Posts by mattster

You users table is fine. (Make sure you're using the right datatypes - varchar(X)/int() - and A_I/PRIMARY_KEY for the ID)

Item Desc: ID,NAME,TYPE,ATTACK (again with correct datatypes)

Inventory: ID, USER_ID, ITEM_ID, [.. anything else you might need] (all int() datatypes, with A_I/PRIMARY_KEY for the ID)

Use a new row for each item in a users inventory. Otherwise 20 columns is uneccisarily bulky. This also makes time for a LEVEL column, for instance.

Hopefully that makes sense?

In the nicest possible way,   characters were never going to display correctly.

Yes tables are bad practice, but the correct alternative involves a CSS grid system. By all means give this a go and see how you get on. The beauty of grids is that, once you get going you can easily sort out your site for mobile/tablet viewing.

On a side note, your code involves extensive use of the style="" attribute, which is bad practice. You should really try to keep ALL CSS in external CSS files - it makes it far easier to organise.

Remove the   in your HTML, and set your margins in css:

@media screen and (max-width: 320px) {
  .menubar1 > a {
    box-sizing: border-box;
    display: block;
    font-family: arial, helvetica, sans-serif;
    padding: 0;
    margin: 10px 0;
  }
}

Notes:

• There is no need to repeat your code in the @media query. @media takes your existing rules (for big screens) and overwrites them - so no need for excess stuff.
• Are you only texting this on your desktop? 320px isn't really mobile resolution - few mobiles will have a screen this small. Aim for more 768px (taken from the Bootstrap project).

you could use prepared statements and bind parameters/values.

Apologies, forgot to mention those - point being that some form of housekeeping needed to be done.

The php.ini is just the PHP config file, and will definitely be present in all versions of PHP. In your root PHP directory (where all of the PHP system/core files are stored - i.e. C:\wamp\bin\php\ or C:\wamp\bin\php\php5.5.12 for example) there will be a file called php.ini, and in that massive file will be those settings.

Personally I would use XAMPP, as the binaries are that much more complicated to get sorted. As well as building and actually installing PHP, getting it to communicate with Apache and MySQL can be an absolute nightmare.

But as @jstfsklh211 correctly says, do check your ini file first. These will be the settings to look for.

I would highly recommend the object orientated.

It's a far more efficient way to work, but granted it's slightly more to learn. I think it also neatens your code if you are using objects rather than tons of functions and variables: procedural is famously a 'cheap and cheerful' quick fix.

If ever given the choice, go the OOP way!

You should always make a habit of keeping up with newer versions, mainly because these versions are released for a reasib (security patches, bugs etc.)

I think PHP v5.3+ should cover it, but we are currently on v5.6, so you really should've upgraded a long time ago. MySQLi is a component of PHP, not the MySQL database engine, so it shouldn't matter which version you have. Again, I do reccomend v5.6 ish for efficiency/security reasons.

Start by building some simple queries, most of which can be done by replacing functions (like L21 mysql_query() with $insert_row = $mysqli->query();). You should slowly see the transformation as not too difficult as soon as you're used to the mysqli_* functions.

Take a look at these to get going:

http://www.sanwebe.com/2013/03/basic-php-mysqli-usage
http://codular.com/php-mysqli

Also note, you should use validation and must use $mysqli->real_escape_string() to clean data, otherwise you're vunerable to SQL injection.

Have you even Googled it? Where did you get? Because I googled it and the top result (here) is an amazing tutorial.

I assume you already understand OOP in PHP, as that would be very helpful. There are loads of tutorials availible should you need.

My copyright thief alarm is screaming.

Why would we help you write something that is going to crawl around other peoples websites and nick all of their content? Sounds very dodgy indeed.

I think it is fair to say, lets not carry on with this thread until a very good reason is given for this program.

Which elements are you talking about specifically, as some have overrides and stuff to cause problems. Maybe worth posting a browser screenshot so we can see what you're seeing.

