Search Results

Search found 131 results on 6 pages for 'stripslashes'.

Page 1/6 | 1 2 3 4 5 6  | Next Page >

  • A better JavaScript version of addslashes and stripslashes?

    - by karlthorwald
    I am using these 2 functions: http://javascript.about.com/library/bladdslash.htm But JSLint complains 'Bad Escapement' on this line: str=str.replace(/\\0/g,'\0'); [Edit] I converted to 2 lines, and now the first line is the one that fails JLint: var rep = '\0'; str=str.replace(/\\0/g,rep); So it is the '\0' can you help? I could try something but I want to understand what is going on. [/Edit] Can you make a better version and explain? I would like a version that passes JSLint and still works.

    Read the article

  • How to remove my backslash while input have underscore

    - by bob
    Problem when I enter any input which has underscore (_) data will store to my db looks like this image\_background.png Example $image = stripslashes($_POST['image']); // example image name image_background.png $query = 'UPDATE product SET image="' . $db->string_escape($image, true) . '" WHERE id="' . intval($id) . '"'; The problem coming when input has underscore only. If without underscore all backslashes will remove by the stripslashes Let me know.

    Read the article

  • Splitting data from MySQL using PHP & Javascript works in IE but not in FF

    - by MTSzabo
    I have the following JavaScript function on a page: function setFields(){ var menu = document.getElementById('EditLocation'); var itemDataArray = menu[menu.selectedIndex].value.split('|'); form.LocationShortName.value = itemDataArray[0]; form.LocationLongName.value = itemDataArray[1]; form.Phone.value = itemDataArray[2]; form.Address1.value = itemDataArray[3]; form.CityStateZip.value = itemDataArray[4]; form.MapLink.value = itemDataArray[5]; } Down on the Form, I have the following: <select class="input2" name="EditLocation" id="EditLocation" onchange = "setFields();"> <option value="-Add New-"<?php if($editlocation=='-Add New-'){echo(' selected="selected"');} ?>>-Add New-</option> <?php require_once('connection.php'); $connection = mysql_connect($hostname,$username,$password) or die (mysql_errno().": ".mysql_error()."<BR />"); mysql_select_db($database); $sql = "SELECT * FROM directions ORDER BY dirshortname"; $query = mysql_query($sql); while ($row = mysql_fetch_array($query)) { echo('<option value="'.stripslashes($row['dirshortname']).'|'.stripslashes($row['dirlongname']).'|'.stripslashes($row['dirphone']).'|'.stripslashes($row['dirstreet']).'|'.stripslashes($row['dircsz']).'|'.stripslashes($row['dirmaplink']).'"'); if ($editlocation==stripslashes($row['dirshortname'])) { echo(' selected="selected"'); } echo('>'.stripslashes($row['dirshortname']).'</option>'); } ?> In essence, the PHP is supposed to pack the data elements pulled from MySQL into the OPTION VALUE portion of the SELECT box. Once the user selects a record, the JavaScript pulls the packed data apart and populates the other data elements on the FORM. It all works wonderfully in IE, but in FF the fields do not populate with data. The form is somewhat long, but I'll include it anyway for the sake of completeness. <form action="admin-dirs.php" method="post" enctype="multipart/form-data" style="margin:0px; padding:0px " id="form"> <table width="587" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="60">&nbsp;</td> <td width="185">Select Location to Edit: </td> <td width="342"><select class="input2" name="EditLocation" id="EditLocation" onchange = "setFields();"> <option value="-Add New-"<?php if($editlocation=='-Add New-'){echo(' selected="selected"');} ?>>-Add New-</option> <?php require_once('connection.php'); $connection = mysql_connect($hostname,$username,$password) or die (mysql_errno().": ".mysql_error()."<BR />"); mysql_select_db($database); $sql = "SELECT * FROM directions ORDER BY dirshortname"; $query = mysql_query($sql); while ($row = mysql_fetch_array($query)) { echo('<option value="'.stripslashes($row['dirshortname']).'|'.stripslashes($row['dirlongname']).'|'.stripslashes($row['dirphone']).'|'.stripslashes($row['dirstreet']).'|'.stripslashes($row['dircsz']).'|'.stripslashes($row['dirmaplink']).'"'); if ($editlocation==stripslashes($row['dirshortname'])) { echo(' selected="selected"'); } echo('>'.stripslashes($row['dirshortname']).'</option>'); } ?> </select></td> </tr> <tr> <td width="60">&nbsp;</td> <td colspan="2"><span class="main" style=" padding-left:12px; padding-right:12px; padding-top:6px"><br /> (Note: Leaving the Long Name blank will duplicate the Short Name.)</span></td> </tr> <?php if(!$errlocationshortname=='' ){echo(' <tr> <td width="60">&nbsp;</td> <td width="185">&nbsp;</td> <td width="342"><span class="redtxterror">'.$errlocationshortname.'</span></td> </tr>');} ?> <tr> <td>&nbsp;</td> <td>Location Short Name: <span class="red_star">*</span> </td> <td><input name="LocationShortName" id="LocationShortName" type="text" class="input2<?php if(!$errlocationshortname==''){echo('r');} ?>" value="<?php echo($locationshortname); ?>" maxlength="50"></td> </tr> <?php if(!$errlocationlongname=='' ){echo(' <tr> <td width="60">&nbsp;</td> <td width="185">&nbsp;</td> <td width="342"><span class="redtxterror">'.$errlocationlongname.'</span></td> </tr>');} ?> <tr> <td>&nbsp;</td> <td>Location Long Name: <span class="red_star">*</span> </td> <td><input name="LocationLongName" id="LocationLongName" type="text" class="input2<?php if(!$errlocationlongname==''){echo('r');} ?>" value="<?php echo($locationlongname); ?>" maxlength="50"></td> </tr> <?php if(!$erraddress=='' ){echo(' <tr> <td width="60">&nbsp;</td> <td width="185">&nbsp;</td> <td width="342"><span class="redtxterror">'.$erraddress.'</span></td> </tr>');} ?> <tr> <td>&nbsp;</td> <td>Street Address: <span class="red_star">*</span> </td> <td><input name="Address1" id="Address1" type="text" class="input2<?php if(!$erraddress==''){echo('r');} ?>" value="<?php echo($address); ?>"></td> </tr> <?php if(!$errcsz=='' ){echo(' <tr> <td width="60">&nbsp;</td> <td width="185">&nbsp;</td> <td width="342"><span class="redtxterror">'.$errcsz.'</span></td> </tr>');} ?> <tr> <td>&nbsp;</td> <td>City, State, Zip: <span class="red_star">*</span> </td> <td><input name="CityStateZip" id="CityStateZip" type="text" class="input2<?php if(!$errcsz==''){echo('r');} ?>" value="<?php echo($csz); ?>"></td> </tr> <?php if(!$errphone=='' ){echo(' <tr> <td width="60">&nbsp;</td> <td width="185">&nbsp;</td> <td width="342"><span class="redtxterror">'.$errphone.'</span></td> </tr>');} ?> <tr> <td>&nbsp;</td> <td>Location Phone Number: <span class="red_star">*</span> </td> <td><input name="Phone" id="Phone" type="text" class="input2<?php if(!$errphone==''){echo('r');} ?>" value="<?php echo($phone); ?>" maxlength="20"></td> </tr> <?php if(!$errmaplink=='' ){echo(' <tr> <td width="60">&nbsp;</td> <td width="185">&nbsp;</td> <td width="342"><span class="redtxterror">'.$errmaplink.'</span></td> </tr>');} ?> <tr> <td>&nbsp;</td> <td>Paste Link to Map: <span class="red_star">*</span> </td> <td><input name="MapLink" id="MapLink" type="text" class="input2<?php if(!$errmaplink==''){echo('r');} ?>" value="<?php echo($maplink); ?>" maxlength="125"></td> </tr> <tr> <td>&nbsp;</td> <td>&nbsp;</td> <td><div align="right" style="padding-right:25px"> <input type="hidden" id="action" name="action" value="submitform" /> <input type="submit" id="savenew" name="savenew" value="Save & New" /> <input type="submit" id="submit" name="submit" value="Save & Close" /> <?php if(!isset($_POST['action'])) {?> <input type="reset" id="reset" name="reset" value="Reset" /> <?php } ?> </div></td> </tr><tr> <td>&nbsp;</td> <td>&nbsp;</td> <td class="main_d"><div align="right" style="padding-right:25px">Your IP Address is Logged as: <?php echo($ip); ?></div></td> </tr> </table> </form>

