ManiacDan

Yeah...sorry, I can't tell what you want here. Maybe you could research the implode function.

md5 and sha1 are not suggested for password hashing anymore. The crypt() function should be used.

mysql_query returns false when the query fails. mysql_fetch_array expects a mysql resource, and will throw this error when it receives a false. Your query is wrong. Look at the line above the error. That query is missing a field list.

The sentence above that picture makes absolutely no sense. Please reword it.

You are seeing the string \n. The string \n is not a newline, it's the string \n. That's the problem. The Little Guy just said it up there but I wanted to make it clear: $a = "\n"; //$a is now a NEWLINE $a = '\n'; //$a is now THE STRING \n You have the string \n scattered throughout your entries. You need to do my #2 above and replace the string \n with the newline character, commonly represented in interpolated strings as \n. Yes, it's confusing. Welcome to computer science. -Dan

This topic has been moved to PHP Freelancing. http://www.phpfreaks.com/forums/index.php?topic=346654.0

Ok there's a couple things here... 1) /n is not a special character. If you have something that's giving you /n instead of an actual newline (\n), you need to fix that. 2) If you already have a lot of /n characters in your database, write a script to str_replace /n for \n 3) Once you fix 1 and perform 2, nl2br will begin working. -Dan

Welcome to the forums (sort of). Please note that we cannot answer questions this vague. Explain the situation you're in, the problem you've encountered, the steps you've attempted in order to fix it, and why you believe those steps did not work.

If you're starting from scratch, use sha1() with a salt. Your encrypted password should be sha1($password . 'someReallyLongRandomStringYouComeUpWithYourself'). Keep the random string secret. It prevents your code from being vulnerable to rainbow table attacks.

$headers = "From:" . $from; //$headers is now "From: somebody@somedomain.com" $headers = "Cc:" . $Cc; //$headers is now "Cc: somebodyElse@someOtherDomain.com" $headers = 'MIME-Version: 1.0' . "\r\n"; //$headers is now "MIME-Version: 1.0" You're over-writing headers every time. The concatenation operator (.=) allows you to APPEND headers (though note that \r\n needs to be at the end of every line of the headers). -Dan

Right, because you need to do the JOIN right in the update, not with a subquery.

Echo, print, printf, and various other output functions count as "output." You also cannot have anything outside of PHP tags. If your page begins with a single space before the <?php tag, then it will fail to use a header. Similarly, if you include a file with a single space after the closing ?>, it will fail. The error messages you're pasting contain a file and line number. That's VERY easy to figure out. Go to that file. Go to that line. Fix that. You cannot output anything on any page if you're going to be using a header redirect. You're using md5 on your passwords now. 2 things: 1) use sha1, it's better 2) You need to update your database so the passwords in the DB are also hashed the same way.

JOIN conditions are allowed in an UPDATE.

1) Don't bump, it's against the rules. 2) ereg is deprecated, preg is better. 3) preg can be used to see if the fileNAME ends in a specific three-letter combination, but that doesn't mean anything. All imgur posts are .jpg regardless of their actual filetype.

1) Magic quotes is a php.ini setting that randomly sticks backslashes into your strings if they have single quotes or other special characters. It's a VERY old method of SORT OF protecting against SQL injection. If your php.ini has it on, turn it off. 2) Your login page snippet is now correct, though there's no reason to be using the output buffering code probably. ob_end_clean is not usually necessary, but I don't know what the rest of your code is using. 3) Your landing page suffers from the same problems as your first page did. session_is_registered(fusername) should be replaced with isset( $_SESSION['fusername'] ). Die after a header. Etc. 4) Still, view your source to see the full output. It's possible your server doesn't even know what PHP is and all of this is a wasted exercise.

1) $_SESSION is in all caps. 2) Session_register (and related functions) are deprecated and should not be used. Read the manual page on sessions for modern syntax 3) Don't post your database password in public. 4) Your use of stripslashes leads me to believe you're using magic_quotes. This is also deprecated and should be removed immediately. 5) you must die() immediately after header calls. 6) There is a space after the colon in a header redirect, and Location is capitalized. 7) View the SOURCE of a page to see the complete output. Always store passwords encrypted with a salted one-way hash in the database. Never store them "plain" like this. 9) This is clearly copied and pasted from a tutorial. Stop using that tutorial right now, it appears to be 5-6 years old. -Dan

If someone steals your code, they'll be able to simply highlight this tracking code and press backspace. You can protect your code with ioncube or something. However, note that people don't break into your server to steal your mediocre PHP code. You said it yourself that you're not that skilled. If someone were to break into your server, they'd steal your passwords and (fsm forbid) any credit card numbers you were storing. They don't want your code. Protection code of the type you're talking about is generally included with commercial code that's actually for sale. -Dan

Almost all of this was wrong. Fixed version below. You will have to actually learn JavaScript/HTML to continue. Read that, please. Your syntax was incorrect, this was not valid HTML and was not valid JavaScript. <html> <head> <script type="text/javascript"> function addSmiley(a) { document.getElementById('message').value = document.getElementById('message').value + a; document.fgetElementById('message').focus(); } </script> </head> <body> <form action='registration.php' method='post'> Your message:<br><textarea id="message" name='message' cols='40' rows='2'></textarea><br> <a href="#" onClick="addSmiley(':-)')">:-)</a> <a href="#" onClick="addSmiley(';-)')">;-)</a> <a href="#" onClick="addSmiley(':-(')">:-(</a> <a href="#" onClick="addSmiley(':-P')">:-P</a> <input type='submit' name='submit' value='Set Name'></form> <br> <br> </body> </html>

I'm afraid you don't speak enough English (or javascript, for that matter) to receive much help on this forum. Your JS is still incorrect. Lines should end in semicolons.

So you learned PHP but you don't have any professional experience in it. I would suggest doing a personal project without a framework first. That way, if you get a job that uses a different framework (symfony is very popular, for instance) then you won't be completely lost.

Remove all the +"\n" from your javascript. Also, use a javascript debugger. EVERY modern browser has one either built-in or readily available. -Dan

1) What version of PHP do you have experience in? If you've never programmed in PHP5, then yes the experience is significantly different. 2) Zend Framework has its own syntax, quirks, and learning curve. It's similar to learning a whole new language, but only roughly half as difficult. -Dan

That's exactly what I suggested, good work.

1) you are only printing the row if the date is higher than today's date. 2) <tr background-color: #CC9999;> That is invalid HTML. The style information should be inside a style attribute, or in a CSS class.

What have you tried so far? MySQL's IF/THEN construct is very robust.