Jump to content

Search the Community

Showing results for tags 'php'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • W3Schools
    • General
    • Suggestions
    • Critiques
  • HTML Forums
    • HTML/XHTML
    • CSS
  • Browser Scripting
    • JavaScript
    • VBScript
  • Server Scripting
    • Web Servers
    • Version Control
    • SQL
    • ASP
    • PHP
    • .NET
    • ColdFusion
    • Java/JSP/J2EE
    • CGI
  • XML Forums
    • XML
    • XSLT/XSL-FO
    • Schema
    • Web Services
  • Multimedia
    • Multimedia
    • FLASH

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Languages

Found 905 results

  1. Goat

    Is this safe?

    I was wondering is there is any vulnerabilities in this code: <?php $target_dir = "uploads/"; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION); // Check if image file is a actual image or fake image if(isset($_POST["submit"])) { $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if($check !== false) { echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { echo "File is not an image."; $uploadOk = 0; } } // Check if file already exists if (file_exists($target_file)) { echo "Sorry, file already exists."; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { echo "Sorry, your file is too large."; $uploadOk = 0; } // Allow certain file formats if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) { echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed."; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo "Sorry, your file was not uploaded."; // if everything is ok, try to upload file } else { if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded."; } else { echo "Sorry, there was an error uploading your file."; } } ?> cause I know attackers can put a virus in images and I don't want any viruses on my website. Also I wanted to know one more thing. How could I make it so that users can only upload a certain size of image like 50x50? The code used in this thread came from this page: https://www.w3schools.com/php/php_file_upload.asp
  2. shah_ankitb

    Payment gateway change method after duration

    I'm using eCommerce. Once done payment it should be captured & after few days it should be processed or deducted from customers account. Example: If the customer pays using Paypal initial it would be "Authorize" & after (Max 21 days) that particular transaction is converted in to "Sale" means processed. Customers can pay using Credit Card. Can we achieve using Paypal or need to use another Payment Method? As per my knowledge: In Paypal SDK API you have to create that Payment Again & then Process. But I already have Transaction Id. So need to create payment again right?
  3. darbok

    wordpress, mybbs, wiki.

    is there a way to make a singular login for a wordpress website that also logs a person into the forums and the wiki at the same time?
  4. darbok

    connecting to msqli

    Looking at how form items are put into a mysql table, the part that seems daunting is if ones form has like 50 items... having to list all those IDs with their variables makes me wonder if there is a better way or if its just " it up buttercup.".
  5. Jaytech