    Read the article

  • JQuery and PHP display problem

    - by TheCREATOR
    I'm new to JQuery but for some reason I cant get the php code to display correctly when I put it in my JQuery script. The php code will display correctly when its not in the JQuery code can someone help me fix my JQuery code so it will display my PHP code correctly? Here is the JQuery and PHP code. var count = 0; $(function(){ $('p#add_field').click(function(){ count += 1; $('#container').append( '<input type="text" name="sk" id="sk" />' + '<label for="exp">Exp: </label>' + '<?php' + 'echo \'<select id="exp" name="exp">\' . "\n";' + 'foreach($options as $option) {' + 'if ($option == $exp) {' + 'echo \'<option value="\' . stripslashes(htmlentities(strip_tags($option))) . \'" selected="selected">\' .' + ' stripslashes(htmlentities(strip_tags($option))) . \'</option>\' . "\n";' + '} else {' + 'echo \'<option value="\'. stripslashes(htmlentities(strip_tags($option))) . \'">\' .' + 'stripslashes(htmlentities(strip_tags($option))) . \'</option>\'."\n";' + '}' + '}' + 'echo \'</select>\';' + '?>' + '<label for="g">RGB: </label>' + '<?php' + 'echo \'<select id="g" name="g">\' . "\n";' + 'foreach($options as $option) {' + 'if ($option == $g) {' + 'echo \'<option value="\' . stripslashes(htmlentities(strip_tags($option))) . \'" selected="selected">\' .' + 'stripslashes(htmlentities(strip_tags($option))) . \'</option>\' . "\n";' + '} else {' + 'echo \'<option value="\'. stripslashes(htmlentities(strip_tags($option))) . \'">\' .' + 'stripslashes(htmlentities(strip_tags($option))) . \'</option>\'."\n";' + '}' + '}' + 'echo \'</select>\';' + '?></li>' ); }); });

    Read the article

  • How to get the age from a birthdate using PHP & MySQL?

    - by TaG
    I ask my users for their birthdate and store it in my database in the following way $month $day $year output May 6 1901 but I was wondering how can I get the age from the stored birthdate using PHP & MySQL? Here is the PHP code. if (isset($_POST['submitted'])) { $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"SELECT users.* FROM users WHERE user_id=3"); $month_options = array("Month", "January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December"); $day_options = array("Day", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20", "21", "22", "23", "24", "25", "26", "27", "28", "29", "30", "31"); $month = mysqli_real_escape_string($mysqli, htmlentities(strip_tags($_POST['month']))); $day = mysqli_real_escape_string($mysqli, htmlentities(strip_tags($_POST['day']))); $year = mysqli_real_escape_string($mysqli, htmlentities(strip_tags($_POST['year']))); if (mysqli_num_rows($dbc) == 0) { $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"INSERT INTO users (user_id, month, day, year) VALUES ('$user_id', '$month', '$day', '$year')"); } if ($dbc == TRUE) { $dbc = mysqli_query($mysqli,"UPDATE users SET month = '$month', day = '$day', year = '$year' WHERE user_id = '$user_id'"); echo '<p class="changes-saved">Your changes have been saved!</p>'; } if (!$dbc) { print mysqli_error($mysqli); return; } } Here is the html. <form method="post" action="index.php"> <fieldset> <ul> <li><label>Date of Birth: </label> <label for="month" class="hide">Month: </label> <?php // month options echo '<select name="month" id="month">' . "\n"; foreach($month_options as $option) { if ($option == $month) { echo '<option value="' . stripslashes(htmlentities(strip_tags($option))) . '" selected="selected">' . stripslashes(htmlentities(strip_tags($option))) . '</option>' . "\n"; } else { echo '<option value="'. stripslashes(htmlentities(strip_tags($option))) . '">' . stripslashes(htmlentities(strip_tags($option))) . '</option>'."\n"; } } echo '</select>'; ?> <label for="day" class="hide">Day: </label> <?php // day options echo '<select id="day" name="day">' . "\n"; foreach($day_options as $option) { if ($option == $day) { echo '<option value="' . stripslashes(htmlentities(strip_tags($option))) . '" selected="selected">' . stripslashes(htmlentities(strip_tags($option))) . '</option>' . "\n"; } else { echo '<option value="'. stripslashes(htmlentities(strip_tags($option))) . '">' . stripslashes(htmlentities(strip_tags($option))) . '</option>'."\n"; } } echo '</select>'; ?> <label for="year" class="hide">Year: </label><input type="text" name="year" id="year" size="4" maxlength="4" value="<?php if (isset($_POST['year'])) { echo stripslashes(htmlentities(strip_tags($_POST['year']))); } else if(!empty($year)) { echo stripslashes(htmlentities(strip_tags($year))); } ?>" /></li> <li><input type="submit" name="submit" value="Save Changes" class="save-button" /> <input type="hidden" name="submitted" value="true" /> <input type="submit" name="submit" value="Preview Changes" class="preview-changes-button" /></li> </ul> </fieldset> </form>

    Read the article

  • Not able to insert data in the database from a form in php

    - by Prashant Baid
    I am not able to insert data into my data, i dont know what the problem is. Here is the code: mysql_select_db("mitestore", $con); */ if ((isset($_POST['product_name'])) && (strlen(trim($_POST['product_name'])) 0)) { $product_name = stripslashes(strip_tags($_POST['product_name'])); $sql="INSERT INTO sell (product_name) VALUE ('$_POST[product_name]')"; } else {$product_name = 'Please enter the product name.';} if ((isset($_POST[''])) && (strlen(trim($_POST['how_old'])) 0)) { $how_old = stripslashes(strip_tags($_POST['how_old'])); $sql="INSERT INTO sell (how_old) VALUE ('$_POST[how_old]')"; } else {$how_old = 'Please enter how old your product is';} if ((isset($_POST['which_block'])) && (strlen(trim($_POST['which_block'])) 0)) { $which_block = stripslashes(strip_tags($_POST['which_block'])); $sql="INSERT INTO sell (which_block) VALUE ('$_POST[which_block]')"; } else {$which_block = 'Please enter which block are you from';} if ((isset($_POST['room_no'])) && (strlen(trim($_POST['room_no'])) 0)) { $room_no = stripslashes(strip_tags($_POST['room_no'])); $sql="INSERT INTO sell (room_no) VALUE ('$_POST[room_no]')"; } else {$room_no = 'Please enter the room no:';} if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "Success!"; mysql_close($con) ? Initially i had this code and it worked for me. mysql_select_db("database", $con); $sql="INSERT INTO sell ( product_name, how_old , selling_price, negotiable, which_block, room_no) VALUES ('$_POST[product_name]','$_POST[how_old]','$_POST[selling_price]','$_POST[negotiable]','$_POST[which_block]','$_POST[room_no]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "Your product is added."; mysql_close($con) ? But i don't know how to validate each field individually.

