Ingolme
-
Posts
14,901 -
Joined
-
Last visited
-
Days Won
177
Content Type
Profiles
Forums
Events
Everything posted by Ingolme
-
What's a "color library"? You have a range of over 16 million colors to choose from in CSS
-
The comma is used to separate selectors. If you want descendants of the .nav element, just separate them with a space: .nav ul { /* Rules */ } .nav li { /* Rules */ }
-
When using prepared statements you don't have to worry about SQL injection, MySQL escapes the data for you. It doesn't matter whether it's INSERT, SELECT, UPDATE, DELETE or anything else. Just put placeholders anywhere where variables would have been used. Here are examples of different queries with placeholders in them: INSERT INTO table (field1, field2) VALUES (?, ?) SELECT * FROM table WHERE id = ? UPDATE table SET field1 = ? WHERE id = ? DELETE FROM table WHERE id = ?
-
You will need to change your code. As of PHP 5.5, the server will show warning messages if you're using the mysql library and in PHP 7 the mysql library will no longer be supported. If you're interested in keeping your code working on newer platforms you will have to update it to use a newer library.
-
Which element are you setting the height for? Setting the height of .first will affect the height of the background image. You can also set the padding of .first (not margin) to give more space for the background within the element.
-
The form attribute only applies to form control elements. It doesn't exist on elements like <div> or <p>. What kind of element are you referring to when you say "non-form element"? This is regarding the form attribute from the MDN page for the <input> element: When the element is a descendant of a <form> element the form attribute is not needed. If the element is not inside a <form> then the form attribute will indicate which form the element belongs to so that when the form is submitted the element's value is added to the data that is sent. I'm not certain how fieldset elements behave, I would guess that the fieldset's children would belong to the same form that the fieldset belongs to, but it can be easily confirmed with an experiment. Experiments can be done with the form attribute by submitting the form and seeing which values get sent to the server. My guess before doing experiments is that a child of one form that has a form attribute from a different form will be added as a value when either of the two forms are submitted.
-
The mysql library is deprecated for security reasons, use PDO or MySQLi. To stop injection, escaping is no longer the correct solution, the proper solution is to use prepared statements. W3Schools has a tutorial page about prepared statements.
-
You can use scandir() to list files in a directory and generate the HTML for the images. The line breaks exist, but HTML doesn't render line breaks unless you specifically put a <br> element. You can use nl2br() to show line breaks in the text provided by users. You can't choose the size of a file, but you can give a size limit in the file uploader. There are plenty of PHP file upload tutorials, you should look at some of them. The W3Schools tutorial has sections explaining how to limit the file size and file type. You can use str_replace() to change substrings into something else, such as in the following example: <?php $string = str_replace(':)', '<img src="smiley.gif">', $string); ?>
-
I don't know what you want it to do. Should you users see the literal string "<h3>" in their e-mails or not?
-
It strictly depends on what you want to see. From what I've read in your previous posts, you actually want angle brackets ("<" and ">") to appear in your e-mail. You need to sanitize the $_POST variable when you put it into the template. There are two different environments you're working with: Environments that use plain text (Database, PHP backend) Environments that use HTML (Browsers and e-mail clients) For environments that use plain text, no sanitization is needed. When you put the variables into an environment that uses HTML then you have to sanitize it.
-
That's true. The $_POST variable and the database table will have exactly the same content that you typed into the textarea. What you have to watch out for is that if you put the content of the $_POST variable into an environment that reads HTML (a browser or e-mail client) it will parse the HTML.
-
Your current solution is far more efficient than constructing an array and using in_array() on each iteration, but there's an alternative to in_array() which is much less costly: Using the keys of an associative array. <?php $exclude = array( 'item1' => 1, 'item3' => 1, 'item4' => 1 ); $dir = '/myFolder'; $filesDir = new FilesystemIterator($dir, FilesystemIterator::SKIP_DOTS); $fileName = ''; foreach ($filesDir as $file) { $fileName = $file->getBasename(); if(!isset($exclude[$fileName])) { echo $fileName.'<br>'; } }
-
If you want to see "<h3>Q&A</h3>" instead of "Q&A" then you should pass it through htmlspecialchars() before putting it into the template any anywhere else were you will be using it. $html_message = str_replace('%something%', htmlspecialchars($something), $html_message);
-
Have you tried the same code in another environment to see if it's just an issue with the browser itself? Generally the mouse wheel doesn't scroll something unless it's focused, so you have to click on the region before scrolling it.
-
If you actually want the HTML to be rendered, then no sanitization is needed at all. If you want to literally see all the tags then you would use htmlspecialchars() right before putting the data into the HTML template. There's no need to sanitize it for storage even when you want to prevent HTML injection. You sanitize it only right before using it.
-
You should stop using the mysql library, it's been deprecated for over a decade for security reasons. Every manual page for mysql_ functions has a large warning on them: http://php.net/mysql_query You should not put variables right in your SQL string, that leaves your code open to being hacked. Use prepared statements, W3Schools had a tutorial page about them: https://www.w3schools.com/php/php_mysql_prepared_statements.asp
-
Float puts an element to the left or right of all the content that follows it if that content fits in the remaining space. In this W3Schools example, the menu is 25% width and the content is 75% width. If you tried to add something else, it wouldn't fit because it exceeds 100% of the available width. If you want to add a third column you have to adjust the widths. A floated element will only appear next to content that follows it and below content that precedes it unless the preceding content is also floated. I haven't seen your specific code, so I don't know for your particular case why it's not behaving as you intended.
-
Store the completed state of the form in the session, then check whether the session value is set before showing the panel. You can do this in Javascript with localStorage, sessionStorage or cookies. You can do it in PHP using sessions or cookies.
- 1 reply
-
- 1
-
-
- performance.navigation.type
- splash panels
- (and 1 more)
-
Considering JSON is literally Javascript, you don't need to put it into a string to use it. You can directly do this and skip the parsing: var wordmax_json = <?php echo json_encode($wordmax)?>;
-
Assuming that the font is in the same directory as your HTML file, that should work. You haven't shown if any of the elements are using the font. No element shown here has a class of "myFontClass" This piece of code doesn't do anything, you should remove it: <link rel="stylesheet" type="text/css" href="fonts/JACKPORT COLLEGE NCV.ttf">
-
It sounds like there's no field called `title` in your `writers` table. I don't know anything about your database structure, so all I can do is make guesses based on what little information you provided here.
-
Here's a question from StackOverflow addressing copying an object: http://stackoverflow.com/questions/122102/what-is-the-most-efficient-way-to-deep-clone-an-object-in-javascript The best solution seems to be to convert to a JSON string and then converting back to an object. var x = { a : 1, b : 2 }; var y = JSON.parse(JSON.stringify(x)); I've hardly ever come across a situation in Javascript where I needed to clone an object.
-
What does your code look like? The map() function runs a callback on each of the elements in an array or object. I don't think it works recursively.
-
You seem to be confusing PHP with Javascript. They're two differently languages running in completely different environments. PHP goes inside <?php ?> tags, Javascript must be outside of them and between <script> tags. PHP and Javascript never mix.
-
"c" and "w" are alias for the tables. You use the AS keyword to shorten the table name so that you don't have to type such a long name so many times. "client" and "writers" are the two tables from your previous post. I don't know the name of the databases that they are in, so I just used "database1" and "database2" as example names.
