HDFilmMaker2112

Session/Cookie and increment on each search? Or DB and count rows per day... Wipe it out weekly so it doesn't get too large?

This is the script I used: http://www.phpeasystep.com/phptu/29.html Example: http://www.GhostHuntersPortal.com/store.php?cat=emf-meters&num_products=8

Alright... I made my own cipher that converts the password to another string... then from there I'm going to use MD5 + salt , and then SHA512 on the MD5 Hash... or would this be complete over kill? hash('sha512',(md5s(cipher($string))))

My GF pointed out that $letter['a']=01; should have quotes around the 01. $letter['a']="01"; Solved it.

if(isset($_GET['item']) && ctype_digit($_GET['item'])){ $item_id=$_GET['item']; $sql50="SELECT * FROM $tbl_name WHERE item_id='$item_id'"; $result50=mysql_query($sql50); while($row50=mysql_fetch_array($result50)){ //product display here } } From that whenever you have ?item=item number in the URL you'll get a SQL Query for that product/item.

I expanded this out to the whole alphabet lower and capital case + 0-9. And it's now converting a 10 character string to 8 characters. <?php require_once 'llib.php'; require_once 'nlib.php'; $str = 'Asda12Ka12'; $new_str = ''; foreach (str_split($str) as $char) { $new_str .= $number[$letter[$char]]; } echo $new_str; ?> I've tracked it down to the lowercase a $letter['a']=01; $number['01']="0"; so instead of inserting 0 into the new string it just doesn't insert anything. I end up with this: q9eRSvRS It should be: q9e0RSv0RS

You're out of my range now... Hope I don't make admins mad here, but go to the MySQL section on http://forums.devshed.com/mysql-help-4/ And look for some help from the mod "r937". Pretty much solved any complex SQL Query I've ever had to write.

I apologize I had two files called the same thing and uploaded the wrong one. Your way is working.

SELECT COUNT(messages.mail_id) FROM messages JOIN mail WHERE mail.status=1 AND messages.mail_id=mail.id

no luck... still a blank page. http://www.makethemoviehappen.com/new.php

SELECT mail.*,messages.* FROM messages JOIN mail WHERE mail.status=1 AND messages.to=

How are you determining what user to get the messages for? I would think it should be straight forward like this, if I'm understanding correctly. SELECT * FROM messages WHERE status=1 AND user_id=USERID

Here's what I have right now: $input = "YAPePAsdf"; $input = str_split($input); foreach($input as $key=>$char){ if(isset($letter[$char])){ $input[$key] = $letter[$char]; } } $output = implode("-", $input); echo $output; above that is a bunch of code assigning a letter to a number in this format: $letter['letter']=number 1-52; This isn't displaying anything.

Looking for the best way to convert a string to a bunch of numbers and then those numbers to a new string. Something like this: $string="APWE"; A into 05, 05 into Y. P into 36, 36 into A W into 23, 23 into e E into 13, 13 into P So it will go from APWE to 05362313 to YAeP Looking at str_split($numbers, 2) to get from the numbers to the letters, but do I need to have a full library of each letters corresponding number and then the corresponding letter to those numbers to convert back to the new letters?