    Read the article

  • Increasing understanding of validating a string with PHP string functions

    - by user1554264
    I've just started attempts to validate data in PHP and I'm trying to understand this concept better. I was expecting the string passed as an argument to the $data parameter for the test_input() function to be formatted by the following PHP functions. trim() to remove white space from the end of the string stripslashes() to return a string with backslashes stripped off htmlspecialchars() to convert special characters to HTML entities The issue is that the string that I am echoing at the end of the function is not being formatted in the way I desire at all. In fact it looks exactly the same when I run this code on my server - no white space removed, the backslash is not stripped and no special characters converted to HTML entities. My question is have I gone about this in the wrong approach? Should I be creating the variable called $santised_input on 3 separate lines with each of the functions trim(), stripslashes() and htmlspecialchars()? By my understanding surely I am overwriting the value of the $santised_input variable each time I recreate it on a new line of code. Therefore the trim() and stripslashes() string functions will never be executed. What I am trying to achieve is using the "$santised_input" variable to run all of these PHP string functions when the $data argument is passed to my test_input() function. In other words can these string functions be chained together so that I only need to create $santised_input once? <?php function test_input($data) { $santised_input = trim($data); $santised_input = stripslashes($data); $santised_input = htmlspecialchars($data); echo $santised_input; } test_input("%22%3E%3Cscript%3Ealert('hacked')%3C/script%3E\ "); //Does not output desired result "&quot;&gt;&lt;script&gt;alert('hacked')&lt;/script&gt;" ?>

    Read the article

  • PHP submit problem

    - by TaG
    I'm trying to check if the username is available and display it for the user to see when they check there account settings, which I have done. BUT when the user tries to fill out another field I get the Your username is unavailable! which should not pop up because its the users username already. I want to know how can I fix this problem using PHP so that the users name is displayed every time the user views their account settings and it wont cause problems when a user submits additional info? Here is the PHP code. if (isset($_POST['submitted'])) { require_once '../htmlpurifier/library/HTMLPurifier.auto.php'; $config = HTMLPurifier_Config::createDefault(); $config->set('Core.Encoding', 'UTF-8'); $config->set('HTML.Doctype', 'XHTML 1.0 Strict'); $config->set('HTML.TidyLevel', 'heavy'); $config->set('HTML.SafeObject', true); $config->set('HTML.SafeEmbed', true); $purifier = new HTMLPurifier($config); $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"SELECT users.* FROM users WHERE user_id=3"); $first_name = mysqli_real_escape_string($mysqli, $purifier->purify(htmlentities(strip_tags($_POST['first_name'])))); $username = mysqli_real_escape_string($mysqli, $purifier->purify(htmlentities(strip_tags($_POST['username'])))); if($_POST['username']) { $u = "SELECT user_id FROM users WHERE username = '$username'"; $r = mysqli_query ($mysqli, $u) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($mysqli)); if (mysqli_num_rows($r) == TRUE) { $username = NULL; echo '<p class="error">Your username is unavailable!</p>'; } else if(mysqli_num_rows($r) == 0) { $username = mysqli_real_escape_string($mysqli, $purifier->purify(htmlentities(strip_tags($_POST['username'])))); if ($_POST['password1'] == $_POST['password2']) { $sha512 = hash('sha512', $_POST['password1']); $password = mysqli_real_escape_string($mysqli, $purifier->purify(strip_tags($sha512))); } else { $password = NULL; } if($password == NULL) { echo '<p class="error">Your password did not match the confirmed password!</p>'; } else { if (mysqli_num_rows($dbc) == 0) { $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"INSERT INTO users (user_id, first_name, username, password) VALUES ('$user_id', '$first_name', '$username', '$password')"); } if ($dbc == TRUE) { $dbc = mysqli_query($mysqli,"UPDATE users SET first_name = '$first_name', username = '$username', password = '$password' WHERE user_id = '$user_id'"); echo '<p class="changes-saved">Your changes have been saved!</p>'; } if (!$dbc) { print mysqli_error($mysqli); return; } } } } } Here is the html form. <form method="post" action="index.php"> <fieldset> <ul> <li><label for="first_name">First Name: </label><input type="text" name="first_name" id="first_name" size="25" class="input-size" value="<?php if (isset($_POST['first_name'])) { echo stripslashes(htmlentities(strip_tags($_POST['first_name']))); } else if(!empty($first_name)) { echo stripslashes(htmlentities(strip_tags($first_name))); } ?>" /></li> <li><label for="username">UserName: </label><input type="text" name="username" id="username" size="25" class="input-size" value="<?php if (isset($_POST['username'])) { echo stripslashes(htmlentities(strip_tags($_POST['username']))); } else if(!empty($username)) { echo stripslashes(htmlentities(strip_tags($username))); } ?>" /><br /><span>(ex: CSSKing, butterball)</span></li> <li><label for="password1">Password: </label><input type="password" name="password1" id="password1" size="25" class="input-size" value="<?php if (isset($_POST['password1'])) { echo stripslashes(htmlentities(strip_tags($_POST['password1']))); } ?>" /></li> <li><label for="password2">Confirm Password: </label><input type="password" name="password2" id="password2" size="25" class="input-size" value="<?php if (isset($_POST['password2'])) { echo stripslashes(htmlentities(strip_tags($_POST['password2']))); } ?>" /></li> <li><input type="submit" name="submit" value="Save Changes" class="save-button" /> <input type="hidden" name="submitted" value="true" /> <input type="submit" name="submit" value="Preview Changes" class="preview-changes-button" /></li> </ul> </fieldset> </form>

