i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any help greatly appreciated. thanks. derek
Code: <?php
include("connect1.php");
session_start(); // this is the session declaration , one per page.
$u = trim($_POST['username']);
$p = trim($_POST['password']);
$logoff = $_GET['logoff'];
$hack = $_GET['hack'];
if($logoff){
unset($_SESSION['userid']);
//session_destroy(); //commented out gets rid of the having to login twice.
$message = "You have been logged off";
}
if($hack){
$message = "Naughty Naughty!"; // COOL
}
// escape username and password for use in SQL
$u = mysql_real_escape_string($u);
$p = mysql_real_escape_string($p);
// if fields username and password have contents, then...
if($u && $p){
$query = mysql_query("SELECT * FROM table2 WHERE username = '$u' AND password = '$p'");
$result = mysql_fetch_array($query); //creates array called result,//notice we dont need a while loop here.
if($result['username']){
$message = "You have been logged in";
$_SESSION['userid'] = $result['username'];
header("Location:old.mainsite.php");
exit;
}else{
$message = "You do not exist on the system";
}
}
?>
need help in dynamic select menu in php
hi i have created a dynamic select menu using php. i have a problem in that which is when the user select any value in that menu and press submit then it does not pass to next page.my code is
file_put_contents and createimagefromjpeg
All,I do somethings and then I have the following code:file_put_contents('./test/'.$filename,$attachment_raw); //Give full path to $filenameI then do:$im = imagecreatefromjpeg($path_to_image_directory
problems with php variables in mysql query
i can't seem to get the following query to work. select $q1c from $vote_rate where id = $recent_record LIMIT 0,1 ;this method did not work eitherselect .$q1c. from .$vote_rare. where id =
How to convert this array to string
I am having problems converting this array to a stringusing print_r($val[1]); I get: Code: [Select]Array( [0] => Array ( [name] => John ) [1] =>
Code Help.. If txt input box empty search X instead..
I am having a problem with my search script. At current it will simply search by a selected date which is a java based calendar that displays when using id='datedisplay' in the input form field below.
function to return url
Hi,Can you guys help me giving a function that takes all the contents in a particular field and returns text and url seperately...For instance,Go:here is the linkwww.google.comit takes all the
New to Arrays
Hi I am new to PHP (a week and a half now) and I am just beginning to read about arrays. I understand simple arrays, associative arrays, and multidimensional arrays also. The book I am reading
Combining Two Queries
I have two scripts that each work fine by themselves. One is a search script with a variable that depends on what people search for. That will display results, but they are in a single column. I want
Take info from one coloum and move to another
Hi all,I have this:Code: [Select]$array = "SELECT stock_id FROM stocks WHERE stock_id BETWEEN '1' and '5' ";$res = mysql_query($array);$count = 0;while ($row = mysql_fetch_assoc($res)){ if
Executing an exe
Hi. I have some bizarre problem with exec (other any other method) to launch exe's. I am making a game server booking system and the part that is not working is the one with the launching the server
