Search results

It doesn't take a special script to prevent injection. Use prepared statements. MySQLi has them, though I'd recommend PDO over MySQLi as it has additional features and is easier to use. It's also the designated successor.

The more you put it off, the more work you'll have to do. You can support both URL formats, using an external redirect from the old to the new. RewriteRule ^/?forum:topic=([0-9]+-.*) /forum/thread/$1 [R=301] As long as any links using the old format exist, on your site or others, you'll need...

Note that in your example URL (mysite.com/forum:topic=1-Topic-Title-Here&p=2), the "p=2" is in the path, not the query string, because there is no question mark preceding it. Is that intentional? The simplest approach would be to (properly?) place the "p" parameter in the query string, rather...

I'd give slightly different advice about positional parameters. A positional parameter is fine if a statement has only one parameter and will only ever have one parameter. Multiple positional parameters are also fine if the statement is programmatically generated and executed, such as for an...

You use them for different purposes, but they are the same statement: SELECT * FROM members WHERE username=:username SELECT * FROM members WHERE username=:username If you execute $memberQuery->queryString === $memberQuery1->queryString, the result will be true. You don't need $memberQuery1...

You can check it directly using telnet. Send an HTTP request, making sure to include the Host and Accept-Encoding headers, and examine the response. You should be doing this anyway as you develop the script. As it says in my sig, any code I post is an example rather than a solution simply to be...

In addition to descalzo's questions: $memberQuery and $memberQuery1 are the same statement. Why have both? When you execute $memberQuery1, $username doesn't appear to be defined. Only one file should contain sensitive information, such as database credentials. Otherwise it becomes much...

We need someone with knowledge of the server setup & config to weigh in. Encrypted FTP connections are problematic for firewalls and NATs, as they can't snoop on PORT commands and PASV command responses, which they need to do to figure out which ports to open and forward. It could be that adding...

See the X10 wiki articles on MySQL Connection Errors and creating a MySQL database and user for more.

mod_gzip and mod_deflate are not currently loaded on the free hosts. Instead, you can pass the files you wish to compress through a script. For example: <IfModule !mod_gzip.c> RewriteCond %{HTTP:Accept-Encoding} (^|,)gzip|deflate(,|$) RewriteCond %{REQUEST_FILENAME} -f...

When it comes to the phpMyAdmin that's installed as part of cPanel, only the cPanel user credentials should work. The DB users you create in cPanel are to be used by code on the live site, not with phpMyAdmin. If you're experiencing connection errors, see the X10 wiki article MySQL Connection...

Regardless of whether your site is unsuspended or not, if you're doing development it's far easier to use your own computer as a development computer. Install something like XAMPP, WampServer (for Windows) or MAMP (for OS X). You'll have greater control and access, and can install useful plugins...

Note that content scrapers are against the terms of service. If you do this on a free host, your site will be suspended. Depending on how the site is presented, it could also potentially be viewed as fishing, which is not only a suspendable offense but one covered by the zero tolerance policy...

The problem isn't within the CSS you've posted, it's the padding you've assigned for .track_name p, which pushes the second paragraph element out of the .track_name element. For situations like this, you should be using absolute positioning .track_name { position: relative; font-size...

There is too much over-helping in this thread.

If you declare a variable within a function when a global variable with the same name is also declared, the local variable hides the global within the function. You can still access the global as a property of the global object, which is window in browsers (not that you'd need to in this case)...

As Cybrax has already mentioned, use a file extension of "php" rather than "html", though that's the least of it. The rest is by far to big a topic to cover in a thread. See also: PHP tutorial that is security-, accuracy- and maintainability-conscious? 40+ Invaluable PHP Tutorials and...

Since you've only got one XHR object, only one AJAX request can be active at any one time. This is one reason why globals are bad. Move the declaration of ajaxDownrate into the definition of ajaxDownrateCall so that each invocation gets its own XHR. Either do the same with downStateChanged, or...

readfile will output the contents of a file without processing it as PHP. My tests indicate readfile is about twice as fast as include on a file with no PHP. It's only about 0.0241 ms/KiB for include, compared to 0.0123 ms/KiB for readfile. In short, the penalty for using include over readfile...

What code do you have so far? jqGrids can take XML or JSON data, so simply store that using jStorage.set, then fetch with jStorage.get when you need it. What, exactly, is the difficulty?