    Read the article

  • PHP email form multiple select

    - by Justin Goodman
    I'm trying to set up a simple PHP contact form for a website and I need some help modifying the PHP to list multiple items from a select menu and would appreciate the help. I'm a graphic designer, not a developer, so a lot of this is way over my head. This is the problem area here: <label for="Events[]">Which Event(s) Will You Be Attending?</label> <div class="input-bg"> <select name="Events[]" size="6" multiple="MULTIPLE" class="required" id="Events[]"> <option value="Wednesday">Portfolio Show June 16</option> <option value="Thursday">Portfolio Show June 17</option> <option value="Saturday">Graduation Ceremony</option> <option value="Saturday Eve">Graduation Party</option> <option value="Not Sure">Not Sure</option> <option value="Not Coming">Not Coming</option> </select> </div> And here's the PHP: <?php // CHANGE THE VARIABLES BELOW $EmailFrom = "[email protected]"; $EmailTo = "[email protected]"; $Subject = "Graduation RSVP"; $Name = Trim(stripslashes($_POST['Name'])); $Email = Trim(stripslashes($_POST['Email'])); $Guests = Trim(stripslashes($_POST['Guests'])); $Events = Trim(stripslashes($_POST['Events'])); // prepare email body text $Body = ""; $Body .= "Name: "; $Body .= $Name; $Body .= "\n"; $Body .= "Email: "; $Body .= $Email; $Body .= "\n"; $Body .= "Guests: "; $Body .= $Guests; $Body .= "\n"; $Body .= "Events: "; $Body .= $Events; $Body .= "\n"; // send email $success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>"); // redirect to success page // CHANGE THE URL BELOW TO YOUR "THANK YOU" PAGE if ($success){ print "<meta http-equiv=\"refresh\" content=\"0;URL=http://justgooddesign.net/graduation\">"; } else{ print "<meta http-equiv=\"refresh\" content=\"0;URL=http://justgooddesign.net/graduation/error.html\">"; } ?> Any help really is appreciated!

    Read the article

  • ¿Que riesgo hay en usar extract con las variables superglobales de php?

    - by Carlos Montalvo
    Hola usando estas funciones, que riesgo corro en tener problemas de seguridad, es necesesario usar extract() o hay alguna manera mejor de convertir las variables superglobales (array) en trozos de variables. if ( get_magic_quotes_gpc() ) { $_GET = stripslashes( $_GET ); $_POST =stripslashes( $_POST ); } function vars_globals($value = '') { if (is_array ( $value )) $r = &$value; else parse_str ( $value, $r ); return $r; } $r = vars_globals( $_GET ); extract($r, EXTR_SKIP);

    Read the article

  • An interesting issue about mysql_real_escpae_string

    - by phpExe
    I have simple form for editting site content: - a text input for title - a textarea for content When adding content, there is no problem, allthings add normally: $chead = mysql_real_escape_string(stripslashes($_POST['chead'])); $ctext = mysql_real_escape_string(stripslashes($_POST['ctext'])); But when edittig the article that containig the $chead = 'sdsfsf' "sdgsdgs"ggdsfsdg The $chead = 'sdsfsf' and the "sdgsdgs"ggdsfsdg will be lost!!! What is the problem with mysql_real_escpae_string? Thanks

    Read the article

  • Join Query Not Working

    - by John
    Hello, I am using three MySQl tables: comment commentid loginid submissionid comment datecommented login loginid username password email actcode disabled activated created points submission submissionid loginid title url displayurl datesubmitted In these three tables, the "loginid" correspond. I would like to pull the top 10 loginids based on the number of "submissionid"s. I would like to display them in a 3-column HTML table that shows the "username" in the first column, the number of "submissionid"s in the second column, and the number of "commentid"s in the third column. I tried using the query below but it did not work. Any idea why not? Thanks in advance, John $sqlStr = "SELECT l.username ,l.loginid ,c.commentid ,count(s.commentid) countComments ,c.comment ,c.datecommented ,s.submissionid ,count(s.submissionid) countSubmissions ,s.title ,s.url ,s.displayurl ,s.datesubmitted FROM comment AS c INNER JOIN login AS l ON c.loginid = l.loginid INNER JOIN submission AS s ON c.loginid = s.loginid GROUP BY c.loginid ORDER BY countSubmissions DESC LIMIT 10"; $result = mysql_query($sqlStr); $arr = array(); echo "<table class=\"samplesrec1\">"; while ($row = mysql_fetch_array($result)) { echo '<tr>'; echo '<td class="sitename1"><a href="http://www...com/.../members/index.php?profile='.$row["username"].'">'.stripslashes($row["username"]).'</a></td>'; echo '</tr>'; echo '<td class="sitename1">'.stripslashes($row["countSubmissions"]).'</td>'; echo '</tr>'; echo '</tr>'; echo '<td class="sitename1">'.stripslashes($row["countComments"]).'</td>'; echo '</tr>'; } echo "</table>";

    Read the article

  • Turning PHP page calling Zend functions procedurally into Zend Framework MVC-help!