    PHP session_start(); syntax error

    Hey all, I have got a PHP contact form which is working fine in localhost, but when I upload it to a live server(hostgator),I get the following single-line error when l load the form, Please assist PHP CODE <?php session_start(); //INITIALIZE VARIABLES and set to empty values $name = $phone = $email = $message= $captchaResults= ""; $nameErr = $phoneErr = $emailErr = $checkboxErr= $messageErr= $captchaErr= ""; ini_set('display_errors', 1); error_reporting(E_ALL); if ($_SERVER["REQUEST_METHOD"] == "POST") { $valid = true; //check if name is empty and performs functions in curly brackets if (empty($_POST["name"])) { $valid = false; $nameErr = "Please fill out this field"; } else { //Passes name throught test input function at the bottom of page $name = test_input($_POST["name"]); //remove illegal characters from name , Sanitize data $nm =filter_var($name, FILTER_SANITIZE_STRING); // Validate Data if (!preg_match("/^[a-zA-Z\s,.-]{3,30}$/", $nm)) // Regexp requiring letters, spaces, commas and fullstops and should not exceed 30 letters { $valid = false; $nameErr = "Please don't insert numbers*"; } } //check if phone contains numbers if (empty($_POST["phone"])) { $valid = false; $phoneErr = "Please fill out this field"; } else { $phone = test_input($_POST["phone"]); if (!preg_match("/^[0-9\s(),+.-]*$/", $phone)) { $valid = false; $phoneErr = "Please don't insert letters*"; } } //check if email is valid if (empty($_POST["email"])) { $valid = false; $emailErr = "Please fill out this field"; echo'email is empty<br>'; } else { $email = test_input($_POST["email"]); //Remove all illegal characters from email $em = filter_var($email, FILTER_SANITIZE_EMAIL); if (!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/", $em)) { $valid = false; $emailErr = "*Please insert a valid email address*"; } } // Check the values from checkbox and POST them to email $value= ""; // if (empty($_POST["checkbox"])) { $valid = false; $checkboxErr = "Please fill out this field*"; } else{ $checkbox =$_POST["checkbox"]; //Array of values from the checkbox values $value= implode(' , ', $checkbox); //implode values and separate by a comma $value = test_input($value); } //check if message contains letters and white-space if (empty($_POST["message"])) { $valid = false; $messageErr = "Please fill out this field"; echo 'Message is empty<br>'; } else { $message = test_input($_POST["message"]); //remove illegal characters from url $msg =filter_var($message, FILTER_SANITIZE_STRING); if (!preg_match("/^[a-zA-Z\s-,:;`~.?()]*$/", $msg)) //Regexp requiring spaces, full-stops, colon, semi-colons brackets, question marks { $valid = false; $messageErr = "Only letters and spaces are allowed*"; } } //Captcha Results $getRandomNumber1 = $_POST["firstRandomNumber"]; $getRandomNumber2 = $_POST["secondRandomNumber"]; $getCaptchaResults = $_POST["captchaResults"]; $totalNumber= $getRandomNumber1 + $getRandomNumber2; if($totalNumber == $getCaptchaResults){ echo''; } else{$valid = false; $captchaErr="Wrong Answer";} //stores name in a session variable to be used in thank-you page $_SESSION["nm"]= $nm; require ("PHPMailer/PHPMailerAutoload.php"); //including phpmailer class $mail = new PHPMailer(); $mail->IsSMTP(); // set mailer to use SMTP $mail->SMTPDebug = 2; $mail->Host = "smtp.gmail.com"; // specify main and backup server or I.P ADDRESS from server $mail->SMTPSecure = "tls"; // Connect using a TLS connection $mail->Port = 587; //Gmail SMTP port $mail->SMTPAuth = true; // turn on SMTP authorization $mail->Username = "************@gmail.com"; // SMTP username $mail->Password = "**********"; // SMTP password $mail->From = "$em"; //email of sender $mail->FromName = "$nm"; //name of the sender $mail->AddAddress("**************@gmail.com", "Patwan"); //email address of recepient and name $mail->AddReplyTo($em, $nm); //Address to which recepient will reply $mail->WordWrap = 100; // set word wrap to 100 characters $mail->IsHTML(true); // set email format to HTML $mail->Subject = "Contact Form"; //subject of email $mail->Body = "Name: " . $nm . "<br>Phone: " . $phone . "<br>Email: " . $em . "<br>Subject: " . $value . "<br>Message: " . $msg ; //$mailphp = false; if ($valid) { // if (!$mailphp) { if (!$mail->Send()) { echo 'Form could not be sent.'; echo 'Mailer Error: ' . $mail->ErrorInfo; exit; } else { header('Location:thank_you2.php'); } } } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?> Error Warning: session_start(): Cannot send session cookie - headers already sent by ( output started at /home4/pwebk/public_html/contact.php:1) in /home4/pwebk/public_html/contact.php on line 4
  6. So my question is: how can I insert variables into my mysql queries in php? This is my code now, I would like to use the $me and the $friend variables to work in the sql query: function newChat($me, $friend) { global $conn; $sql = "SELECT id FROM chats WHERE (person1 = $me AND person2 = $friend) OR (person1 = $friend AND person2 = $me);"; mysqli_query($conn, $sql) or die('Error querying database.'); echo "check <br />"; $result = mysqli_query($conn, $sql); $row = mysqli_fetch_array($result); while ($row = mysqli_fetch_array($result)) { echo $row['id'] . ' - ' . $row['person1'] . ' - ' . $row['person2'] . ' - ' . $row['date'] .'<br />'; } } newChat('John', 'Marie'); Also if I set $sql to "SELECT * FROM chats" it only gives me one row of my two test rowes in my database. (it only gives the second row, and just ignores the first one? --> a screenshot of the database is at the end of this post) Can anyone please help me with this? Thanks already!
  7. Balderick

    random_bytes usage in email

    I would like to create a a random number with random_bytes(). Can I just store the random_bytes output in the database field? Is that for instance more secure? And, regarding to sending it by email, what is the advantage above sending a code like uniqid() or md5($_POST['var'] + microtime() ? I see the screen output is a bit uncommon (with ? in a diamond ) does that have to do with the encryption? And is that the reason why reason bin2hex is used to decrypt? this is the code I would like to use: <html> <center> <br><br><br> the output of the function random_bytes is: <br><br> <?php $num = random_bytes(15); echo '<br><br>' . $num ; echo '<br><br> var dump of random_bytes with bin2hex: ' ; echo bin2hex($num); ?> </center></html>
  8. sandeepm

