @$desc_tags_space); $description1 = strip_tags( $row->introtext ); $description2 = str_replace("'", '', strip_tags($description1)); $description = str_replace('"', '', strip_tags($description2)); $markme_title = $desc_tags; $markme_ddesc = substr($description,0,400).'...'; $baseurl = JURI::base(); $title = $pluginParams->def('title', 'Book Mark this Article'); $facebook = $pluginParams->def('facebook', '1'); $twitter = $pluginParams->def('twitter', '1'); $html.= '<div onmouseover="javascript:if(document.getElementById(\'divShowAddBookmarker'.$id.'\').style.display ==\'none\'){document.getElementById(\'divShowAddBookmarker'.$id.'\').style.display =\'block\';}" onmouseout="javascript:if(document.getElementById(\'divShowAddBookmarker'.$id.'\').style.display ==\'block\'){document.getElementById(\'divShowAddBookmarker'.$id.'\').style.display =\'none\';}" id="divShowAddBookmarker'.$id.'" style="display:none;position:absolute; background-color:#F4F4F4;width:240px;padding:3px;border:2px solid #999999;z-index:999"> <div style="padding:2px;">'; if( $facebook == 1 ) { $html.= '<div style="width:115px;float:left"> <a style="text-decoration:none;" href="http://www.facebook.com/" onclick="window.open(\'http://www.facebook.com/share.php?u=\'+encodeURIComponent(location.href)+\'&amp;t='.$markme_title.'&amp;d='.$markme_ddesc.'\');return false;"> <img style="vertical-align:bottom;padding:1px;" src="'.$baseurl."plugins/content/smart_bookmarker/facebook.gif".'" title="Facebook" name="facebook" border="0" id="facebook" alt="" /> '.JText::_( 'Facebook' ).' </a> </div>'; } if( $twitter == 1 ) { $html.= '<div style="width:115px;float:left"> <a style="text-decoration:none;" href="http://www.twitter.com/" onclick="window.open(\'http://twitter.com/home/?status=\'+encodeURIComponent(location.href)+\'-'.$markme_ddesc.'\');return false;"> <img style="vertical-align:bottom;padding:1px;" src="'.$baseurl."plugins/content/smart_bookmarker/twitter.gif".'" title="twitter" name="twitter" border="0" id="twitter" alt="" /> '.JText::_( 'Twitter' ).' </a> </div>'; } $html.= '<div style="clear:both"></div> </div> </div>'; return $html; } ? In the CODE $markme_ddesc is used to give the status message which is the actual portion of the content which is tweeted .. I had a doubt whether this $markme_ddesc is used to make the issue.. Is it so.. Please suggest me..

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3  | Next Page >