    - by Joel
    Hi guys, I posted much of this question, but if didn't include all the Zend stuff because I thought it'd be overkill, but now I'm thinking it's not easy to figure out an OO way of doing this without that code... So with that said, please forgive the verbose code. I'm learning how to use MVC and OO in general, and I have a website that is all in PHP but most of the pages are basic static pages. I have already converted them all to views in Zend Framework, and have the Controller and layout set. All is good there. The one remaining page I have is the main reason I did this...it in fact uses Zend library (for gData connection and pulling info from a Google Calendar and displaying it on the page. I don't know enough about this to know where to begin to refactor the code to fit in the Zend Framework MVC model. Any help would be greatly appreciated!! .phtml view page: <div id="dhtmltooltip" align="left"></div> <script src="../js/tooltip.js" type="text/javascript"> </script> <div id="container"> <div id="conten"> <a name="C4"></a> <?php function get_desc_second_part(&$value) { list(,$val_b) = explode('==',$value); $value = trim($val_b); } function filterEventDetails($contentText) { $data = array(); foreach($contentText as $row) { if(strstr($row, 'When: ')) { ##cleaning "when" string to get date in the format "May 28, 2009"## $data['duration'] = str_replace('When: ','',$row); list($when, ) = explode(' to ',$data['duration']); $data['when'] = substr($when,4); if(strlen($data['when'])>13) $data['when'] = trim(str_replace(strrchr($data['when'], ' '),'',$data['when'])); $data['duration'] = substr($data['duration'], 0, strlen($data['duration'])-4); //trimming time zone identifier (UTC etc.) } if(strstr($row, 'Where: ')) { $data['where'] = str_replace('Where: ','',$row); //pr($row); //$where = strstr($row, 'Where: '); //pr($where); } if(strstr($row, 'Event Description: ')) { $event_desc = str_replace('Event Description: ','',$row); //$event_desc = strstr($row, 'Event Description: '); ## Filtering event description and extracting venue, ticket urls etc from it. //$event_desc = str_replace('Event Description: ','',$contentText[3]); $event_desc_array = explode('|',$event_desc); array_walk($event_desc_array,'get_desc_second_part'); //pr($event_desc_array); $data['venue_url'] = $event_desc_array[0]; $data['details'] = $event_desc_array[1]; $data['tickets_url'] = $event_desc_array[2]; $data['tickets_button'] = $event_desc_array[3]; $data['facebook_url'] = $event_desc_array[4]; $data['facebook_icon'] = $event_desc_array[5]; } } return $data; } // load library require_once 'Zend/Loader.php'; Zend_Loader::loadClass('Zend_Gdata'); Zend_Loader::loadClass('Zend_Gdata_ClientLogin'); Zend_Loader::loadClass('Zend_Gdata_Calendar'); Zend_Loader::loadClass('Zend_Http_Client'); // create authenticated HTTP client for Calendar service $gcal = Zend_Gdata_Calendar::AUTH_SERVICE_NAME; $user = "[email protected]"; $pass = "xxxxxxxx"; $client = Zend_Gdata_ClientLogin::getHttpClient($user, $pass, $gcal); $gcal = new Zend_Gdata_Calendar($client); $query = $gcal->newEventQuery(); $query->setUser('[email protected]'); $secondary=true; $query->setVisibility('private'); $query->setProjection('basic'); $query->setOrderby('starttime'); $query->setSortOrder('ascending'); //$query->setFutureevents('true'); $startDate=date('Y-m-d h:i:s'); $endDate="2015-12-31"; $query->setStartMin($startDate); $query->setStartMax($endDate); $query->setMaxResults(30); try { $feed = $gcal->getCalendarEventFeed($query); } catch (Zend_Gdata_App_Exception $e) { echo "Error: " . $e->getResponse(); } ?> <h1><?php echo $feed->title; ?></h1> <?php echo $feed->totalResults; ?> event(s) found. <table width="90%" border="3" align="center"> <tr> <td width="20%" align="center" valign="middle"><b>;DATE</b></td> <td width="25%" align="center" valign="middle"><b>VENUE</b></td> <td width="20%" align="center" valign="middle"><b>CITY</b></td> <td width="20%" align="center" valign="middle"><b>DETAILS</b></td> <td width="15%" align="center" valign="middle"><b>LINKS</b></td> </tr> <?php if((int)$feed->totalResults>0) { //checking if at least one event is there in this date range foreach ($feed as $event) { //iterating through all events //pr($event);die; $contentText = stripslashes($event->content->text); //striping any escape character $contentText = preg_replace('/\<br \/\>[\n\t\s]{1,}\<br \/\>/','<br />',stripslashes($event->content->text)); //replacing multiple breaks with a single break //die(); $contentText = explode('<br />',$contentText); //splitting data by break tag $eventData = filterEventDetails($contentText); $when = $eventData['when']; $where = $eventData['where']; $duration = $eventData['duration']; $venue_url = $eventData['venue_url']; $details = $eventData['details']; $tickets_url = $eventData['tickets_url']; $tickets_button = $eventData['tickets_button']; $facebook_url = $eventData['facebook_url']; $facebook_icon = $eventData['facebook_icon']; $title = stripslashes($event->title); echo '<tr>'; echo '<td width="20%" align="center" valign="middle" nowrap="nowrap">'; echo $when; echo '</td>'; echo '<td width="20%" align="center" valign="middle">'; if($venue_url!='') { echo '<a href="'.$venue_url.'" target="_blank">'.$title.'</a>'; } else { echo $title; } echo '</td>'; echo '<td width="20%" align="center" valign="middle">'; echo $where; echo '</td>'; echo '<td width="20%" align="center" valign="middle">'; $details = str_replace("\n","<br>",htmlentities($details)); $duration = str_replace("\n","<br>",$duration); $detailed_description = "<b>When</b>: <br>".$duration."<br><br>"; $detailed_description .= "<b>Description</b>: <br>".$details; echo '<a href="javascript:void(0);" onmouseover="ddrivetip(\''.$detailed_description.'\')" onmouseout="hideddrivetip()" onclick="return false">View Details</a>'; echo '</td>'; echo '<td width="20%" valign="middle">'; if(trim($tickets_url) !='' && trim($tickets_button)!='') { echo '<a href="'.$tickets_url.'" target="_blank"><img src="'.$tickets_button.'" border="0" ></a>'; } if(trim($facebook_url) !='' && trim($facebook_icon)!='') { echo '<a href="'.$facebook_url.'" target="_blank"><img src="'.$facebook_icon.'" border="0" ></a>'; } else { echo '......'; } echo '</td>'; echo '</tr>'; } } else { //else show 'no event found' message echo '<tr>'; echo '<td width="100%" align="center" valign="middle" colspan="5">'; echo "No event found"; echo '</td>'; } ?> </table> <h3><a href="#pastevents">Scroll down for a list of past shows.</a></h3> <br /> <a name="pastevents"></a> <ul class="pastShows"> <?php $startDate='2005-01-01'; $endDate=date('Y-m-d'); /*$gcal = Zend_Gdata_Calendar::AUTH_SERVICE_NAME; $user = "[email protected]"; $pass = "silverroof10"; $client = Zend_Gdata_ClientLogin::getHttpClient($user, $pass, $gcal); $gcal = new Zend_Gdata_Calendar($client); $query = $gcal->newEventQuery(); $query->setUser('[email protected]'); $query->setVisibility('private'); $query->setProjection('basic');*/ $query->setOrderby('starttime'); $query->setSortOrder('descending'); $query->setFutureevents('false'); $query->setStartMin($startDate); $query->setStartMax($endDate); $query->setMaxResults(1000); try { $feed = $gcal->getCalendarEventFeed($query); } catch (Zend_Gdata_App_Exception $e) { echo "Error: " . $e->getResponse(); } if((int)$feed->totalResults>0) { //checking if at least one event is there in this date range foreach ($feed as $event) { //iterating through all events $contentText = stripslashes($event->content->text); //striping any escape character $contentText = preg_replace('/\<br \/\>[\n\t\s]{1,}\<br \/\>/','<br />',stripslashes($event->content->text)); //replacing multiple breaks with a single break $contentText = explode('<br />',$contentText); //splitting data by break tag $eventData = filterEventDetails($contentText); $when = $eventData['when']; $where = $eventData['where']; $duration = $eventData['duration']; $title = stripslashes($event->title); echo '<li class="pastShows">' . $when . " - " . $title . ", " . $where . '</li>'; } } ?> </div> </div>

    Read the article

  • Multiple left joins, how to output in php

    - by Dan
    I have 3 tables I need to join. The contracts table is the main table, the 'jobs' and 'companies' table are extra info that can be associated to the contracts table. so, since I want all entries from my 'contracts' table, and the 'jobs' and 'companies' data only if it exists, I wrote the query like this.... $sql = "SELECT * FROM contracts LEFT JOIN jobs ON contracts.job_id = jobs.id LEFT JOIN companies ON contracts.company_id = companies.id ORDER BY contracts.end_date"; Now how would I output this in PHP? I tried this but kept getting an undefined error "Notice: Undefined index: contracts.id"... $sql_result = mysql_query($sql,$connection) or die ("Fail."); if(mysql_num_rows($sql_result) > 0){ while($row = mysql_fetch_array($sql_result)) { $contract_id = stripslashes($row['contracts.id']); $job_number = stripslashes($row['jobs.job_number']); $company_name = stripslashes($row['companies.name']); ?> <tr id="<?=$contract_id?>"> <td><?=$job_number?></td> <td><?=$company_name?></td> </tr> <? } }else{ echo "No records found"; } Any help is appreciated.

