fugix

to make sure that $xml is an array, yes you can do that

in your failed address function, change to function FailedAddress() { return $this->failedAddress; //remove the $ } you will also need to change the messageText function as well function MessageText() { return $this->messageText; // remove the $ }

welcome to phpfreaks.

you need to create an instance of your class first, you have not defined the variable that you are trying to use <?php include ('PopmongerClass.php'); $Popmonger = new Popmonger(); echo $Popmonger->FailedAddress(); echo $Popmonger->MessageText(); ?>

function headerReturnImages() { $query = mysql_query("SELECT image_image FROM reviews ORDER BY image_id ASC"); while ($fetch = mysql_fetch_array($query)) { if($fetch[0]) { echo'<img src="images/'; echo $fetch["image_image"]; echo '" alt="" class="active" />'; } else { echo'<img src="images/'; echo $fetch["image_image"]; echo '" alt="" />'; } } }

absolutely, if you need help with this, please post you code

the reason why $_SERVER['PHP_SELF'] poses such an issue as far as injection is concerned, is because it incorporates $_SERVER['PATH_INFO'] which can be tampered with by users. To my knowledge, $_SERVER['SCRIPT_NAME'] does not incorporate PATH_INFO, however I would check a reference before being confident

wow yeah, didn't even notice that, dumb of me...those variables are stored in the $_SERVER predefined array. Glad you found your error

before using it in your header, try to echo it to validate that it is a legitimate url

mockery is not needed.. sorry i brought the issue up

why cant you call the arrays in the functions themselves?

Was it a picture of you? nope

It was changed to something a little offensive. Normally i wouldn't even care

first thing that i notice is you are trying to concatenate 2 queries together, cannot do this

you okay?