Sarah

I've turned register_globals OFF. Should I be referencing my form fields by '$_POST['fieldname']' or with the regular variable name such as '$fieldname' ? Or doesn't it matter?

Don't we wish they were all that fast?

never mind. I answered my own question. Thanks anyways!

Bruce- Do i need a special UNIX viewer for the .htaccess file? Do I just add it to the end? Which .htaccess file should I append to, the one in my directory under 'public-html' ? Thanks , as I am trying to turn off mine too.

Erika- Don't forget that just plain old 'mailto:' email links are an invitation to spammers. I'd suggest use the form mail script that was posted to make sure it is secured. Sarah

Hi Erika- I think what they are talkign about is that many TCH clients use PHP and other types of scripts that are used to send email from their websites. TCH wants to make sure you are securing these scripts so that hackers cannot write code that inserts their own mail headers into YOUR function to send THEIR spam. If you havent written any custom code or had anyone else do it for you, I don't think you have anythign to worry about.

Surefire- Thank you so much for your coding suggestions. I was just looking through some of my old posts and realized you helped me with many php problems. Thank you No, I havent been using the $_POST superglobal.. I didn't realize anything about it, but I have my PHP handbook here and I'm going to read about it to make sure I use it correctly. Thanks for the replies and I will try writing some different code based on what you are saying, and make sure I use the global vars. I'll write again when I get something working and let everyone know how I made out. Thank you.

I think these ideas will work since this is just a simple survey and really has no super important information (and the code is not really tracked -it just makes people fill out the survey to 'activate' their discount cards that we give out. The level of security I'm going for here is just light, something that the average user would be deterred. So in the last example, SUREFIRE wrote Does this mean to put this hidden variable in my form processing script and then just check to see if it was set? The code I am showing the user is dynamically generated right on the thankyou.php page based on date and time of day. I don't think the snippet that surefire wrote could be used for that. I'm sorry for not saying that before, It was probably vital. But Instead of just redirecting the user to the thankyou.php page via a header() function, I could probably use the include function. Would I just say : >if (!isset($submit)){ print "you are not authorized to view page etc.."; exit; }else{ include('thankyou.php); //this page would show the secret code } I guess that would work right? However I want the form processing script to kinda be invisible to the user and if this is the case, they would see the address of my script in the browser in the directory, ie. scripts/survey.php. Id rather not show that. Any thoughts on this?

Hello everyone! I am using PHP and doing a simple html form that uses a 'post' method to a PHP script. The script name is 'survey.php'. When the user fills out the required fields and hits 'submit', it goes to survey.php to process the form (which it is just sending results in a simple email). Then it goes to a thankyou.php page for confirmation and shows a special code. My problem is that I don't want a user to just be able to type the thankyou.php page in their browser without submitting the form. I tried using the idea shown on this thread at: http://www.searchengineforums.com/apps/sea...action::thread/ but to no avail. It just keeps printing that it was from a 'GET' instead of a 'POST', even though I am not using a GET. Please provide insight, or maybe i'm doing somethign wrong. Thanks in advance.

Dont forget you can always use the 'print' function to output to the screen to step through loops and make sure code is running where it is supposed to. I don't waste my time on the expensive and confusing debuggers, maybe because I learned without WYSIWYG and I fix without it

Hello again- I read the link that Robert had posted, and I used 'imagecopyresampled' rather than 'imagecopyresized' and it displayed no problem! That's all I needed - thanks so much!!!!! Sarah

Hello everyone- I am making a PHP script that allows for a JPG upload of a 640x480 picture, and will resize it to a thumbnail size and resave the picture on the fly. This is to enable the user to resize the pic without having to use an image editing program. Anyways, I wrote the script that uploads it, and it resaves it as a smaller pic (80x60), but when I open it up to see it, it's lost all of its color! I don't know much about PHP image functions, but maybe someone could tell me what's going on. I'll post some of my code. >//RESIZE IMAGE FOR THUMBNAIL $image = 'uploads/mypicture640x480.jpg'; if (!$max_width) $max_width = 80; if (!$max_height) $max_height = 60; $size = GetImageSize($image); $width = $size[0]; $height = $size[1]; $x_ratio = $max_width / $width; $y_ratio = $max_height / $height; if ( ($width <= $max_width) && ($height <= $max_height) ){ $tn_height = ceil($x_ratio * $height); $tn_width = $max_width; } else{ $tn_width = ceil($y_ratio * $width); $tn_height = $max_height; } $src = ImageCreateFromJPEG($image); $dst = ImageCreate($tn_width,$tn_height); ImageCopyResized($dst,$src,0,0,0,0,$tn_width,$tn_height,$width,$height); //SAVES THE FILE AS A NEW NAME $filename = "uploads/mynew80x60pic.jpg"; ImageJPEG($dst,$filename); header('Content-type: image/jpeg'); ImageJPEG($dst,null,-1); ImageDestroy($src); ImageDestroy($dst); If anyone could provide insight, thatd be great. Thanks!! Sarah

HC - This is custom code that I wrote. I will try and ask the users to tell me what they did to get the error. It seems to happen often, but I can't exactly pinpoint what actually causes the problem.