    Read the article

  • Creating a Variable From Two Others

    - by John
    Hello, In the HTML table below, I would like to add a third column that equals $row["countSubmissions"] times 10 plus $row["countComments"]. How could I do this? Thanks in advance, John $sqlStr = "SELECT l.loginid, l.username, COALESCE(s.total, 0) AS countSubmissions, COALESCE(c.total, 0) AS countComments FROM login l LEFT JOIN ( SELECT loginid, COUNT(1) AS total FROM submission GROUP BY loginid ) s ON l.loginid = s.loginid LEFT JOIN ( SELECT loginid, COUNT(1) AS total FROM comment GROUP BY loginid ) c ON l.loginid = c.loginid GROUP BY l.loginid ORDER BY countSubmissions DESC LIMIT 10"; $result = mysql_query($sqlStr); $arr = array(); echo "<table class=\"samplesrec1edit\">"; while ($row = mysql_fetch_array($result)) { echo '<tr>'; echo '<td class="sitename1edit1"><a href="http://www...com/.../members/index.php?profile='.$row["username"].'">'.stripslashes($row["username"]).'</a></td>'; echo '<td class="sitename1edit2">'.stripslashes($row["countSubmissions"]).'</td>'; echo '<td class="sitename1edit2">'.stripslashes($row["countComments"]).'</td>'; echo '</tr>'; } echo "</table>";

    Read the article

  • enclosing double quotes in array

    - by Jared
    Hi all I might be looking at this the wrong way, but I have a form that does its thing (sends emails etc etc) but I also put in some code to make a simple flatfile csv log with some of the user entered details. If a user accidentally puts in for instance 'himynameis","bob' this would either break the csv row (because the quotes weren't encapsulated) or if I use htmlspecialchars() and stripslashes() on the data, I end up with a ugly data value of 'himynameis&quot;,&quot;bob'. My question is, how can I handle the incoming data to cater for '"' being put in the form without breaking my csv file? this is my code for creating the csv log file. @$name = htmlspecialchars(trim($_POST['name'])); @$emailCheck = htmlspecialchars(trim($_POST['email'])); @$title = htmlspecialchars(trim($_POST['title'])); @$phone = htmlspecialchars(trim($_POST['phone'])); function logFile($logText) { $path = 'D:\logs'; $filename = '\Log-' . date('Ym', time()) . '.csv'; $file = $path . $filename; if(!file_exists($file)) { $logHeader = array('Date', 'IP_Address', 'Title', 'Name', 'Customer_Email', 'Customer_Phone', 'file'); $fp = fopen($file, 'a'); fputcsv($fp, $line); } $fp = fopen($file, 'a'); foreach ($logText as $record) { fputcsv($fp, $record); } } //Log submission to file $date = date("Y/m/d H:i:s"); $clientIp = getIpAddress(); //get clients IP address $nameLog = stripslashes($name); $titleLog = stripslashes($title); if($_FILES['uploadedfile']['error'] == 4) $filename = "No file attached."; //check if file uploaded and return $logText = array(array("$date", "$clientIp", "$titleLog", "$nameLog", "$emailCheck", "$phone", "$filename")); logFile($logText); //write form details to log Here is a sample of the incoming array data: Array ( [0] => Array ( [0] => 2010/05/17 10:22:27 [1] => xxx.xxx.xxx.xxx [2] => title [3] => """"himynameis","bob" [4] => [email protected] [5] => 346346 [6] => No file attached. ) ) TIA Jared

    Read the article

  • PHP / MYSQL: Sanitizing user input - is this a bad idea?

    - by Greg
    I have one "go" script that fetches any other script requested and this is what I wrote to sanitize user input: foreach ($_REQUEST as $key => $value){ if (get_magic_quotes_gpc()) $_REQUEST[$key] = mysql_real_escape_string(stripslashes($value)); else $_REQUEST[$key] = mysql_real_escape_string($value); } I haven't seen anyone else use this approach. Is there any reason not to? EDIT - amended for to work for arrays: function mysql_escape($thing) { if (is_array($thing)) { $escaped = array(); foreach ($thing as $key => $value) { $escaped[$key] = mysql_escape($value); } return $escaped; } // else if (get_magic_quotes_gpc()) $thing = stripslashes($thing); return mysql_real_escape_string($thing); } foreach ($_REQUEST as $key => $value){ $_REQUEST[$key] = mysql_escape($value); }

    Read the article

  • What risks are there in using extracted PHP superglobals?

    - by Zephiro
    Hola usando estas funciones, que riesgo corro en tener problemas de seguridad, es necesesario usar extract() o hay alguna manera mejor de convertir las variables superglobales (array) en trozos de variables. Good, there is some risk in using the function extract in the superglobal variables as $_POS and $_GET, I work of the following way. There is risk of SQL INJECTION or there is an alternative to extract if ( get_magic_quotes_gpc() ) { $_GET = stripslashes( $_GET ); $_POST =stripslashes( $_POST ); } function vars_globals($value = '') { if (is_array ( $value )) $r = &$value; else parse_str ( $value, $r ); return $r; } $r = vars_globals( $_GET ); extract($r, EXTR_SKIP);

    Read the article

  • what are the best practices to prevent sql injections

    - by s2xi
    Hi, I have done some research and still confused, This is my outcome of that research. Can someone please comment and advise to how I can make these better or if there is a rock solid implementation already out there I can use? Method 1: array_map('trim', $_GET); array_map('stripslashes', $_GET); array_map('mysql_real_escape_string', $_GET); Method 2: function filter($data) { $data = trim(htmlentities(strip_tags($data))); if (get_magic_quotes_gpc()) $data = stripslashes($data); $data = mysql_real_escape_string($data); return $data; } foreach($_GET as $key => $value) { $data[$key] = filter($value); }

    Read the article

  • PHP mySQL query's and PHP Variables

    - by jon
    I'm trying to make an OO Login system for a project I'm working on, and am having trouble with inserting variables into the query strings. In the code below, if I replace "$TBL_NAME" with the actual table name it works. Why isn't $TBL_NAME translating to the value of $TBL_NAME? class UserDB { private $TBL_NAME = "users"; public static function CheckLogin($username, $password) { Database::Connect(); $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT uid FROM $TBL_NAME WHERE username='$username' AND password='$password' "; $result =mysql_query($sql); $count=mysql_num_rows($result); if ($count==1) return true; else return false; } The Query is returning false.

