Minimeallolla

yes but i think i got the directory wrong or something its in /profiles/profileinfo/$username.info.php

theres no input? its all output?

why are you downloading about.html ? you are trying to view the html not download it right?

the files are created upon registration. just i get this error.. Warning: include(1) [function.include]: failed to open stream: No such file or directory in /home/bob/public_html/mysite/profiles/write.php on line 129 Warning: include(1) [function.include]: failed to open stream: No such file or directory in /home/bob/public_html/mysite/profiles/write.php on line 129 Warning: include() [function.include]: Failed opening '1' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/bob/public_html/mysite/profiles/write.php on line 129 $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) $filename = "/home/bob/public_html/mysite/profiles/profileinfo/$username.info.php" or exit("Unable to open file!"); $handle = fopen($filename, 'w')or die; $content = "<b>Firstname: </b>$firstname <br> <b> Lastname: </b> $lastname <p> <b> Birthday: </b>$day $month $year <br> <b> Location: </b> $location"; fwrite($handle, $content)or die; fclose($handle); } $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) include ("/home/bob/public_html/mysite/profiles/profileinfo/$username.info.php")or die;

It has a nice layout and is informative. All you need a website to be, graphics are just a bonous. good job on the site although better graphics wouldn't hurt..

Well it's nowhere near advanced enough for a gaming community or a gaming forum?

mmm it is 3:13am and i really cannot be bothered to fix that, for now anyways.. ill fix it when im rested and well anything i should add. i feel the site is too blank.

It looks great. I also agree, lots of information, but that isn't always a bad thing. overall: good job!

Well it is 3am and i get no traffic at all only upon request. This site isn't a real legit one, just a free hosting practice one for more experience I guess. So any ideas or feedback on what I should add or edit?

Dan: you must have got me when I was just experimenting with random stuff. I can assure you the comment thing does work and the background is set as one throughout the whole site. I do need advice one what background to have. I'm no good with backgrounds >.< I also didn't want to add a verification email because it would annoy people and from experience I haven't gone through with some sites because I simply could not be bothered to check my emails.

ok fixed. anything else?

Everything looks great. Nice work I personally would never visit a site like this, simply because I would have no need for it. Many people are after entertaining or eye catching, fun sites. To me drawing graphs through algorithms is just simply not fun at all. Great work though.

Thanks heaps nano, btw, do you have any suggestions for the background? and dan: which file? login or register?

http://www.mysite.giacjr.dino-hosting.net/index.php I also need a sole purpose. idk leave feedback. first website. not really advanced at html or php but im aiming to gain knowledge. please be sure to register and log in.

when i comment and reresh it resends the comment so i have done 2 comments and continues if i keep refreshing and just multiplies. how can i stop the fetch or while loop. <?php $query = ("SELECT * FROM homecomments"); $result = mysql_query($query); while($row = mysql_fetch_assoc($result)) { echo "<b>"; echo $row['username'] . "</b>: <Br> "; echo htmlentities($row['comment'], ENT_QUOTES, "UTF-8"); echo "<p>"; } ?> thats my echo comment code. would it ahve anything to do with that?

hmm it was an error because i entered a sql code as a registered name. i want to block the sql codes and make it come up with invalid characters instead of a sql error.

didnt i say i solved the error but doing ' instead of " sorry if i didnt but i thought i did \=

yes.. i was just telling you what i wanted the code to do?

yes, thats what im trying to block out. im trying to maximise sql injection protection. i want the username "');DROP TABLE users" to come up as invalid characters so the hacker feels defeated lol

well i edited it abit if($_POST['username'] != preg_replace('/[^a-zA-Z0-9\s]/', '', $_POST['username'])) { die('Invalid characters <a href="register.php">Please try again.'); }else{ echo "Username valid."; }

hmm ok i changedc it to ' instead of " and i registered under -=][\[';/. or something along those lines and it came up with You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near './.'' at line 1 hmm i wanted to make it say username invalid, instead of that.. =\

well it saysa Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING on that line sol \= could you help me find it?

if($_POST['username'] != preg_replace("/[^a-zA-Z0-9\s]/", "", $_POST['username'])) {

i replaced them all with " and thats what i got \=

” they are magic quotes but which ones