    How to use php data in javascript

    function test(){ var a = "hellow"; } This is my javascript function i want to use my php data to this function, how?
  9. I have a simple php script to send email from contact form... it works okay... but I need to add an additional recipient and am lost. Here is the script... your help would be appreciated. The text in red are parts in question. <?php // My modifications to mailer script from: // http://blog.teamtreehouse.com/create-ajax-contact-form // Added input sanitizing to prevent injection // Only process POST reqeusts. if ($_SERVER["REQUEST_METHOD"] == "POST") { // Get the form fields and remove whitespace. $name = strip_tags(trim($_POST["name"])); $name = str_replace(array("\r","\n"),array(" "," "),$name); $email = filter_var(trim($_POST["email"]), FILTER_SANITIZE_EMAIL); // tlh add phone $phone = trim($_POST["phone"]); $message = trim($_POST["message"]); // Check that data was sent to the mailer. // tlh added phone if ( empty($name) OR empty($message) OR empty($phone) OR !filter_var($email, FILTER_VALIDATE_EMAIL)) { // Set a 400 (bad request) response code and exit. http_response_code(400); echo "Oops! There was a problem with your submission. Please complete the form and try again."; exit; } // Set the recipient email address. // FIXME: Update this to your desired email address. $recipient = "user@somedomain.com"; // Set the email subject. $subject = "New Website Contact Form Submittal"; // Build the email content. $email_content = "Name: $name\n"; $email_content .= "Email: $email\n\n"; $email_content .= "Phone Number: $phone\n"; $email_content .= "Message:\n$message\n"; // Build the email headers. $email_headers = "From: $name <$email>"; // Send the email. if (mail($recipient, $subject, $email_content, $email_headers)) { // Set a 200 (okay) response code. http_response_code(200); echo "Thank You! Your message has been sent."; } else { // Set a 500 (internal server error) response code. http_response_code(500); echo "Oops! Something went wrong and we couldn't send your message."; } } else { // Not a POST request, set a 403 (forbidden) response code. http_response_code(403); echo "There was a problem with your submission, please try again."; } ?>
  10. I was wondering if there is any way to set unique values to each cookie. I want to use these cookies on my website to see if the visitor has already visited my website once, but without asking any information from them. This way I want to store this unique value in my database each time someone opens my website, and I will be able to see if there have been - for example - 20 different visitors in the past month, or if the same person has visited my website 20 times. All my code is already written and working, I only need a way to set a different unique value to each cookie I set.
  11. I am trying to set a cookie when there is no cookie from my website found on the user's PC, but the following line of code doesn't work inside a function: $cookiename = "test"; $cookievalue = "tests"; setcookie($cookiename, $cookievalue, false, "/", "localhost"); It does work however if it is placed outside of the function. For exampe, the code above works, but the next code doesn't: $cookiename = "test"; $cookievalue = "tests"; function addCookie() { setcookie($cookiename, $cookievalue, false, "/", "localhost"); } addCookie();