    Read the article

  • Syntax error, unexpected '}' wordpress error

    - by Zach Johnson
    Hello I am not a PHP programmer so I have no idea what the problem is here. Basiclly I am trying to use a wordpress theme but I get this error The Parse error: syntax error, unexpected '}' in / home/a5618915/public_html/photo/wp-content/themes/iphoto/functions.php on line 1 I have no Idea what exactly is wrong in the php file. The code for the functions.php is below. If someone could point out whats wrong I would be really grateful. <?php define('THEME_NAME','iphoto'); load_theme_textdomain( THEME_NAME,TEMPLATEPATH .'/languages'); add_custom_background(); add_theme_support( 'automatic-feed-links' ); add_theme_support( 'post-formats', array( 'video')); if ( function_exists('register_nav_menus') ) { register_nav_menus(array('primary' => 'header')); } add_action('wp_ajax_b_ajax_post_action', 'b_ajax_callback'); function b_ajax_callback() { global $wpdb; if(isset($_POST['type']) && $_POST['type'] == 'upload') { $clickedID = $_POST['data']; $filename = $_FILES[$clickedID]; $filename['name'] = preg_replace('/[^a-zA-Z0-9._-]/', '', $filename['name']); $override['test_form'] = false; $override['action'] = 'wp_handle_upload'; $uploaded_file = wp_handle_upload($filename,$override); $upload_tracking[] = $clickedID; update_option($clickedID, $uploaded_file['url'] ); if(!empty($uploaded_file['error'])) {echo 'Upload Error: ' . $uploaded_file['error']; } else { echo $uploaded_file['url']; } } die(); } function post_thumbnail($a){ global $post; $post_img = ''; ob_start(); ob_end_clean(); $output = preg_match_all('/\<img.+?src="(.+?)".*?\/>/is',$post->post_content,$matches ,PREG_SET_ORDER); $cnt = count( $matches ); if($a==1){ if($cnt>0){ if($cnt>1){ if($cnt>3) $cnt=3; for($i=0;$i<$cnt;$i++){ $post_current = $i+1; $post_img_src = $matches[$i][1]; if($i==0){$post_spans .= '<span class="current">'.$post_current.'</span>';}else{ $post_spans .= '<span>'.$post_current.'</span>'; } $post_imgs .='<img src="'.get_bloginfo('template_url').'/timthumb.php?src='.$post_img_src.'&amp;w=285&amp;zc=1" />'; } $post_img = $post_imgs.'<span class="imgNav">'.$post_spans.'</span>'; }else{ $post_img_src = $matches [0][1]; $post_img = '<img src="'.get_bloginfo('template_url').'/timthumb.php?src='.$post_img_src.'&amp;w=285&amp;zc=1" />'; } echo $post_img; } }else{ return $cnt; } } function post_content_thumbnail($c) { if(is_single()){ $c = preg_replace('/\width="*".+?height="*"/i', '', $c); $s = array('/src="(.+?.(jpg|bmp|png|jepg|gif))".+?/i' => 'src="'.get_bloginfo("template_url").'/timthumb.php?src=$1&amp;h=440&amp;zc=1"'); foreach($s as $p => $r){ $c = preg_replace($p,$r,$c); } return $c; } } add_filter( 'the_content', 'post_content_thumbnail' ); function ajax_post(){ if( isset($_GET['action'])&& $_GET['action'] == 'ajax_post'){ if(isset($_GET['cat'])){ $args = array( 'category_name' => $_GET['cat'], 'paged' => $_GET['pag'] ); }else if(isset($_GET['pag'])){ $args = array( 'paged' => $_GET['pag'] ); } query_posts($args); if(have_posts()){while (have_posts()):the_post();?> <?php get_template_part( 'content', get_post_format() ); ?> <?php endwhile;} die(); }else{return;} } add_action('init', 'ajax_post'); function pagenavi( $p = 2 ) { if ( is_singular() ) return; global $wp_query,$paged; $max_page = $wp_query->max_num_pages; if ( $max_page == 1 ){ echo '<span id="post-current">1</span> / <span id="post-count">1</span>'; return; } if ( empty( $paged ) ) $paged = 1; if ( $paged >1 ) echo "<a id='prev' title='Prev' href='",esc_html( get_pagenum_link( $paged -1 ) ),"'>&lt;&lt;</a> "; echo '<span id="post-current">'.$paged .'</span> / <span id="post-count">'.$max_page .'</span>'; if ( $paged <$max_page ) echo "<a id='next' title='Next' href='",esc_html( get_pagenum_link( $paged +1) ),"'>&gt;&gt;</a> "; } function iphoto_comment($comment,$args,$depth) { $GLOBALS['comment'] = $comment; ;echo ' <li ';comment_class();;echo ' id="li-comment-';comment_ID() ;echo '" > <div id="comment-';comment_ID();;echo '" class="comment-body"> <div class="commentmeta">';echo get_avatar( $comment->comment_author_email,$size = '48');;echo '</div> ';if ($comment->comment_approved == '0') : ;echo ' <em>';_e('Your comment is awaiting moderation.') ;echo '</em><br /> ';endif;;echo ' <div class="commentmetadata">&nbsp;-&nbsp;';printf(__('%1$s %2$s'),get_comment_date('Y.n.d'),get_comment_time('G:i'));;echo '</div> <div class="reply">';comment_reply_link(array_merge( $args,array('depth'=>$depth,'max_depth'=>$args['max_depth'],'reply_text'=>__('Reply')))) ;echo '</div> <div class="vcard">';printf(__('%s'),get_comment_author_link()) ;echo '</div> ';comment_text() ;echo ' </div> '; } add_action('admin_init', 'iphoto_init'); function iphoto_init() { if (isset($_GET['page']) && $_GET['page'] == 'functions.php') { $dir = get_bloginfo('template_directory'); wp_enqueue_script('adminjquery', $dir . '/includes/admin.js', false, '1.0.0', false); wp_enqueue_style('admincss', $dir . '/includes/admin.css', false, '1.0.0', 'screen'); } } add_action('admin_menu','iphoto_page'); function iphoto_page (){ if ( count($_POST) >0 &&isset($_POST['iphoto_settings']) ){ $options = array ('keywords','description','analytics','lib','views','noajax','animate','phzoom','copyright'); foreach ( $options as $opt ){ delete_option ( 'iphoto_'.$opt,$_POST[$opt] ); add_option ( 'iphoto_'.$opt,$_POST[$opt] ); } } add_theme_page('iPhoto '.__('Theme Options',THEME_NAME),__('Theme Options',THEME_NAME),'edit_themes',basename(__FILE__),'iphoto_settings'); } function iphoto_settings(){?> <div class="wrap"> <div> <h2><?php _e( 'iPhoto Theme Options<span>Version: ',THEME_NAME);?><?php $theme_data=get_theme_data(TEMPLATEPATH . '/style.css'); echo $theme_data['Version'];?></span></h2> </div> <div class="clear"></div> <form method="post" action=""> <div id="theme-Option"> <div id="theme-menu"> <span class="m1"><?php _e( 'jQuery Effect',THEME_NAME);?></span> <span class="m2"><?php _e( 'Relative Plugins',THEME_NAME);?></span> <span class="m3"><?php _e( 'Website Information',THEME_NAME);?></span> <span class="m4"><?php _e( 'Analytics Code',THEME_NAME);?></span> <span class="m5"><?php _e( 'Footer Copyright',THEME_NAME);?></span> <span class="m6"><?php _e( 'iPhoto Theme Declare',THEME_NAME);?></span> <div class="clear"></div> </div> <div id="theme-content"> <ul> <li> <tr><td> <em><?php _e( 'iPhoto use jquery 1.4.4 which contained in this theme, you can also use the Google one instead.',THEME_NAME);?></em><br/> <label><input name="lib" type="checkbox" id="lib" value="1" <?php if (get_option('iphoto_lib')!='') echo 'checked="checked"' ;?>/><?php _e( 'Load the jQuery Library supported by Google',THEME_NAME);?></label><br/><br/> </td></tr> <tr><td> <em><?php _e( 'Index page infinite loading posts.',THEME_NAME);?></em><br/> <label><input name="noajax" type="checkbox" id="noajax" value="1" <?php if (get_option('iphoto_noajax')!='') echo 'checked="checked"' ;?>/><?php _e( 'Deactivate the Infinite loading posts',THEME_NAME);?></label><br/><br/> </td></tr> <tr><td> <em><?php _e( '<strong>Animation of relayout elements</strong>',THEME_NAME);?></em><br /> <input name="animate" type="checkbox" id="animate" value="1" <?php if (get_option('iphoto_animate')!='') echo 'checked="checked"';?>/><?php _e( 'Deactivate animation effect on index page',THEME_NAME);?> </td></tr> </li> <li> <tr><td> <em><?php _e( 'WP-PostViews, Enables you to display how many times a post/page had been viewed.',THEME_NAME);?></em><br/> <label><input name="views" type="checkbox" id="views" value="1" <?php if (get_option('iphoto_views')!='') echo 'checked="checked"' ?>/><?php _e( 'Activate WP-PostViews',THEME_NAME);?></label><br/><br/> </td></tr> </li> <li> <tr><td> <?php _e( '<em>Keywords, separate by English commas. like MuFeng, Computer, Software</em>',THEME_NAME);?><br/> <textarea name="keywords" id="keywords" rows="1" cols="70" style="font-size:11px;width:100%;"><?php echo get_option('iphoto_keywords');?></textarea><br/> </td></tr> <tr><td> <?php _e( '<em>Description, explain what\'s this site about. like MuFeng, Breathing the wind</em>',THEME_NAME);?><br/> <textarea name="description" id="description" rows="3" cols="70" style="font-size:11px;width:100%;"><?php echo get_option('iphoto_description');?></textarea> </td></tr> </li> <li> <tr><td> <?php _e( 'You can get your Google Analytics code <a target="_blank" href="https://www.google.com/analytics/settings/check_status_profile_handler">here</a>.',THEME_NAME);?></label><br> <textarea name="analytics" id="analytics" rows="5" cols="70" style="font-size:11px;width:100%;"><?php echo stripslashes(get_option('iphoto_analytics'));?></textarea> </td></tr> </li> <li> <tr><td> <textarea name="copyright" id="copyright" rows="5" cols="70" style="font-size:11px;width:100%;"><?php if(stripslashes(get_option('iphoto_copyright'))!=''){echo stripslashes(get_option('iphoto_copyright'));}else{echo 'Copyright &copy; '.date('Y').' '.'<a href="'.home_url( '/').'" title="'.esc_attr( get_bloginfo( 'name') ).'">'.esc_attr( get_bloginfo( 'name') ).'</a> All rights reserved'; };?></textarea> <br/><em><?php _e( '<b>Preview</b>',THEME_NAME);?><span> : </span><span><?php if(stripslashes(get_option('iphoto_copyright'))!=''){echo stripslashes(get_option('iphoto_copyright'));}else{echo 'Copyright &copy; '.date('Y').' '.'<a href="'.home_url( '/').'" title="'.esc_attr( get_bloginfo( 'name') ).'">'.esc_attr( get_bloginfo( 'name') ).'</a> All rights reserved'; };?></span></em> </td></tr> </li> <li> <tr><td> <p><?php _e('iPhoto is created, developed and maintained by <a href="http://mufeng.me/">MuFeng</a>. If you like iPhoto, please donate. It will help in developing new features and versions.',THEME_NAME);?><?php _e('Alipay',THEME_NAME);?>:</strong> <a href="http://www.alipay.com" target="_blank" title="Alipay">[email protected]</a></p> <h3 style="color:#333" id="introduce"><?php _e( 'Introduction',THEME_NAME);?></h3> <p style="text-indent: 2em;margin:10px 0;"><?php _e( 'iPhoto is evolved from one theme of Tumblr and turned it into a photo theme which can be used at wordpress.',THEME_NAME);?></p> <h3 style="color:#333"><?php _e( 'Published Address',THEME_NAME);?></h3> <p id="release" style="text-indent: 2em;margin:10px 0;"><a href="http://mufeng.me/wordpress-theme-iphoto.html" target="_blank">http://mufeng.me/wordpress-theme-iphoto.html</a></p> <h3 style="color:#333"><?php _e( 'Preview Address',THEME_NAME);?></h3> <p id="preview" style="text-indent: 2em;margin:10px 0;"><a href="http://mufeng.me/photo/" target="_blank">http://mufeng.me/photo/</a></p> <h3 style="color:#333" id="bug"><?php _e( 'Report Bugs',THEME_NAME);?></h3> <p style="text-indent: 2em;margin:10px 0;"><?php _e( 'Weibo <a href="http://weibo.com/meapo" target="_blank">@mufeng.me</a> or leave a message at <a href="http://mufeng.me" target="_blank">http://mufeng.me</a>?',THEME_NAME);?></p> </td></tr> </li> </ul> </div> </div> <p class="submit"> <input type="submit" name="Submit" class="button-primary" value="<?php _e( 'Save Options',THEME_NAME);?>" /> <input type="hidden" name="iphoto_settings" value="save" style="display:none;" /> </p> </form> </div> <?php } ?>

