When I send ");-- from an input field to my localhost PHP server, it AUTOMATICALLY converts it to \");-- It seems great, except that I don't know how trustworthy this behavior is. Although it seems to avoid SQL injections, my development environment is not the same as the production environment and I'm afraid that the production en...
Hi! I need to sort a multi-dimensional array which represents filesystem structure: Array ( [dir1] => Array ( [dir2] => Array ( [dir3] => Array ( [dir4] => Array ( ...
I have the following function and its always returning false. It does not even try to execute the statement, I know because I changed the $query = "aldfjaf lkjfsk" and it did not return an error for me. Any suggestions? class Mysql { private $conn; function __construct() { $this->conn = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB...
I want to pass a variable set by the user to the setcookie function. I would like to let user change the color of some parts of website. so far the information about color is sent to server with $_SESSION['colorcode'] and I would like to add it to setcookie as well so when the user logs in to the site next time, his/her color is there. ...
I am trying to learn PHP5 and am having a couple of problems with it. I am working with prepared statements and am trying to run the following code: <?php require_once 'includes/config.php'; $conn = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME) or die('There was a problem connecting to the database.'); $query = "SELECT * FROM...
Im looking to improve the search in one of my applications, where I sue regular fulltext searching, which isn't too bad, but Im looking to add some more complex behaviors, such as typo recognition and better relevancy. Are there any solutions out there that can be integrated into an existing application? Im looking to search several tab...
Hey, i have an error being drawn with this code: <?php include "config.inc.php"; mysql_query($addClient) or die(mysql_error()); $sth = mysql_query( sprintf( "SELECT c_id,p_id,p_title FROM projects WHERE c_id = %s", mysql_real_escape_string($_GET['id']) ) ); $projects = array(); while($r...
I'm having some major problems trying to get a "?" inside of hrefs that are part of my SVG scripts. I want to link to other parts of my website from inside of my SVGs, and most of my pages are dynamic that require $_GET variables to create them on the fly. SVG seems to throw a spaz every time I try to include question marks inside the hr...
Are there video tutorials for PHP with the same caliber as asp.net and windowsclient.net Learn section? ...
Hi, I'm using CURL to import some code. However, in french, all the characters come out funny. For example: Bonjour ... I don't have access to change anything on the imported code. Is there anything I can do my side to fix this? Thanks ...
Is there any way to print a php array in xslt? I'm working with php sessions and trying to print the hole array in the xslt stylesheet. ...
This is probably true for other languages as well. I've created several websites by now, many of which use databases (usually mySQL). I need to store the database password somewhere in the sourcecode, but this seems like a security problem, and a a bit like a hack. Is there a better way to store the password, apart from a config file whi...
I know it's possible, but I can't seem to figure it out. I have a mySQL query that has a couple hundred thousand results. I want to be able to send the results, but it seems the response requires content-length header to start downloading. In phpMyAdmin, if you go to export a database, it starts the download right away, FF just says u...
I am sending AJAX GET-requests to a PHP application and would like to cache the request returns for later use. Since I am using GET this should be possible because different requests request different URLs (e.g. getHTML.php?page=2 and getHTML.php?page=5). What headers do I need to declare in the PHP-application to make the clients brow...
with PHP optional parameters, if you don't send a parameter it will be assigned to a default value: public function getCustomer(id, optionalMessage = "(no message)") { ... } in C# I generally solve this with C# method overloading, e.g.: public void GetCustomer(int id) { ... } public void GetCustomer(int id, string optional...
On my site I have a simple login form. The page is served via HTTP, but the form's POST URL is HTTPS. The normal method is that the user fills in their username/password, the form is submitted (to the fully qualified HTTPS URL, on the same site), and then the POST processing does a 303 redirect to the users' homepage. But sometimes this...
Hello folks. Last week a released a 2.0 beta version of my Events Manager plugin, which produces a list of events. Among the many bugs floating around, there is one I cannot fix. The bug seems to manifest itself only on a tester's server with PHP 4.4.8; works allright on PHP 5. When I try to use the H:i php time format, I always get midn...
I have a form which I would like to store the values of in a cookie so the user doesn't have to re-enter the form every visit. (The form is a few selects to filter search results.) I would like for the cookie serialization to easily be readable from javascript (obviously to set the form onLoad), but I'd also like to be able to read the ...
I recently had a security audit run against one of the sites I work on. This was done with the Acunetix Web Vulnerability Scanner. This came back with a bunch of results that I'm sorting through. A lot of hits on XSS came up, but I'm not sure if they are false positives or not. Code such as: if(isset($_GET['variableNameX'])) $var_...
I am switching from plain mysql in php to PDO and I have noticed that the common way to test for errors is using a try / catch combination instead of if / else combinations. What is the advantage of that method, can I use one try / catch block instead of several nested if / else blocks to handle all errors for the different steps (conne...