I'm having an issue redirecting my page to an error page if my UPDATE query does not find a matching entry to update: elseif($_GET['forgot']=="password"){ $new_password =& generatePassword(); $username=sanitize($_POST['username']); $sql1="UPDATE $tbl_name SET password='$new_password' WHERE username='$username' AND email='$email' AND amount='$donation_amount'"; $result1=mysql_query($sql1); $num_rows1=mysql_affected_rows(); if($num_rows1==1){ $content.='<p class="center">New password generated. It has been emailed to the email address provided.</p><br />'; $message='Some one (hopefully you) requested a new password be generated for your account on Make the Movie Happen. Below is the newly generated password: Password: '.$new_password.' Once you log-in, please change your password. Thank You, Make the Movie Happen Support Team '; mail($email, 'Make the Movie Happen - New Password', $message, 'From: general@makethemoviehappen.com'); } elseif($num_rows1=="-1"){ header("Location: ./index.php?forgot&e=1"); } else{ $content.='New password could not be generated. If you continue to have issues, please email <a href="mailto:general@makethemoviehappen.com">general@makethemoviehappen.com</a> for assistance.'; } } mysql_affected_rows should return a positive number if it finds rows to update and -1 if the query fails. I thought if it didn't find anything to update the query would fail... should it be 0 instead of -1? Here's where the page redirects if it doesn't find anything to update. else{ $content='<div class="main"> <div class="main_header clear">Forgot Password/Username</div> <br /> <div> <p class="eighteen">Forget Password</p> <p>Enter the information below to reset your password.</p>'; if($_GET['e']=="1"){ $content.='<p class="red">Information entered incorrect.</p>'; } $content.=' <form action="./index.php?forgot=password" method="post"> <p><label>Username:</label> <input type="text" name="username" size="30" /></p> <p><label>E-Mail of Original Donation/Purchase:</label> <input type="text" name="email" size="32" /></p> <p><label>Total Donation Amount:</label> <input type="text" name="donation_amount" size="5" /> <span class="twelve">(In x,xxx.xx format. Any other format will cause an error.)</span></p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> <br /> <div> <p class="eighteen">Forget Username</p> <p>Enter the information below to have your username emailed to you.</p>'; if($_GET['e']=="2"){ $content.='<p class="red">Information entered incorrect.</p>'; } $content.=' <form action="./index.php?forgot=username" method="post"> <p><label>E-Mail of Original Donation/Purchase:</label> <input type="text" name="email" size="32" /></p> <p><label>Total Donation Amount:</label> <input type="text" name="donation_amount" size="5" /> <span class="twelve">(In x,xxx.xx format. Any other format will cause an error.)</span></p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> </div> <br /> '; }

Can the following be condensed into one query? $username=sanitize($_POST['username']); $sql="SELECT * FROM $tbl_name WHERE username='$username' AND email='$email' AND amount='$donation_amount'"; $result=mysql_query($sql); $num_rows = mysql_num_rows($result); if($num_rows==1){ $sql1="UPDATE $tbl_name SET password='$new_password' WHERE username='$username' AND email='$email' AND amount='$donation_amount'"; $result1=mysql_query($sql1); $num_rows1=mysql_affected_rows(); Should I just throw out the SELECT and just use the update? $num_rows1 will equal 0 if it doesn't find an entry to update correct?

One more question... When somebody tried to log-in, how do I compare the hashed/encrypted password to the one entered? Do I convert the one in DB back to readable characters, or convert the one entered to try to match the data in the DB?

First invert the if statement... make it so the if is checking if they are logged in, not if there not... this way worst case some one can't log-in. Right now the else is letting anybody have access.

Forgot to post my current Table set-up: ideas message_number donor_id username name amount message This is for a system of donors submitting ideas to a film production. So we need to permit the submission of an idea, and me to communicate back and forth with them while keeping all the messages corresponding with that idea under the same group.

What would be the best password encryption to use... I've seen MD5, SHA1, SHA256, and SHA512.. but I've recently posts suggesting that bcrypt or CRYPT_BLOWFISH is a better method? The will be my first attempt at password encryption.

JOIN is actually quicker... Let MySQL do as much as possible. Every time you do a new query, your starting...stopping... and then starting MySQL again. If I'm not mistaken. And it's cleaner code.

What would be the best way to set-up a database for a messaging system? I'm basically looking for some like GMail where the messages are kept together. So if you go back and forth with the discussion, each piece of the discussion would be show up with those other replies. Should I just do a unique message id and link together those unique ids some how?

http://www.novahost.com.... $6 a month. And there's no such thing as unlimited bandwidth... Read the terms of service... they say they can cap your bandwidth at any point should they feel you're using to much. It's basically up to the mood of who ever keeps tabs on your bandwidth use for that day, if they feel like capping it.

******* form.php ******* <?php $form=' some php code... <form> some php and html ... php form... </form>'; ?> ****** config.php ****** <?php include 'form.php'; $foo='<table> <tr><td> // I would like to get the contents of form.php and add the to the rest of the contents of $foo. some text ' .$form. ' some more text </tr></td> </table>'; ?> ****** file.php ****** <?php include("config.php"); ?> <html> <head> <?php // Some php code here. ?> <title>title</title> </head> <body> Please fill out our form.<br> <?php echo $foo; // Some php code here too. ?> </body> </html>

You have to wrap your current code in an if statement that has $_GET['os']=="offers" as it's condition. And change your form action="" to match.