  12. I've run into an annoying problem with spacing that I can't seem to code myself out of. I have a table with a 400x100 image at its background in a page that is set max-width=400px, intended to be full width on mobile devices. The containers honor this, but somehow the image is being resized. Note the right edge of the screen, the 400px image is not aligned with the 400px containers. So i borrowed iPhone5 and I found a different problem. the far right of the image is clipped, so I dropped the last label and radio button down to the next container for the first set. That is when I noticed the w3-radio button, while bigger that the standard radio, aligns differently on iPhones. When I load the page in FireFox it looks the way I intend. Link to page: http://scaikeqc.org/sandbox/t6a.php This is a semi-permalink, as I've set aside the current version of the module to show you. Clearly I need something more flexible, while at the same time doesn't break the careful balance between background image and text positioning and font size. I've fallen back on the old way of using HTML tables for layout because I wasn't getting the results desired with my basic understanding of CSS. Relevant code below with relevant functions below that. Reason for using a function to post the opening HTML headers is that I use a lot of self-referencing PHP which in turns uses the header('Location: '.$_SERVER['PHP_SELF']); method of processing data before kicking back or pressing forward based on validation tests or other calculations in PHP. OpenHTML($_SESSION['EName']); print "<body style=\"max-width:400px\">\n"; ShowCaution(); ShowError(); print "<form name=\"moarch\" action=\"{$_SERVER['PHP_SELF']}\" method=\"POST\">\n"; print "<div id=\"MoArch\" class=\"w3-container w3-indigo\">\n"; print "<table class=\"w3-table w3-centered\"> \n"; print "<TR><TD>Mounted Archery -- Single Shot</TD></TR>\n"; IF (is_null($_SESSION['RiderHonors'])) { printf("<TR><TD><H2>%s</H2></TD></TR>\n", $_SESSION['RiderName']); } ELSE { printf("<TR><TD><H2>%s %s</H2></TD></TR>\n", $_SESSION['RiderHonors'], $_SESSION['RiderName']); } print "</TABLE>\n"; print "</DIV>\n"; print "<div class=\"w3-display-container\">\n"; print "<img src=\"target_sm.png\" alt=\"Target\">\n"; print "<div class=\"w3-display-left w3-container\">\n"; print "<table class=\"w3-table w3-centered w3-xlarge w3-text-shadow\">\n"; print "<TR class=\"w3-left-align\">\n"; print "<TD class=\"w3-text-light-green\">$Gold<BR><input class=\"w3-radio\" type=\"radio\" name=\"Pass1\" value=\"G\"></TD><TD></TD><TD class=\"w3-text-black\">$Red<BR><input class=\"w3-radio\" type=\"radio\" name=\"Pass1\" value=\"R\"></TD><TD></TD><TD class=\"w3-text-white\">$Blue<BR><input class=\"w3-radio\" type=\"radio\" name=\"Pass1\" value=\"B\"></TD><TD></TD><TD class=\"w3-text-light-gray\">$Black<BR><input class=\"w3-radio\" type=\"radio\" name=\"Pass1\" value=\"K\"></TD><TD></TD><TD class=\"w3-text-dark-gray\">$White<BR><input class=\"w3-radio\" type=\"radio\" name=\"Pass1\" value=\"WK\"></TD><TD></TD>\n"; print "</TR>\n"; print "</TABLE>\n"; print "</div>\n"; print "</div>\n"; print "<div id=\"MoArch\" class=\"w3-container w3-indigo\">\n"; print "<table class=\"w3-table w3-centered\"> \n"; print "<TR><TD>First Pass</TD><TD>Miss<input class=\"w3-radio\" type=\"radio\" name=\"Pass1\" value=\"M\"></TD></TR>\n"; print "</TABLE>\n"; print "</DIV>\n"; function OpenHTML($c) { print "<!DOCTYPE html>\n"; print "<html>\n"; print "<title>$c</title>\n"; print "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n"; print "<link rel=\"stylesheet\" href=\"http://www.w3schools.com/lib/w3.css\">\n"; } function ShowCaution() { IF (isset($_SESSION['Caution']) AND !is_null($_SESSION['Caution'])) { print "<article class=\"w3-panel w3-yellow\">\n"; print "<P>Take Note:<BR>\n"; print "{$_SESSION['Caution']}</P></article>\n"; $_SESSION['Caution'] = NULL; } } function ShowError() { IF (isset($_SESSION['EntryError']) AND !is_null($_SESSION['EntryError'])) { print "<article class=\"w3-panel w3-red\">\n"; print "<P>You have an error in your input, please try again.<BR>\n"; print "{$_SESSION['EntryError']}</P></article>\n"; $_SESSION['EntryError'] = NULL; } }
  13. Balderick