BTW: it says in your signature "Never allow just anyone access to your database", but your code is soo vunerable to SQL injection you've practically given the world your front door key. Use an escape function, and maybe think about mysqli_*, since normal MySQL functions have been scrapped by PHP for a long time.

Remember you need an ORDER BY to get them in date order, and a LIMIT to get the specified amount as well.

Nearly there on the foreach, change it to this:

foreach($result as $row) {
    echo $row['Title'];
    echo "by: " . $row['Author'];
    echo "<br>";
    echo $row['Content'];
    echo "<br><br>";
}

<!-- // Or Even Better // -->
foreach($result as $row) {
    echo "<div class='post'>";
    echo "<h2>" . $row['Title'] . "</h2>";
    echo "<p>by: " . $row['Author'] . "</p>";
    echo "<p>" . $row['Content'] . "</p>";
    echo "</div>";
}

All I've done in the second one is neatened up your HTML. Instead of <br> tags, use CSS and put a bottom margin on div.post.

To get the last post (like in your little model), you would need a second query.

I think I can sort of see what you're asking, you mean do something like this? (ref)

$type = '123';
$name_123 = 'hello';

echo ${"name_$type"} . "\n";

// prints "hello"

When @MDUK says "quite messy", he really wasn't joking. Thats a complete mangled mush, and very awkward to work with. I cannot stress enough how important it is to look into basic OOP for PHP - just because it's optional does NOT mean it should be forgotten/omitted. It's a great way to neaten your code and speed up your app, especially since you'll have hungry gamers really testing it's performance using it hard on your Mincraft server.

At least that way you can get rid of the massive (and completely unnecessary) while loops. Also note, lines 125-135 can seriously be cleaned up - and don't forget to close attributes (i.e. line 126 echo "<span style='width:" . $pb . "%>"; should be echo "<span style='width:" . $pb . "%'>";).

Important to note:

You've got $result containing the query results for an entire row that matches the username, not the password.

Also, avoid md5() at all costs, you need to be using another encryption method (since md5 is old, outdated and insecure). Loot at the PHP hash() function.

Dont forget to take a look at the font awesome library!

To use it, shove this in your <head> section:

<link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css">

Then do this wherever you want to use an icon:

<!-- Instead of this -->
<span class="icon-home"></span>

<!-- Use this -->
<i class='fa fa-home'></i>

Then you can chage the colour of the icon so its the same as your text etc., loads of tutorials online and great to play around with. See here.

Well it might be helpful to see your directory structure and upload script..? Common sense.

Try using the « or « and » or » HTML codes.

These show the double arrows as one character, rather than two < characters - which is a common reason why arrows like this don't match.

ASCII Reference here
Unicode Reference here

Very good advice on storing the data.

How can i switch between questions?

Well that depends on what questions you would like to ask.

You need to come up with a diagram of all the questions you could ask, depending on what answers you get. For instance:

Name? --> Age? --> Country? -(USA)-> State? -->
                            -(UK)->  UKquestions ->

Once we know that much, we can then decide how we're going to write the program. This is completely dependant on what sort of questions and possible answers you have.

Possible method as follows:

Lets say you have a load of pre-defined questions and a selection of answers.

DB.questions:

id - Primary Key
title - Question
previous_id - Parent question
previous_answer - Answer given to parent question

If we used the above diagram + DB structure, and the country question is id = 3. We then have a record in the db like this: 4, "What state are you in?", 3, "USA".

Next, someone enters USA as their country, so you search the DB for a question with a parent_id = 3 (since we've answered the country question), and an previous_answer = "USA". We then use the id & title of the question we find, to provide the question and the parent id for the next question.

Hope that makes sense.

Here is a link to the OSWASP Top Ten. They provide a few simple steps to securing your application.

Personally (if you haven't already done so), write a function to sanitize something like XSS. Then go through your code (unfortunately line by line) and call the function every time code is outputted.