    Read the article

  • Recieving a 500 Internal Server error after login success?

    - by Jeremy Quick
    I created my first member login form which takes the typical username and password and then sends it to the code below: checklogin.php: mysql_connect($db_host, $db_username, $db_password) or die(mysql_error()); mysql_select_db($db_database) or die(mysql_error()); $username=$_POST['username']; $password=$_POST['password']; $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT * FROM users WHERE username='$username' and password='$password'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count == 1) //ERROR APPEARS TO TAKE PLACE HERE { session_start(); $_SESSION['username'] = $username; $_SESSION['password'] = $password; header('login_success.php'); } else { header("location:login_fail.php"); } If I type in the wrong information everything works properly so I know the error appears to be taking effect in the marked if statement. I have been searching the internet now looking for solutions but none seem to match mine or I am overlooking them. I've made a few changes which brought me to this point, before I was receiving deprecation warnings. Also, I have checked the logs and they are empty of errors relating to this.

    Read the article

  • Missing Password check

    - by AAA
    I am using the code below, it checks for empty fields and verifies email, but even if the password is correct it won't login. the password has been inserted with md5 protection, below is the code. I am new to this so please bare with me. Thanks! PHP: session_start(); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $email = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM accounts WHERE email = '$email'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: home.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['email'] | !$_POST['password']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM accounts WHERE email = '".$_POST['email']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['password'] = stripslashes($_POST['password']); $info['password'] = stripslashes($info['password']); $_POST['password'] = md5($_POST['password']); //gives error if the password is wrong if ($_POST['password'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['email'] = stripslashes($_POST['email']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['email'], $hour); setcookie(Key_my_site, $_POST['password'], $hour); //then redirect them to the members area header("Location: home.php"); } } } else { // if they are not logged in <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>email:</td><td> <input type="text" name="email" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="password" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> } Here is the registration code: PHP: // here we encrypt the password and add slashes if needed $_POST['password'] = md5($_POST['password']); if (!get_magic_quotes_gpc()) { $_POST['password'] = mysql_escape_string($_POST['password']); $_POST['email'] = mysql_escape_string($_POST['email']); $_POST['full_name'] = mysql_escape_string($_POST['full_name']); $_POST['user_url'] = mysql_escape_string($_POST['user_url']); } // now we insert it into the database $insert = "INSERT INTO accounts (Uniquer, Full_name, Email, Password, User_url) VALUES ('".$uniquer."','".$_POST['full_name']."', '".$_POST['email']."','".$_POST['password']."', '".$_POST['user_url']."')"; $add_member = mysql_query($insert); After using ini_set function i got to see the error, i am getting this message but not sure what it means: Notice: Undefined index: password in /var/www/domain.com/htdocs/login.php on line 103 Notice: Use of undefined constant password - assumed 'password' in /var/www/domain.com/htdocs/login.php on line 11

    Read the article

1 2 3 4 5 6  | Next Page >