    how to count values?

    <?php if (empty($count)) { $count=''; } if ($count == '') { $count ='1'; } else { $count++ ; } echo $count; echo '<br>'; ?> My goal is to make a script that increments $count ever time someone downloads the page. Can this be done without 'storing' the $count value? Or should I create a script with fwrite/fopen or $_SESSION?
  14. westman

    pgp public key on my site

    I notice that some sites on the clear web but most on the dark web show their PGP public key. ​I have a pgp privet key that was auto generated along with my .onion url when I opened the tor browser. I also took a look at https://github.com/singpolyma/openpgp-php and my question is... How do I display a PGP public key on a website that relates to my site url using php?
  15. warrens0017

    Warning: Cannot modify header information

    Hi, I am having an issue with a warning that keeps popping up. I have edited the line it is saying but still getting the error. Warning: Cannot modify header information - headers already sent by (output started at /Pages/Forums/comments.php:227) in /Pages/Forums/comments.php on line 88 Here are the two lines that the warning is saying function setNote($conn) { if (isset($_POST['NoteSubmit'])) { $id = mysqli_real_escape_string($conn, $_POST['id']); $date = mysqli_real_escape_string($conn, $_POST['date']); $note = mysqli_real_escape_string($conn, $_POST['note']); $sql = "INSERT INTO note (id, date, note) VALUES ('$id', '$date', '$note')"; $result = mysqli_query($conn, $sql); header("Location: /Pages/Profile.php"); //This line has the error - LINE 88 } } And the other function getNote($conn) { $id = $_SESSION['id']; $sql = "SELECT * FROM note WHERE id='$id'"; $result = mysqli_query($conn, $sql); while ($row = $result->fetch_assoc()) { echo "<div class='comment-box'><p><b>"; echo "Note: </b><br>"; echo nl2br($row['note']); echo "</p></div> <form class='delete-form' method='POST' action='".deleteNote($conn)."'> <input type='hidden' name='nid' value='".$row['nid']."'> <button type='submit' name='deleteNote'>Delete</button> </form>"; //This line has the error - LINE 227 } } Now after I refresh the page, I see what i typed. Hope someone has and answer. Thanks!
  16. The root problem is an ASPX (ASP.NET) web page program, part of an important business program presently in development and connected to an sql server database (.mdf) file, is presently unable to do two procedures: rs=Server.CreateObject("ADODB.Recordset") and rs.Open (sql1,conn). Both operations return rs.State = False. The reason is not clearly understood. The system is Windows XP SP3. The only error observed in the MSSQL ERRORLOG is: The SQL Server Network Interface library could not register the Service Principal Name (SPN) for the SQL Server service. Error: 0x54b, state: 3. Failure to register an SPN may cause integrated authentication to fall back to NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies. When researched on Internet this first url was found: Reference(1): https://blogs.technet.microsoft.com/mdegre/2009/11/08/the-sql-network-interface-library-was-unable-to-register-spn/ Where it says: If you run SQL Server under the LocalSystem account, the SPN is automatically registered as SQL registering with the machine account that has the right to create an SPN default. So Kerberos interacts successfully with the server running SQL Server. The settings currently in use are SQLEXPRESS (2008R2) service, on Manual, with Local System startup account logon. This startup account is believed to have enough permissions to register the SPN, but that may be for an sql expert to decide. The SQL Server is started manually using the System Tray Icon, when needed. So upon further thought, the inadequate permission argument for causing the failed Recordset object creation does not seem to make complete sense. Since the Local System account being used for the sql server startup account should already have enough permission? On the other hand, the SQL ERRORLOG continues to say it could not register the SPN? (So Internet research was continued.) Then on Internet this second url was found: Reference(2): https://blogs.msdn.microsoft.com/dataaccesstechnologies/2010/01/06/how-to-grant-readserviceprincipalname-and-writeserviceprincipalname-rights-to-sql-server-service-start-up-account-without-using-adsdiedit-tool/ Comment: Ironically (considering the url article title) the decision was to use the ADSI Edit tool to assign greater permissions. Where it says: Instead of setting SPNs manually, you may want to give ReadServicePrincipalName and WriteServicePrincipalName rights to SQL Server service start-up account so that it can register and de-register SQL Server SPNs on its own whenever the SQL Server service is started and stopped. As the above articles describe, these rights can be granted from ADSIEDIT tool. Comment: The intended use of ADSI Edit tool seemed close to succeeding and might have succeeded but all attempts to connect ADSI Edit to the running SQL Server local instance have only been unsuccessful. ADSI Edit seems unable to see the running local sql server. Not enough was known about ADSI Edit to fix that. This is a standalone laptop without a domain and without a LAN. (But again there is the local sql server instance to connect to.) Then two SQL stored procedures sp_ActiveDirectory_SCP and sp_ActiveDirectory_Obj fail while attempting to register the SQL Server instance and the database (.mdf) file into the Active Directory database saying instead the system does not have Active Directory installed (but of course it does, at least partially). Then on Internet this third url was found: Reference(3): https://technet.microsoft.com/en-us/library/cc773354(v=ws.10).aspx