mekha

mmm ok... i solved it....i created another date field in the table...and when adding a comment...update the date of post field to the same of the comment and order by this field ...thank you man

Sorry man ... not 2 tables...comments and posts in the same table...the post:parent_id = 0 / the comment:parent_id = $postid .... any another suggestions ?

i have 2 tables:1) father table.. (posts table)2)child table.. (comments table)now i ordered the results by (id of father) desc.....now what i want is if comment on some post,,,this post is being the first in the order!..any help please ?what query to use?

i do not get any errors...but the alert isnt work!... i tryed do define thim...and no alert :s

//file upload $target = "../uploads/sitefolders/"; $target2 = time(); $target3 = basename( $_FILES['uploaded']['name']); $rel1 = substr($target3, -3); $target = $target . $target2 . "." .$rel1 ; $ok=1;//This is our size condition if ($uploaded_size > 350000) { echo "Your file is too large.<br>"; $ok=0; }//This is our limit file type condition elseif ($uploaded_type =="text/php") { echo "No PHP files<br>"; $ok=0; }//Here we check that $ok was not set to 0 by an error elseif ($ok==0) { echo "Sorry your file was not uploaded"; }//If everything is ok we try to upload itelse{ if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) { ?> <script>alert("okk");</script> <?php // echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded"; //header("location:index.php"); } else { echo "Sorry, there was a problem uploading your file."; }} can u tell me what the problem ?

but if someone else (moderator for example), in mistake added the extra quote ?....i need to protect this :S...for example:if the $_GET us a number...i use (int) before...and the extra quote has no effects on the url and the php codes...so i need to protect strings to

if($act=="edit"){$folderid = (int)$_GET["id"];$sql2 = getfolderbyId();if ($result2 = $mysqli->prepare($sql2)){$result2->bind_param("i",$folderid);$result2->execute();$result2->store_result();$rowsZ2 = $result2->num_rows;}if($rowsZ2>0){$row2 = fetch($result2);}$foldername = $row2[0]["fold_name"];$foldpath = $row2[0]["fold_path"];$foldpic = $row2[0]["fold_pic"];}if($act=="add"){$foldername="";$foldpath="";$foldpic="";}

this is my code: $act = array('add', 'edit', 'delete');if (isset($_GET['act']) && (in_array($_GET['act'], $act))){ $act = $mysqli->real_escape_string($_GET["act"]);} and the problem is : ( ! ) Notice: Undefined variable: foldpath in C:\wamp\www\ishort\folders\form.php on line 96 this problem is only when i write the url: form.php?act=add'but if: form.php?act=addthere is no problems

yes!....when i write ( ' ) after the urlli get undefined variables.... because off: act=add moved to be: act=add'so ... add' .. is undefined

there is act in the url....but adter:act=addif i add a quote ("),like this:act=add'its not work!...i did the check (isset)

hi guys,i have this link:xxxxxxx.com/form.php?act=addhow do i protect the $_GET["act"]; ?i tryed:$mysqli->real_escape_string($_GET["act"]);and when i write:xxxxxxx.com/form.php?act=add""""there is problems in the page....i tryed too:mysql_real_escape_string($_GET["act"]);and there is php errors...variables undefined....how can i protect $_GET["act"]?

ok, this is: my query run: $sqlm = getPageById(); if ($resultm = $mysqli->prepare($sqlm)) { $mypageid = 216; $resultm -> bind_param("i",$mypageid); $resultm->execute(); $resultm->store_result(); $rowsm = $resultm->num_rows; } if($rowsm > 0) { $rowm = fetch($resultm); $pagetitle = $mysqli->real_escape_string($rowm[0]["page_title"]); $pageContent = $rowm[0]["page_content"]; $pageurlname = $mysqli->real_escape_string($rowm[0]["page_name_url"]); } the query: function getPageById() { $sqlStr = "select * from tbl_pages where page_id = ?"; return $sqlStr; } this is my $_POST: $mysqli->real_escape_string ($_POST["page_content"]); this is my "echo": $pageContent = $rowm[0]["page_content"];

no results :S birbal i didnt understand you,what do you mean ?

Hi guys , i have a problem with mysqli: i am using a ckeditor....and my database is mysqli using!....now.. in every time i update the row..the ckeditor adding:\\r\\n..for example:upd1:\\r\\nupd2:\\r\\n\\r\\nupd3:\\r\\n\\r\\n\\r\\n ex...... i am using: [/size][/font]$mysqli->real_escape_string($row["content_in_ckeditor"]); .. and without clean results :S

mm...ok thanks i succeed