Ingolme
-
Posts
14,901 -
Joined
-
Last visited
-
Days Won
177
Content Type
Profiles
Forums
Events
Everything posted by Ingolme
-
You have a risk of SQL injection in your code. In simpler terms: that code lets people hack your database.
-
mail() returns false if there was a mistake from PHP's part, so for one you can have your program send the mail first and write in the database later if there were no problems. Though as the manual said, mail() can't tell for sure if the SMTP server sent it, it just knows that the mail was accepted by the server for delivery. $test = mail($to,$subject,$message,$headers);if(!$test) { echo '( ! ) MAIL ERROR'; // Do something here}
-
The client's ID is in the $_GET array. You can read up on the WHERE clause for your query. You won't need the DISTINCT keyword if you're only fetching one row.
-
You can copy values from one table to another using INSERT INTO SELECT. You should never pass $_POST, $_GET, $_REQUEST or $_COOKIE values directly into a query. It can allow for SQL injection in which a user can manipulate your database and pretty much hack your website. In order to prevent this use mysqli_real_escape_string() or mysqli_prepare().
-
You have mismatched quotes again, which should be clear in a color coded editor echo "<a href="$row_recordset1['product']"> "$row_recordset1['product'] " </a>'; Here's the PHP manual page on strings, how to print then, put variables in them and how different delimiters work. Please read it carefully.
-
Wheres your PHP code?
-
This looks like homework. You probably should learn PHP and do what it says. If we did it for you you wouldn't learn anything.
-
The query is wrong. $account_id is literally being interpretted as "$account_id" because you've wrapped the string in single quotes. Aside from that, the double quote at the end of the string is a syntax error for MySQL. I don't see where the value of $account_id is being set, but you might be at risk of SQL injection.
-
That means that your server isn't executing the PHP, or it's sending the wrong Content-type header.
-
That line is correct. You'll have to show more code including the query and row fetching.
-
I'm afraid we don't have any control over how the forum works. You will have to send complants to InvisionPower.
-
Your URL is fine. The POST part only is meant to show the path to the file. The content doesn't require the domain because the receiver of this message already knows who it is. What response are you getting?
-
Well, first check that theevent has a value. The second problem is that document.data is not a proper syntax to get elements by their ID. Use document.getElementById("data").
-
You haven't wrapped the string in quotation marks on this line: echo <img src="images/$row_recordset1['image']" >;
-
It doesn't DO anything, but it's a way to put many objects in one container. It's mostly used if there isn't any better block-type element to represent the content with. The biggest reason people use divs is to put CSS style to things. A <span> has the same use as a div bit it's "inline" which means it behaves like text rather than like a box.
-
Floated elements only float relative to the content that follows it, so the divRight element should be placed before divMiddle. If you want a separation between the middle div and the two on the sides then give a margin to it larger than the width of the side divs: #divMiddle { margin-left: 120px; margin-right: 120px;}
-
It's part of object-oriented programming. The operator is explained here: http://nl1.php.net/manual/en/language.oop5.properties.php
-
You would only need the z-index property if you had other elements with absolute or fixed positions.
-
An <img> element with position:fixed.
-
You shouldn't need the FTP client while developing. Test the page on your computer and only upload it once it's finished.
-
If you can't use CSS then why does your <div> have a style attribute? I would avoid using position: absolute. I'm sure that there's a way to get the same result you want without it. Rather than putting an <img> element on the page, use the background-image property if you want text in front of it.
-
Logically, this line has a big redundancy: $registered = ($user_count_row == 0) ? 0 : $user_count_row; It's the same as writing: $registered = $user_count_row;
-
Oh, goodness. This website... There are better ways to do this, even without PHP. There are many things to look through but this line really has me concerned: <META content=IE=5.0000 http-equiv=X-UA-Compatible> Who made this and how many years ago? So finding somewhere to start, you can check the error console. It's showing this error: It's referring to this part, which I'm not sure where to find function onload(event) { checkboxUpdate('Home') }
-
No, it won't work if PHP isn't installed on the server. The best thing to do is to tell the user to put their data in the body rather than trying to use form fields to put it there.
-
E-mail clients only take a subject variable. The rest of the variables are handled however the e-mail client wants to, and you have no control over it. The mailto: protocol is really limited and not very user friendly. If you want full control over mail you have to use a server-side language, such as PHP, to process the form data and send the mail. W3Schools has a simple PHP mail tutorial: http://www.w3schools.com/php/php_mail.asp