XSS and code injection are absolute essentials, as these are the most common attack methods. The top ten also highlights other major things you need to check for.

When it comes to protecting against specific things, like writing an anti-XSS function, you'll be able to find a trusted blog from Google to sort you out - protecting against these things isn't too difficult.

Edit:

What @iamthwee is saying is ideally correct, since frameworks are a hell of alot easier to secure. Since you've (presumeably) already written your application.

Feel better soon happygeek! (I'll be nice, as diafol was trying so hard to make you feel better ;P)

last night, I bought a laptop!!!!!!!!!

Here we go, Dani's bought another $8,000 monster with 64GB of Ram just to show off ;p

prit is right about the format, because if MySQL has a "date" field, it wants it in yyyy-mm-dd and will reject anything else.

Also, why on earth are you storing
a) a password with no apparent hashing or encryption??? Major security problem.
b) the repeat password? You won't ever look at it after validation so what's the use in storing the same thing twice?

While I'm on security, you have no escaping, so you are vunerable to "SQL injection" - might be worth looking at that.

Finally to note, mysql_query() was deprecated as of PHP 5.5, so you really ought to at least look at PDO or mysqli.

Yup, you need a wrapper and some CSS magic.

Try something like this:

<style>
    .google-maps {
        position: relative;
        padding-bottom: 75%; // This is the aspect ratio
        height: 0;
        overflow: hidden;
    }
    .google-maps iframe {
        position: absolute;
        top: 0;
        left: 0;
        width: 100% !important;
        height: 100% !important;
    }
</style>

<div class="google-maps">
    <iframe src="https://www.google.com/maps/embed?pb=!1m14!1m12!1m3!1d7098.94326104394!2d78.0430654485247!3d27.172909818538997!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!5e0!3m2!1sen!2s!4v1385710909804" width="600" height="450" frameborder="0" style="border:0"></iframe>
</div>

(jsFiddle demo)

Have a look at this: http://www.javascriptkit.com/script/script2/jsslide.shtml

Get it up and running, and then change the following lines:

//configure the paths of the images, plus corresponding target links
var currentMonth = (new Date).getMonth() + 1;
if(currentMonth == 10){
    slideshowimages('http://upload.wikimedia.org/wikipedia/commons/thumb/a/ab/Logo-ubuntu_cof-orange-hex.svg/100px-Logo-ubuntu_cof-orange-hex.svg.png', 'http://www.how2code.co.uk/wp-content/themes/twentytwelve_child/images/Python_logo_100x100.jpg')
    slideshowlinks("http://food.epicurious.com/run/recipe/view?id=13285","http://food.epicurious.com/run/recipe/view?id=10092")
}else if(currentMonth == 11){
    slideshowimages('http://www.javascriptkit.com/script/script2/photo1.jpg', 'http://www.javascriptkit.com/script/script2/photo2.jpg')
    slideshowlinks("http://food.epicurious.com/run/recipe/view?id=13285","http://food.epicurious.com/run/recipe/view?id=10092")
}

It's hardly a perfect script, but does what you need. The same method can be used with far more complex plugins, just change the list of images depending on what the month is (although it's more complicated in big sliders).

Most of the time you would use CSS breakpoints.
For instance:

/* Smartphones (landscape) ----------- */
@media only screen and (min-width : 321px) {
    /* Styles */
}

/* Smartphones (portrait) ----------- */
@media only screen and (max-width : 320px) {
    /* Styles */
}

To organise things responsively, you need to look at a grid system. Lets say you have two images next to each other, and when you resize to below 320px (portrait mobile) you want the images to be next to each other.

Heres a jsFiddle demo. It's stupidly basic, and if you want to build an entire site on it, look at Bootstrap or PureCSS grids. These projects are fully developed and will handle anything you ever wanted... perfectly.

Then I would still re-upload from scratch, as this should fix that.

