requinix

Nope. The image has to come from, or through, your server. You know Google has an image search, right? I can give the URL of an image and it'll find the places where it's used. So even hiding the URL perfectly like you're doing now can be defeated.

If you're saying that $method, $banana, $apple, and $pear are parameters of fruit() like function fruit($method, $banana, $apple, $pear) then you'll need reflection. What matters when calling a function is the order of the arguments, not what parameters you're trying to fill. Use reflection to grab the list of parameters of the function and, in order, build up an array of the arguments you have. Be wary of optional parameters and type hinting. Once you've got your array you can use call_user_func_array.

That lone } bothers me. Did you post your exact script? The whole thing?

You cannot hide the URL of an image from the user. It is impossible. What you can do is give the URL to an "image" on your server which then outputs the appropriate image. Note I said output, not redirect. That's the same thing you're doing now. And you should know that base-64 encoding is really, really easy to identify. What you're doing is trivial to unravel.

Also make sure there is absolutely nothing before the opening <?php. No whitespace, no HTML, no BOM as scootstah pointed out, nothing.

Yes, but I can barely tell what the problem is. Your ISP says your computer has a problem? Something wrong with a configuration?

I'm quite sure you can go with string comparisons: WHERE thename < 'A' OR (thename >= '[' AND thename < 'a') OR thename >= '{' [ and { being the characters immediately after Z and z respectively. What would be nice is if you had a column just for the first letter (always in upper- or lowercase), then it'd be really easy: WHERE thename BETWEEN 'A' AND 'Z' /* letters */ WHERE thename NOT BETWEEN 'A' AND 'Z' /* not letters */

If you want this to protect you against actual (D)DoS attacks then doing it in PHP code is too late in the process. It should be dealt with as early as possible, like a network hub or your firewall. The webserver itself at the latest. Doing it in code will not be very effective because of all the resources it will take just to fire up your script. If, on the other hand, you just have some simple thing granting access to some simple resource (like an uploaded file) then I have a question: limit requests per IP how? One request from anybody per two seconds? Hope you have a really good reason for that. One request per IP per two seconds? Using session like you are is pretty close to that already, and arguably a better choice than actually limiting by the IP address. Something else?

You've created an infinite loop: paste.php also matches the pattern, thus it'll be rewritten to itself over and over again. Your rewriting should only affect things that don't exist. RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^([^/]+)$ /paste.php?pasteid=$1 Note that I changed the * to a + because there must be something there to match against. I also removed the NC because it doesn't change anything. While you're at it, consider making the pattern more specific. Will your "pasteid"s only contain letters and numbers? If you know their exact makeup then you should limit the pattern to only match that.

Well, there's a fairly simple question you have to ask yourself: how do you know whether the visitor is a bot? Because the user-agent string contains the word "bot"? Use that to make sure your block is restricted to bots, but at the same time you have to allow the bots you do want. A structure like # if it's not a bot then skip the following rule #RewriteCond they're *not* a bot RewriteRule ^ - [s=1] RewriteCond %{HTTP_USER_AGENT} good-bot [OR] RewriteCond %{HTTP_USER_AGENT} good-bot [OR] # etc RewriteRule ^ - [F,L]

Probably because your rewriting is doing the opposite of what you said. It will 403 block all of those bots and let the rest through.

Put random garbage in the .htaccess and browse your site. Do you get 500 errors on every page?

Pass-by-reference works on variables, not their values. The variable itself is what's being passed around. Think of it as "pass-by-variable". If you're thinking of the PHP 4.x behavior where objects weren't themselves references (and thus passed-by-value, ie, copied) then yes, that's deprecated since the object model rewrite in 5.0: you don't need pass-by-reference to keep object references.

Even if the script is at /process.php it still needs to know whether to update or something else. If you're still passing that in the URL like www.example.com/process.php?update then all you need* in /process.php is The real script will still have $_GET and $_POST like it normally would. But a question: how about just moving the file? Does it really need to be in two places? * Probably. There are a few reasons why you might need something else.

The connection probably isn't being closed once all the data has been sent. What is this stream?

As for the question of copying the file in the new form, you can't. I'd advise you to make the user upload the file again, or else make the file upload a separate part of the process which the user will only reach once the rest of the form is complete and valid. If this were necessary you'd have to store the file someplace temporarily (making sure to clean up unused files after a file) and securely (so people can't just see whatever files are there), uniquely identify the file in a hidden form field (because you can't make the user upload a file without them taking some action) and also securely (don't want people fiddling with the input to make your script think it should be the wrong file), then fetch and delete that file when the form is complete, or delete it if they upload a new file with the new form (assuming you're designing a UI nice enough to allow that).

The solution is an array, not variable variables. $sumQuarter = array( 1 => 121, 2 => 223 );

You're a little vague on the details but the solution may be as simple as an OL. Line 1 Line 2 Line 3

Call-time pass-by-reference is deprecated. That means you can't some_func(&$var); Regular pass-by-reference, like your code demonstrates, is still perfectly fine.

I was just pointing out the one issue with Barand's code that may or may not be an issue for you: it actually looks for the word "Array" in the output. But if your arrays consist of just numbers (and arrays) then it may be quite an effective, if unusual, solution.

count_arrays(array("Array")); So I guess we're counting how many items are arrays? return count(array_filter($arr, "is_array"));

No, there's another difference: You're calling loadhtml(). Lowercase. Function names are case-sensitive.

I'm not sure what you're trying to do, and the code you have doesn't help at all (why you're using an object, what that each() in arrayCount() is supposed to be for, why you use func_get_arg(0) in the constructor when you could just use a normal parameter...), so I'll just throw out $counts = array_map("count", $a1);

Have you done any debugging yet? Printed out values and made sure they're right? Made sure your php.ini has error_reporting = -1 display_errors = on and looked for error messages?

So can you post the code you have right now, then? What I assume you have seems right: make sure your php.ini is right for a development environment with error_reporting = -1 display_errors = on and make sure you're getting some sort of error message that we can work with.