Good afternoon everyone. I made a content management system in PHP using a mySQL database. I have users that log in and view information based on which office they work at. Well when users (including myself) access different pages, such as just viewing all the data in their table, an error keeps popping up on the screen. It says "error: duplicate entry '(number here)' for key 1". Now I know that there can't be a dup entry because they aren't even trying to update or add anything. And I've checked the db after these errors and nothing is affected. It's just annoying because people will be clicking on menu options to view or add data, and then they get this error. It only seems to happen when there are 2 or more users logged into the system. Is this a locking problem with mySQL? Or could someone tell me what is going on? I can provide details if needed. Thanks. Sarah

Does anyone know if our servers have any support for dynamic PDF file creation using PHP?? I've heard of several classes, but I'm thinking none are installed. How about PDML (portable document markup language)? I'd like to use PHP to create a document dynamically..either into PDF or Word format or something. If anyone has any ideas on what I can use, please let me know. Thank you!

You should just have to go onto your main PHPMyAdmin screen and choose 'export'. Then on the left hand side choose all the tables that you would like exported (or select all). Leave the SQL radio button checked, then leave the 'data' checkbox checked since you want all the data to be backed up.. then choose 'save as file' if you want.. or else don't check save as file and then just copy and paste from the screen. that's all you should have to do.. if you are getting errors, then im not sure.. sorry

msdan - you are trying to export the whole db, or just one table?

Am I allowed to use these on my resume as my own, and put my name as the designer on the sites also?

I designed a website for the company I work for... it's not officially up and running yet but will be soon. I've also designed a custom database-driven app that our company will be using for day-to-day work. That is not officially up and running yet either. My question is: who officially owns these works? I worked on them during my work day and got paid for it, but I dont work for the computer dept at work. If I were to leave the company, either before or after these were put into effect, would I be able to say they are my property, or are they the company's?

Hopefully the family will be able to help me out on this one. It's probably something really simple but I am ripping my hair out over it. PLEASE HELP!!!!!!!!Here's the deal (simplified version of course) I will explain the best I can.... I have 3 tables that I need to join. 1. This table keeps track of customers and just assigns each one a unique ID. CUSTOMERS CustomerID Customer_Name 2. This table keeps track of Type A proposals for a customer via the foreign key (CustomerID). TYPEA A_Proposal_Number A_Date A_Price A_Status CustomerID 3. This table keeps track of Type B proposals for a customer via the foreign key also. TYPEB B_Proposal_Number B_Date B_Price B_Status CustomerID ASSUMPTIONS: A Customer can have a Type A proposal, a Type B proposal, or both A and B. Status on a proposal can either be Open or Sold. I want to print out a report that simply shows the Customer and the corresponding A or B proposal information, but only if they are sold proposals. My problem is that I can print out the information if the customer has only an A proposal, or a B proposal, but if they have one of each, it won't print correctly! Here is my query: >SELECT Customers.Company_Name, TypeA.A_Proposal_Number, TypeA.A_Date, TypeA.A_Price, TypeB.B_Proposal_Number TypeB.B_Date, TypeB.B_Price FROM Customers LEFT JOIN TypeA ON (Customers.CustomerID = TypeA.CustomerID) LEFT JOIN TypeB ON (Customers.CustomerID = TypeB.CustomerID) WHERE (TypeA.A_Status = 'Sold' OR TypeB.B_Status = 'Sold') For instance: I have a customer with a CustomerID of 5 called ABC Technologies that has one sold TypeA proposal numbered A00001 dated 6-1-04 for $100.00 and another customer with an ID of 10 called XYZ Data that has one sold Type B proposal numbered B00002 dated 6-5-04 for $500.00 ------- The result set should come up like this in PHPmyAdmin: A_Date A_Price Company_Name B_Date B_Price -------- --------- ------------------- ---------- ---------- 2004-06-01 100.00 ABC Technologies NULL NULL NULL NULL XYZ Data 2004-06-05 500.00 But like I said before if I have say, ABC Technologies with an A proposal and a B proposal it can't differentiate and doesnt separate them. Can someone PLEASE HELP?????? Thanks so much in advance. (sorry for the long post)

Now, how about a mySQL database backup each day??? at , say 4 am also?? I know you can manually backup the mySQL database from CPanel, but how do you put it into cron jobs? Maybe this is answered in another thread?

Thanks! That worked... Sarah

I would use PHP to make a custom login page, not use Microsoft's HTTP authentication pop-up box. Is that what you would rather do?

Hello all- Was wondering if anyone could help me set up the code in CPanel for a cron job. I want to run a PHP script every Sunday at 4 am. I have no clue how to set this up. Thanks!!! Sarah

Well I just looked through some of my old posts and found this thread: PHP mail() not working! Hopefully that will also help you.. Sarah