Maybe in the renaming process your server has a problem and didn't quite finish it or something. Either way, an upload will DEFINATELY reset everything, and solving your problem.

I see one way to do this (and someone else might have another idea):

I would create a table that logs the user, the score and the date. Then you can do lots of queries to locate what users scored on certain days, providing a very accurate reading to what they've achieved and when.

To locate what user "1" scored on the 10th October, you'd so an SQL query like:

SELECT `score` FROM `ScoresTBL` WHERE `user_id` = 1 AND `date` LIKE '2014-10-09%'

NB: Assumes date is the MySQL date format (YYYY-MM-DD HH:MM:SS)

This to me is simple enough and should be a step on the right lines, but could be fairly intensive on the database and maybe could be refined.

You need to use $('input#checkbox1').click() and apply a function to that.

I've done a mini mockup on jsFiddle, but for reference here is the code explained:

// When checkbox clicked
$('input#checkbox1').click( function(){

    // If has been checked or unckecked
    if ($('input#checkbox1').is(':checked')) {

        // Smoothly animate the div in
        $( ".select" ).slideDown( "slow" );
    } else {

        // Smoothly animate the div away
        $( ".select" ).slideUp( "slow" );
    }
});

I use pure PHP.

Mangled in with HTML. I completely agree with @iamthwee, your future projects would seriously benefit from some sort of framework.

IF you are doing this for someone else, it's in the worlds interests that your script will be safe (for clients and visitors alike), and by having such massive security holes is just asking for it.

CodeIgniter (or any other framework) will take so little time to learn, but the lives it saves through protecting code and maximising efficiency. If I were you, it's not just for ease of coding we're suggesting this, but for serious practical reasons as well.

You need to call the methods in javascript.
Use: $('#your_id').popover() or $('.popover').popover() and apply the .popover class to all of your popovers.

Here's a jsFiddle to demonstrate. Just change the MyPopover and MyTooltop to whatever you want.

The thing is, is that they don't actually make it real clear you need to do this, so I blame Bootsrap docs aha.

Ahh right fair enough, nothing to worry about then ;)

Use the following code, I missed a ; on line 23 above.

$output = '<div class="panel-group" id="accordion">';
$stmt = $db->query('SELECT postID, postTitle, postURL, postDesc, postDate FROM posts ORDER BY postDate DESC');

while($row = $stmt->fetch()){
    $output .= '<div class="panel panel-default">
        <div class="panel-heading">
        <h4 class="panel-title">
        <a data-toggle="collapse" data-parent="#accordion" href="#';
    $output .= $row['postID'];
    $output .= '">';
    $output .= $row['postTitle'] ;
    $output .= '
        </a>
        </h4>
        </div>
        <div id="';
    $output .= $row['postID'];
    $output .= '" class="panel-collapse collapse in">
        <div class="panel-body">
        <p>Posted on ';
    $output .= date('jS M Y H:i:s', strtotime($row['postDate']));
    $output .= ' in ';
    $output .= $row['postDesc'];
    $output .= '</div></div>';
}
$output .= '</div>';

i cant even see what for.

Agreed. I think he may have a point here though. I have down votes, and would like to increase my rep while I'm here, so am very keen to learn from mistakes.

I look at it like this: if we can't view our mistakes/downvoted posts, we can't learn from it and develop our answers for the future (in my opinon anyway).

So is there a particular reason why I can't see my downvoted posts? Or is it generally taken arount these parts not to worry about it?

Just questioning as usual ;)

Well it's nice to see someone using OOP for a change in the paginator class. Try to keep to this good habit aha.

Simply put the while loop inside your code where you want the loop.

while($row = $stmt->fetch()){
    echo '<div>';
    ...
}

If you're on about inproving the PHP while you're here, take a look at this.

# Keep this at the top of the page with all of your code
$output = '';
while($row = $stmt->fetch()){
    $output .= '<div>';
    ...
}

# Shove this where you need the output
echo $output;

The above is a much neater way of managing your code, and is far more easier to understand.

