Search results

Users shouldn't be made to pay for Microsoft's failings. You'll also alienate the majority of users who don't understand the issues and technologies and who will blame you for any problems with the site. It's entirely possible to create great looking, flexible designs that follow best...

I was too terse in my first post. The typo is causing the problem, preventing the file from being uploaded. Correct it and the script will work.

Typo: you set the enctpye, rather than enctype, attribute on the form. Also, sanitize your form input. As it stands, a malicious user could inject arbitrary SQL. The handling of file input should be safe as is.

That should work. Apache will send any file with an .html extension as text/html, which IE can handle. Other browsers will handle xhtml served as text/html without problem (though they may handle the page as HTML, rather than XHTML). An alternative is to use a <meta> tag to set the content...

It's a matter of MIME type. IE (even version 8) doesn't understand the "application/xhtml+xml" MIME type. You can serve XHTML 1.0 as "text/html", which IE will understand. XHTML 1.1 must be served as "application/xhtml+xml". Currently, HTML 4.01 strict has the most browser support, followed...

It can, if you use output buffering. The more accurate (and helpful) rule is that header() will fail if any part of the response body (as opposed to headers) has been printed.

In addition to garrettroyce's advice on syntax and table design, there are two security points that should be addressed. Make sure $pass and $user have been sanitized (so that little Robert'; DROP TABLE off_auth;-- won't cause problems when he registers for your site). off_auth.passcode should...

Put the sensitive information in a script with little else (that way, it will rarely be updated). Setting that script to mode 600 to prevent other local users from reading it is, indeed, a good idea. A greater security risk comes from user input. You should sanitize all user input to...

Every file with a PHP extension will be passed through the first registered handler before being sent to the client. This means that there's no way for a visitor to view a .php file by accessing it directly when PHP is registered as the handler for .php files. If PHP isn't registered, then PHP...

It's partially a matter of definitions. "Embedding PHP" means a PHP can be placed in a document of another (formal) language (the "host" language). Also, you've never explicitly stated the rule. If your rule is (A) "PHP can be embedded in HTML," then header() is not an exception (according to...

To best deal with script errors, run the script on a development server of your own. Alternatively, use CGI::Carp to send errors to the browser. Only use CGI::Carp during development. As you might accidentally leave it enabled in a script, the better approach is using a development server...

Make sure your script prints an appropriate "Content-type" header before anything else. When asking about code, you should post a minimal test case. It's very hard to answer questions about code sight unseen.

No. Having content output before trying to call header() doesn't affect embedding (the embedded PHP code is still interpreted by PHP), it just causes the function call to fail.

Once you've installed Perl on you own computer, you can use the Perl debugger, the ptkdb package or try an IDE (Open Perl IDE is open source).

@OP: posting all of the source could be quite a bit of code to wade through. Better to post a minimal test case. For other posting guidelines, read "How To Ask Questions The Smart Way". For more information on cross browser coding and browser bugs. Quirksmode and Position Is Everything...

As xav0989 wrote, always state the error message. If you mean you're getting redirected to "settings.php?uspjeh", then you know what's happening: the if ($user_name == ($_SESSION['user'])) test is failing. (Minor issue: the parentheses around $_SESSION['user'] in the test are unnecessary and...

header() isn't an exception to anything. Headers set by header() are HTTP headers and need to be sent before content. Once you output the response body, there's no way to print any more headers, which is why headers() will complain. Output buffering will let you store output without sending...

Other useful predefined variables: $_REQUEST: contains data from $_GET, $_POST and $_COOKIE. $_SERVER: Server information. Includes variables from the CGI spec. $_FILES: Information about files uploaded via an <input type="file"> element. See the PHP manual for more predefined...

Debugging lesson: in a case like this, the PHP script isn't sending a message indicating success, the Flash form isn't processing the received message properly or the flash form isn't displaying the right frame. It's not likely the first case, but you should still test all possibilities in...

Does he really need a flash form or does he just want one? Wanting a flash form merely because it looks good (if that's why he wants one) is a poor reason. Talk to him about usability and accessibility, which are much more important than visual impact when it comes to forms. In any case...