Where it says: Adsiedit.msc automatically attempts to load the current domain to which the user is logged on. If the computer is installed in a workgroup or otherwise not logged on to a domain, the message "The specified domain does not exist" displays repeatedly. To resolve this issue, you may want to open an MMC, add the ADSI Edit snap-in, make connections as appropriate, and then save the console file. The ADSI Edit snap-in was succesfully added to MMC. But ADSI Edit still seems unable to make the connection in this situation. And the console file would not save. There are two command line tools (from win supp tools 2003) which can also set these R/W rights. One being setspn.exe and the other dsacls.exe. But they both also seem to read and store the permissions information in the Active Directory database (NTDS.dit) file. So Iwould not expect them to work either for similar reasons. It seems I am trying to get Active Directory working in a windows workgroup consisting of only one machine. Is that, by definition, impossible, since a workgroup needs to have a minimum of two machines? Reference(4): https://mssqlwiki.com/2013/12/09/sql-server-connectivity-kerberos-authentication-and-sql-server-spn-service-principal-name-for-sql-server/ The reference(4) does not change my situation because it still requires an Active Directory database which again requires a domain or workgroup (LAN) neither of which are present in my case. But reference(4) is still beneficial because it excels at providing such a detailed Active Directory configuration example. My last thought is that in the absence of a domain or workgroup (LAN), there are still present in my case the SQL Server instance and the localhost server (provided by MS Expression Development Server). So I came to wonder if it was possible for ADSI Edit to connect to those two servers somehow? (Attempts so far have been unsuccessful.) I cannot imagine how my situation is so unusual. Is mine the only machine running ms sql server in a standalone configuration? I would expect there to be (many) others. Thank you for your time. Please advise.
  17. Hello, I want to do a countdown and put it in my website. I did a countdown but I have a problem, when I launch it, the seconds are freezing they are not anymore running... So the countdown is not in realtime anymore... I have to refresh in order to see the countdown running. Here is what I did: <div id="after"> <span id="dhour"></span>:<span id="dmin"></span>:<span id="dsec"></span> </div> <div id="count2">Texte à afficher</div> <div class="numbers" id="dday" hidden="true"></div> <script> var ladate = new Date("<?php echo gmdate("Y-m-d\TH:i:s\Z");?>"); var year=ladate.getFullYear(); var month=ladate.getMonth()+1; var day=ladate.getDate(); var hour=14; var minute=20; var tz=0; var montharray=new Array("Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"); function countdown(yr,m,d,hr,min){ theyear=yr;themonth=m;theday=d;thehour=hr;theminute=min; var today= new Date("<?php echo gmdate("Y-m-d\TH:i:s\Z");?>"); var todayy=today.getYear(); if (todayy < 1000) {todayy+=1900; } var todaym=today.getMonth(); var todayd=today.getDate(); var todayh=today.getHours(); var todaymin=today.getMinutes(); var todaysec=today.getSeconds(); var todaystring1=montharray[todaym]+" "+todayd+", "+todayy+" "+todayh+":"+todaymin+":"+todaysec; var todaystring=Date.parse(todaystring1)+(tz*1000*60*60); var futurestring1=(montharray[m-1]+" "+d+", "+yr+" "+hr+":"+min); var futurestring=Date.parse(futurestring1)-(today.getTimezoneOffset()*(1000*60)); var dd=futurestring-todaystring; var dday=Math.floor(dd/(60*60*1000*24)*1); var dhour=Math.floor((dd%(60*60*1000*24))/(60*60*1000)*1); var dmin=Math.floor(((dd%(60*60*1000*24))%(60*60*1000))/(60*1000)*1); var dsec=Math.floor((((dd%(60*60*1000*24))%(60*60*1000))%(60*1000))/1000*1); if(dday<=0&&dhour<=0&&dmin<=0&&dsec<=0){ document.getElementById('count2').style.display="inline"; document.getElementById('after').style.display="none"; document.getElementById('dday').style.display="none"; document.getElementById('dhour').style.display="none"; document.getElementById('dmin').style.display="none"; document.getElementById('dsec').style.display="none"; document.getElementById('days').style.display="none"; document.getElementById('hours').style.display="none"; document.getElementById('minutes').style.display="none"; document.getElementById('seconds').style.display="none"; return;}else { document.getElementById('count2').style.display="none"; document.getElementById('dday').innerHTML=dday; document.getElementById('dhour').innerHTML=dhour; document.getElementById('dmin').innerHTML=dmin; document.getElementById('dsec').innerHTML=dsec; window.location.reload(); setTimeout("countdown(theyear,themonth,theday,thehour,theminute)",1000);}} countdown(year,month,day,hour,minute); </script> Thank you.
  18. I'm trying to learn PHP and CMS. But do not know how to learn. I need guidelines. If someone tells me how I can do, then I will be benefited. What will learn step by step?
  19. I'm trying to learn PHP and CMS. But do not know how to learn. I need guidelines. If someone tells me how I can do, then I will be benefited. What will learn step by step?
  20. Is there a way to prevent that a malicious person crafts a piece of code that changes the value of an action attribute? Like when you have this line of html: <form method="post" name="register" action="<?php echo $_SERVER['PHP_SELF']; ?>"> but the attacker places the entire script on his own server. Is this XSS? What are the consequences of gaining/finding protected data? If this kind of attack is possible, can someone show with an example how this is done?
  21. warrens0017

