requinix

I'll put it this way: anything that originates from something outside of your direct control (3rd-party APIs, data from an iPhone app) or that has passed through the user (HTML forms, URLs) is not safe.

You can treat it like it was just HTML: x.href, or the long form x.attributes["href"].value.

It depends where you're doing the work. Is it all in PHP or is some part of it in JavaScript or HTML?

And you want to use an IF? Why? WHERE (customerid=$customerid or `referedemail` = '$referedemail') AND `claiment` != $email

... You're not getting any results from the SELECT because you just deleted them all.

You have two choices: 1. Randomness and know that given a large enough sample size you will see results trend to 15. With small sample sizes it will be close but could vary wildly (with larger variations being exponentially unlikely). 2. Not randomness but rotation. First visitor is A=11-15, second visitor is 30-A, third visitor is C=11-15, fourth visitor is 30-C, and so on. Do not try to mix the two together. Either it's randomness and you accept that it will not always be exactly 15, or it's rotation and you get your ideal split.

Go into your php.ini and set error_reporting = -1 display_errors = on Then restart the web server and try the page again. You'll see (at least) two errors: one for mysql_query(), one for mysql_fetch_array(). Those should clue you in on what's wrong. The other bunch of errors after those two are because of them so don't worry about trying to fix those.

Actually I'm wrong: I saw the try/catch but skipped past the "die" part (which means the script will just up and quit if there's a problem).

Because it's not a method. foreach($node->childNodes as $child) {

There's nothing wrong with having two INSERT statements... But there is something with your code: if the first statement fails the second still tries to get executed. Is that intentional?

And cookies!

The user can do whatever he wants - what matters is what you do. Don't want them to edit a name or number? Then make sure your code never tries to do that.

dot-all (a period) normally doesn't match newline characters. POSIX you say? Then that means you're using the ereg family of functions. Those are deprecated; you should be using the PCRE functions. preg_match_all('%\{\{items\}\}(.*?)\{\{/items\}\}%s', $text, $matches); The /s flag (or in this case %s) is what tells preg_match_all() that the dot-all should include newlines.

Nothing. SimpleXML is the best thing for XML I've ever found. I've lost track. Is there any problem besides you not knowing what's in the XML?

Disabling DirectorySlash is a bad idea. Can't you just change the form to point to the right place?

Because PHP uses the system system for actual implementation. If you're running on Windows then you should consult the MSDN for what actually happens under the hood (beyond what PHP does), and if you're on *nix then consult the man pages. Sure the PHP manual says how to use the functions, but in most places it doesn't actually say how those functions behave deep down.

Indeed there is. Get rid of that column you have now and replace it with an entire table. Actually, wait to get rid of it, you'll need it to import the data into the new table (once you've done that then you can kill it off). This table has a minimum of two columns: the parent category and the child... thing. One row for each distinct pair: parent | child ------------+---------- Restaurants | McDonalds Takeaways | McDonalds (but with ID numbers of course)

Oh dear. What you're trying to do is a very, very bad idea. The correct thing to do has two parts: 1. Use URL rewriting to send every request to /users/username to one single PHP script, such as /user.php?username=username. This can happen behind-the-scenes so the user won't notice it happening. 2. Put some logic and code into that one script so that it outputs what it needs to output. For instance, if you save profile information to a database then your script can output it.

Yeah... that's DirectorySlash kicking in. Mostly harmless.

...They're right there: action, ajax_module, dir, id, and module_type.

Please, please just post the code you're using. Without paraphrasing or generalizing. It'll make things a lot easier for us to see.

And HTML 5 does say it's a value between 0.0 and 1.0. What browser? And is the volume being set correctly (it's just that you can't get the right value)?

Not to be dismissive but no.

So you did a var_dump(HttpKeys::PRODUCT_CATEGORIES_UPDATED); and got NULL If not then what did you do? You wouldn't happen to be trying to use member variables and forgetting to include the $this->?

What do you mean by "does not work"?