requinix

You're mixing mysqli with mysql. Can't do that. Pick one extension and use it. mysqli_real_escape_string

The [type] in $_FILES is not secure. You can't trust it to tell you what type of file was uploaded. For images, use getimagesize() on the [tmp_name]. If it errors then the file isn't a recognizable image, otherwise it'll tell you anything you need to know about it - including the type of image.

You know what? I suspect this is just a one-time thing. It'll be quicker and easier to use a regex: it'll does what you need and will preserve any formatting in the file. Use preg_replace to replace #(\S+)\s+# with $1 (and to anybody watching: yes, I could have used assertions, I just don't use them out of habit) You can use file_get_contents to read the file and file_put_contents to write it back out.

Yeah... Okay, I'll try that again. Removing trailing spaces? "search and locate tags / data to update and modify"? Which tags? What data?

Removing trailing spaces? Do you want to do it with all tags or just certain ones? If the former then a (gasp) regex on the file contents would be easy: >(\S+([ \t]+\S+)*)[ \t]+ Replace with $1. Otherwise pull the XML into memory with SimpleXML (or DOMDocument if you must), search for the tags, trim() the contents, and write the XML back out.

Because you put the redirecting inside the "if the form hasn't been submitted" block.

Don't. Use an array instead.

If it's ALL OPTIONS then don't include it in the query at all.

The way "around" it is to fix it. Move your header() to someplace before line 102, or vice-versa.

The first one is better served as a simple string comparison, though. if ($fn == "." || $fn == "..")

Call in_array() multiple times.

Delve in with strace to see which library call is returning failure and probably its error code - put an exit/die right after the code that fails to limit how much logging you'll have to sift through (leaving the important results near the very bottom). You should be able to get a specific reason for the problem from that.

Your indentation is a bit funky but yes.

Being injured is more important than what team they're on, right? So check for that first.

Namespaces? For kicks try calling \ctype_digit. And then see if the other functions called below work.

phpinfo?

Well you do have a syntax error in there: .append('

And the feed? Is it in UTF-8 too?

explode() for simple string delimiters, preg_split() if you need regular expressions.

What character encoding is the feed in and what encoding is your site in?

What would be even easier is to use date_default_timezone_set. date_default_timezone_set("America/Whatever is for Central"); echo date("n-d-Y @ g:i a', $row['OrderTicketStatusDateTime']); Except you need a timezone string, not a number.

That's completely irrelevant, because the webserver needs to be able to access them or nobody can see them. It's more relevant if the server is running scripts setuid'd as the script's owner. But that's quite rare to see that.

You mean the one with 17 upvotes? http://stackoverflow.com/a/815887 #1 is valid but easy enough to do in code. #2 is true but your database becomes huge; storing images as files means you can put them on a separate share/drive (perhaps one dedicated to static files). #3 is just as possible because the image metadata has to be stored anyways, and the images can ("should") be stored using random names (which is also a downside). #4 is a pro for DBAs. #5 sounds like it's refuting an old claim which apparently isn't true anymore. I'm not sure that #6 is universally or commonly true, but I'm not a DBA. Another downside is latency between a webserver and database server: imagine transferring a 10MB image from a remote connection (admittedly rare nowadays).

JSON? The keys need to be quoted, and you can't return multiple objects at once. Taking a guess at what you want, the output should look like [{"mp3": "music/name.mp3", "ogg": "music/name.ogg"}, {"mp3": "music/name.mp3", "ogg": "music/name.ogg" }...] which you can do easily with json_encode(). Except your code needs changing to get that. What if there are multiple .mp3 or .ogg files?

Timestamps are timezone-agnostic. It's the same number everywhere in the world. What timezones affect is how that timestamp is written as a string. Is $user_data->lock_date in GMT? Then date_default_timezone_set("GMT"); if (strtotime($user_data->lock_date) > time()) {