I'm not quite sure how you plan to use this in your code. If you want to use the collapse in Bootstrap, use the following code in the output loop above (have assumed the column postID, just change this to your Primary Key:

$output = '<div class="panel-group" id="accordion">';

while(..){
    $output .= '<div class="panel panel-default">
        <div class="panel-heading">
          <h4 class="panel-title">
            <a data-toggle="collapse" data-parent="#accordion" href="#';
    $output .= $row['postID'];
    $output .= '">';
    $output .= $row['postTitle'] ;
    $output .= '
            </a>
          </h4>
        </div>
        <div id="';
    $output .= $row['postID'];
    $output .= '" class="panel-collapse collapse in">
          <div class="panel-body">
              <p>Posted on ';
    $output .= date('jS M Y H:i:s', strtotime($row['postDate']));
    $output .= ' in ';
    $output .= $row['postDesc']
    $output .= '</div>

      </div>';
}

$output .= '</div>';

It's huge and clumsy, but will give you a starting point. Also maybe develop the PHP into …

Notice: Undefined variable: image_id in update_image2.php

Means exactly that. There is no $image_id either being defined or assigned. So this might mean that there is no $_GET or $_POST called image_id, or the bit of your code used to provide the form action (which we can't see) is being referenced wrong.

Start by confirming update_images.php is being loaded with image_id data included somewhere (get method in url or post in forms).

I have replicated this in jsFiddle, and all is working okay.

Your alert script will not kick in until $("#dd-event").change() is called (as its within an IF statement).

So as soon as you click on the dropdown and change the value, your script suddenly works, giving the appearance that jQuery isn't firing. If you want to change this, simply bring your code out of the IF.

Example: (Begins line 17)

else
{
    $(".contact-list").load("showUser.php");
    $(".container-buttons").show();
    $(".guest-names").empty(msg);
}

$(".contact-list .name-row").on("click",function(){
    alert("clicks.");
});

You can easily do this with the temporary file using the getimagesize() function

$image_info = getimagesize($_FILES["file"]["name"]);
$image_width = $image_info[0];
$image_height = $image_info[1];

The easiest way is to take the above, and use an IF statement to check it with whatever limit you want. For example:

if($image_width > 30)
{
    echo "Image too big";
    exit();
}

The other, cleverer, option, is to resize the image yourself upon upload. Take a look at this tutorial if you are interested. As I say, this is a bit more complicated though.

If everything is contained within the same file, a static should be able to handle it. Without seeing your code it's difficult to tell. Just use some basic markup like:

class globals 
{
    static $var = "Hello world.";
}

echo globals::$var;

There's no reason why a global shouldn't, because if you're using classes you can call it in, and if you're not, a standard variable will be kept in memory throughout your script. Personally I find this a rather unorganised way to sort out your code though.

Finally, a superglobal is possilbe using the $GLOBALS variable to retrieve values. Again, it works but it's not very tidy.

So you're probably best in most cases to use a static, but thats only a generalised thing and in some cases I imagine one of the others might be better.

echo '<td><a href="studentmgt.php?student_id='.$data['student_id'].'" onClick="return confirm("Are you sure you want to delete this")>Delete</a></td>';

Will never work, because your quotes are mixed up. Try this:

echo '<td><a href="studentmgt.php?student_id='.$data['student_id'].'" onClick="return confirm(\'Are you sure you want to delete this?\')">Delete</a></td>';

And for Javascript, you just shove it at the bottom of the html page, just before the </body> with the jQuery library. If you're unfamiliar with AJAX and such like, try using @Sikander Nasar's idea.

I'm sorry I've made a mistake and told you wrong! You were right with fopen()!

In the documentation, it states that in fgetcsv(), the length parameter became optional in v5. In v5.1.0+, you can set it to "0", which means unlimited.

