Ingolme

When setting a function to an event handler, you have to pass a reference to the function, not call the function. This means that the function cannot have arguments and it cannot use parentheses. This would be the correct way to add currentDiv as an event handler: document.getElementById("menu_image_1").onclick = currentDiv; The currentDiv function can access the image element using the variable called "this"

The most simple solution would have a global variable keeping count of the number of requests that have been completed. var complete = 0; for (var i = 0; i < arr.length; i++) { $.post().then(handleResponse); } function handleResponse() { complete++; if(complete == arr.length) { // Do something } }

The HTML 5 search input is practically no different than a regular text input, it does not have syntax or operators. The searching has to be done by a program you built, either on the client-side with Javascript or the server-side with almost any programming language.

You save yourself the trouble of making an HTTP request from your server to your own server. It's like walking out the front door of your house and getting into the back door in order to go from the living room to the kitchen. In technical terms it's slow and marginally less secure. Your program should be broken into several modules, each being able to interact with each other within the same environment. You could break your program into a generate_template($vars) function and a verify_email($address, $code) function among others that do different tasks, then you would do the following: $verified = verify_email($_POST['email'], $_POST['verification_code']); if($verified) { $vars = [ 'title' => 'Something', 'name' => 'Something' ]; $to = $_POST['email']; $subject = 'Email subject'; $body = generate_template($vars); send_an_email($to, $subject, $body); } This is, of course, very simplified, but the verify_email(), generate_template(), send_an_email() functions can be used anywhere on your site, just put them in a file and include the file where needed. I usually make more complex programs and use objects with properties and methods rather than just functions. These objects can be used on many different pages, each page just has to include the objects that it needs.

If both the newsletter generator and the verification page are on the same server then there's no need for any HTTP requests. Just write PHP code on the verification page that manipulates the newsletter database.

Caption is not a valid attribute for the <img> element, so it wouldn't do anything. The editor should not be adding a caption attribute.

Yes, two slashes are necessary, since one of them is to escape the backslash in the PHP string. If the page is blank that means the PHP syntax is incorrect, check your server's error log to find out why. It looks like I forgot delimiters around my regular expression, which you should have been able to identify on your own. preg_replace('#[0-9]+\\.test\\.com#', '9.test.com', $unit); Your expression selects any set of digits, that's why it's changing the whole URL. If you want to identify a particular set of digits then you need to find parts of the URL that are surrounding it.

If "test.com" is always the same then you can search for that. preg_replace('[0-9]+\\.test\\.com', '9.test.com', $unit);

You can remove the border using CSS as in this example: https://www.w3schools.com/tags/tryit.asp?filename=tryhtml_iframe_frameborder_css

Either the "fixed" or "sticky" position shown in the tutorial should do the job. https://www.w3schools.com/css/css_positioning.asp

"Parent" and "child" refer to the relationships between HTML elements. The CSS stylesheet is not the parent of anything. In the following code, <div> is a parent of <span> and of <a>. <span> and <a> are children of <div> and are siblings of each other: <div> <span></span> <a></a> </div>

The lesson you should be taking is that whenever data is being used in an environment, it should be sanitized according to the syntax of that environment. I don't know anything about hacking. I would never use the real_escape_string() function. It was used to escape string values for SQL queries before prepared statements existed. Now that prepared statements exist there is no reason to use it. I've never used filter_var() before. Some people like to use it for validating form data but there is never a situation where it is completely necessary.

Sanitization depends entirely on how the data is being used. If it's being used inan SQL query it has to be made safe for SQL syntax, if it's being printed on an HTML page it has to be made safe for HTML syntax, if it's being put into a Javascript string you need to escape the string delimiters. The data itself, during processing, is not inherently dangerous in any way; it only becomes dangerous when it can be interpreted as code to be executed. You can't sanitize it when it comes in because you don't know where it's going to be used so you don't know how it needs to be sanitized, there's no single sanitization solution that works for all cases.

If my guess is correct, they have a string with a whole lot of useless data and the useful data is scattered within it. The code would be the way that they pull the useful data out. That's just my guess and it's probably wrong, I haven't carefully analyzed the code. If you want to analyze the code, read it line by line and follow what's happening to each of the variables. Write it down on paper.

You don't need to do any kind of sanitization if you're just processing the data. If you're printing the data on an HTML page, use htmlspecialchars() right before printing.

It's obfuscated to some degree. There's no way to get the original code without asking the authors, since obfuscation involves renaming variables and functions to something meaningless. Obfuscated code isn't impossible to understand, you just have read through the code and see what it is doing. It's a time consuming task so I will not be doing that. At a glance, I'd say this code is probably a convoluted way of pulling data out of a string that is mostly comprised of garbage. Where did you find this code and why is it important to you?

What's with the random "i" following the "button"?

Neither of the two functions are recommended. To ensure that values are safe for the database, you must use prepared statements.

The child div needs a width. The concept of centering doesn't make sense when the element is as wide as the screen.

An error only occurs after a statement has been executed. The error here is not a MySQL error, it's a PHP error. You can't pass one single string as multiple arguments of a function, you have to call it like this: $stmt->bind_param('ss', $clas, $sec)

If I'm remembering correctly, setting the from header to "John Smith <system@mysite.com>" it should display that name instead of "system".

I'm going to need to know what a "sparkline" even is and how to make it appear. There's a lot of stuff on that page.

You need to add units to your CSS properties or else they'll be ignored. document.getElementById(slID).style.top = Yx + "px"; document.getElementById(slID).style.left = Xx + "px"; The reason that elements may stack vertically is that there isn't enough horizontal space for them, use your DOM inspector to see the size of the element that is containing these elements. Perhaps we could diagnose the problem easier if we have a live example of the code.

In your HTTPS page all the Javascript files should also be loaded with the HTTPS protocol because the browser does not allow loading unencrypted content on an encrypted page. This file on your page is still using unencrypted HTTP: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

From my observations, nobody ever embeds videos in e-mail, what they do is put an image that looks like a video and that image is a link to the video on youtube.