    PHP Error - NOTICE: Undefined index

    Hi everyone. So I am have an issue to were I am trying to send information to my database and I get this error: NOTICE: Undefined index This is the code I am using: index.php <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>Test Page</title> <link rel="stylesheet" type="text/css" href="style.css"> </head> <body> <form action="signup.php" methos="POST"> <input type="text" name="first" placeholder="First Name"><br> <input type="text" name="last" placeholder="Last Name"><br> <input type="text" name="uid" placeholder="Username"><br> <input type="password" name="pwd" placeholder="Password"><br> <button type="submit">SIGN UP</button> </form> </body> </html> signup.php <?php include 'dbh.php'; $first = $_POST['first']; $last = $_POST['last']; $uid = $_POST['uid']; $pwd = $_POST['pwd']; $sql = "INSERT INTO username (first, last, uid, pwd) VALUES ('$first', '$last', '$uid', '$pwd')"; $result = mysqli_query($conn, $sql); ?> dbh.php <?php $conn = mysqli_connect("localhost", "root", "", "logintest"); if (!$conn) { die("Connection failed: ".mysqli_connect_error()); } ?> So this is the code I am using. I know it is connecting to the database because the PRIMARY KEY is entering without an issue but the information is now being filled in. I.E. First name, Last name, User, and Password. If anyone can help me that would be great.
  22. I'm going to get this out of the way right up front, I am very new at this PHP stuff. After a lot of research I have developed a standalone PHP file that I want to call from a HTML page. It isn't getting past my HTML code so I think I've done something there. This is my HTML code: <div class="visitor-count">Number of visitors since 12-10-2016:</div> <img alt="Hit counter" src="../javascripts/counter.php" /> Any help would be greatly appreciated. RPatton
  23. Hi all, I'm trying to execute a query which uses the value from my session which is set when the user logs in. When I try to view the query, it displays nothing. SQL statement // get value of session $username = $_SESSION['username']; // executeable query $sql = ("SELECT * FROM custstock WHERE username = '$username'"); // query $row = mysqli_query($custdb, $sql) or die(mysqli_error($custdb)); The code for my table; <table width="100%" border="1" cellpadding="1" cellspacing="1" class="carInfo"> <tr> <th>ID</th> <th>Vehicle ID</th> <?php while($custveh = mysqli_fetch_assoc($row)){ echo "<tr>"; echo "<td>".$custveh['id']."</td>"; echo "<td>".$custveh['vehID']."</td>"; echo "</tr>"; } ?> </table> Any suggestions would be great, thanks! Jack
  24. Dear all; Is there any technical difference between initially setting a variable to false or setting it to an empty value at the beginning of a script, i.e., $x = false; vs $x='';
  25. hi there, I bumped into the use of session_set_cookie_param() and was thinking about how to limit access for undesired users. Besides lifetime, I thought it would be effective to set the domain param. But how effective is this in real? Isn't it also possible to spoof domain names. (as a lot can be crafted ). is there any evidence this can be done and if so how to avoid it? Like cloaking domains or so or is that exaggerating and time consuming?
×