If your PHP version is less than v5.1.0, you must set the length parameter must be greater than the longest line (in characters) to be found in the CSV file. This could well be what is causing your problem.

Sorry for misleading you there!

Why don't you use file_get_contents() instead if you're only reading the file?

This should produce pretty much the same result, but doesn't worry about handling files etc.

I really can't imagine it's anything to do with the platforms - but maybe version. file_get_contents() will work on v4.3+, but realistically you should ALWAYS use v5, because they release a new version for a reason. Normally it's things like security updates and new functions, which both are vital to the protection of your script but can also enhance it (either way pretty worthwhile).

Platform shouldn't make a difference. These are PHP errors, and will show up no matter what platform you are running on.

Are you CERTAIN the file /uploaded/606.txt exixts?

And it might be worth trying this: $target_path = "uploaded/";

Because it is common practice to use ./ or simply nothing, because all this does is refers to the directory your PHP file is in. When looking for other files, PHP (and any other language) always starts in the same location as what the PHP file is in. So therefore there's no need to tell it where to start looking from if it already knows - if you get what I mean?

I need to select '#foo #three' using 'this' to get this result

Smells like homework to me?

Well learn what the .text() function is and how to use it, because that's very helpful. Only requires one simple google.

Your code essentially does this: #foo -> #three -> div:first, which of course would only match the following HTML:

<div id="foo">
     <div id="three">
        <div>mouse</div>
     </div>
</div>

I think you need to be clear about what you're trying to achive, why you need to achieve it, and why you need to use this.

Notice how this entire answer could've been found on google if you'd have bothered to look, and then asked an actual question when you can't get it working. Lazy.

Well assuming everything else is in order, try this in your code:

$startYear = 1997; # Define variable here, I've used '1997' as an example, note that there's no commas to make it a text value.
if ($startYear == "") {
    $startYear = NULL;
}
mysqli_query($con, "INSERT INTO Application (startYear) VALUES (".$startYear.")");

I think it might be giving 0, because the value entered is not an integer, so hopefully the above code will help solve that. When inserting integers, there is no need to use quotes, as all this does is makes it a string, which of course will not be accepted.

SQL cannot in any way be executed by Javascript. Bad idea.

Instead, you can use AJAX:

$.ajax({
  type: "POST",
  url: "delete.php",
  data: { comment_id: 12345 }
})
  .done(function() {
    alert( "Comment successfully deleted" );
  });

The above code will send off the comment id using the post method via AJAX. All you need to do is shove this into your code above, change the comment_id to the actual id of the comment you're deleting, and write delete.php to take the $_POST variable and delete the comment using SQl.

You need to make $body equal it's new value. That explains why theres no content coming through, because $bodys isn't actually placed into the mail().

$body .= $bodys . "</body></html>";

You can achieve this with a really simple jQuery script. I've used one from here, so it's just a case of changing the background attribute with a bit of jQuery magic.

Here is a jsFiddle of how the script can be used, so all you have to do is adapt it for purpose.

I took your original screenshot and had a play, and here is what I managed: jsFiddle.

It's hardly perfect and there are so many cool things you can do to expand on it (check this out), but it does what you hopefully originally wanted.

Dispite other errors in the code, mail() needs the following parameters:

to, subject, message (, headers etc.) (See here)

No from. So this will cause a problem.

Your HTML is invalid, as you are closing the body tag, and then placing the content, and not closing it and the HTML tag off. Change line 28 to <body>, and add to line 36 $body . $bodys . "</body></html>";.

Line 7 should be: $mailimg = '<a href="http://google.com/"><img src="http://www.mysite.com/custom_images/images/'.$img.'"></a>'; assuming that $img is something like "home.jpg" etc.

<img src="sills/cat_image_sill.png"><span><span></a>

What the hell is going on here aha? <img> tags can't have child elements and god knows where the </a> came from.

I've solved your problem using some more efficient and better-practicing CSS: jsFiddle