requinix

Create some sort of method which can set variables on an object, then in your User code call that method by passing the values from the database and itself as arguments. If you were to create a base "database object model" class and extend User from it, you can make the method protected and only require the array of values. $data = $this->db->find_by_id($table_name, $id); $this->set_variables($data); // method defined in the parent classKeep the "get data" and "set values on an object" functionality separate - don't adapt find_by_id() and such to set the values immediately.

The only part of your "encryption" algorithm that could possibly mean anything is the mcrypt_encrypt() stuff. base64_encode() and str_replace() don't make it more secure.

If you can guarantee that all sentences start with capital letters and that periods only occur at the end of sentences,

I'm not going to fix it for you. That line of code I posted. Use that to get values for the variables you want instead of that foreach loop.

Ah, for pair_id=2. Do an outer join and filter to rows where the second table does not have a corresponding row. SELECT whatever fields FROM appointments AS a LEFT JOIN google_calendar AS gc ON a.id = gc.appointment_id WHERE gc.pair_id IS NULL AND probably other stuff

It makes sense but I don't see how it's supposed to return 2 and 3: they're both in that google_calendar table. All three appointments are.

In both cases you are redirected to the index page. You wouldn't notice a difference because they do the same thing.

CALs apply to the server. You don't actually "install" the CALs anywhere - it's an honor system. Should anyone come knocking, the receipt and keys are the proof that you're licensed. The exception is (apparently) with Remote Desktop Services, where the installation process does care about licensing and will prompt you for CAL keys. Installing Server 2008 User CALS How to install/manage User-CAL licences on Windows 2008 server? Install Remote Desktop Services Client Access Licenses

Yes. Six computers, six operating systems. The Server license is just about making sure you're paying enough for the amount of usage you're getting out of the server: wouldn't be fair to pay for 5 CALs if you use the server in a company with hundreds of users, right?

For the worse. It's supposed to be <?php and not .

foreach ($_POST as $campo => $valor) { $$campo = addslashes(stripcslashes($valor)); }No. That is bad. Stop it. For all the variables (like media) you want to use coming from $_POST, // variable = (isset($_POST["form field"]) ? $_POST["form field"] : "default value") $media = (isset($_POST["media"]) ? $_POST["media"] : "");

$value comes from the ArrayOfString array and it is an stdClass. The only member of that class is "string" which is also an array. $string = $value->string;Now $string is an array with the five bits of data you want.

What's not working? How is it not working? What says GD is installed? And be sure to post code when you answer those questions.

Actually both of the filenames you had were relative. You can tell because they don't start with a slash (or *:\ for Windows). That ../ matters because you're changing the path to the file. It's as if you had $address = "221B Baker Street"; $address = "21B Baker Street";Only one of them will get you where you want to go.

If there's a chance the value might not be safe for HTML then yes, you need to escape it. But only escape the unsafe values themselves - if you try to escape your entire string then you'll be escaping the parts too. $fName = htmlspecialchars($user->user_firstname, ENT_QUOTES, 'UTF-8'); // [1] $lName = htmlspecialchars($user->user_lastname, ENT_QUOTES, 'UTF-8'); $items .= '<li id="user-name" title="Edit my profile"><a href="' . site_url('/something') /* [2] */ . '">' . $fName . ' ' . $lName . '</a></li>'; $logout = htmlspecialchars(__('Logout'), ENT_QUOTES, 'UTF-8'); // [3] $link = '<a href="' . wp_logout_url($redirect) /* [2] */ . '" title="' . $logout . '">' . $logout . '</a>';[1] You should also specify the character encoding.[2] Probably safe. [3] Probably safe for normal HTML, but you're putting it in a title="" so you do need to worry about quotes.

Precision. As in how precisely the 30 minute delay kicks in. As in if I start it at 2:00:00 and it's scheduled for 2:30:00, is it a problem if it executes as late as 2:30:59?

One of those messages will be outputted. If not then there's an error somewhere and your script isn't completely executing.

If you are okay with minute precision (so your thing executes within 60 seconds of when you want it to) then cron is the way to go: record the "something" somewhere, then make a script that executes (via cron) every minute. That script gets all the "somethings" it's supposed to do and does them.

You can use $myquery->num_rows to tell... well, it's exactly what it looks like.

Your code won't do anything if the rowCount() == 0.

I say yes. Using that mechanism is a bad user experience. If you don't care about your users seeing half of a page then go right ahead, but the best way to deal with it is to use some error handling code that will abort the script (if necessary) and output a complete page for the user to look at. Giving short messages like "failed to query database" is bad enough without screwing up your page at the same time.

You will see the MySQL error message (because that's what you do with the or die()). The same thing that would have triggered the else block (mysql_query() returning false) will also trigger the "or die". Using that "or die" is bad. It's okay if you have it while testing your code, but when you're done and your queries work then it should not be there. For one, the error message will reveal information to the user that you really don't want them to know. For two, it completely halts your script preventing you from taking any action such as notifying you of an error or undoing previous actions. For three, die()ing means the user gets, essentially, a big white page of nothing but the error message and that is very user unfriendly. Drop the "or die" entirely. You already have something that deals with the error so there's absolutely no need for it to be there.

Whatever you're using for database access will also be able to tell you the auto_increment number from the INSERT you just made.

Yes. But you need a loop because you don't know how many times you'll have to try until you get a unique number.

I wish I had superpowers. Like reading minds. That would be so useful sometimes.