WebStyles

so it's all sorted out now?

wanna post the code for the main page?

you can just check if the file exists: if(is_file($data['thumbnailUrl'])){ // show the dynamic image }else{ // show the static one }

if you want it to update without refreshing the page, I suggest javascript to calculate the percentage and then write it to the appropriate field

Jesus, didn't mean to spark so many feelings... Hey, I'm not the one building the system, I just enjoy looking for bugs in code. If you're so against it, why don't you just delete this post instead of having a go at me? (and to be fair, comparing a spoofed email with a murder is a little over the top...) 'nuff said here. I won't comment any more on this, it's just getting silly.

I prefer not to judge people based on a piece of code.

I changed you're checklogin.php file to this: (read the comments I added) <?php error_reporting(E_ALL); session_start(); // <-- without this you can't set $_SESSION['uid'] include("functions.php"); //connection to DB is defined in functions.php // Grab & Clean $_POST['username'] and $_POST['password'] :: you should check if they exist first $myusername = mysqli_real_escape_string($myConnection,trim($_POST['username'])); $mypassword = md5(mysqli_real_escape_string($myConnection,trim($_POST['password']))); $sql="SELECT `id` FROM `user` WHERE `username` = '$myusername' AND `password` = '$mypassword' limit 1"; $r = mysqli_query($myConnection,$sql); $result = mysqli_fetch_assoc($r); // <-- Added this to grab the results // if the query returned a result, set $_SESSION['uid'] and redirect to main.php if(!empty($result)){ // <-- replaced your count with this: if it's not empty, it means the query returned something $_SESSION['uid'] = $result['id']; header("location:/main.php"); }else{ echo "Wrong Username or Password"; } ?> There are other things you should be doing though... Like check if $_POST['username'] and $_POST['password'] exist and are not empty before trying to manipulate them. personally, I would wrap the whole login file into a function (which would be included in functions.php), and avoid the extra page jump.

There seems to be a lot of confusion here, and this is very hard for us to figure out because we have no idea if you're doing the things we're telling you.... Why are you still including 'functions.php' (that had a database connection) if you've got another database connection right after that include? Why do you still have stripslashes() on your posted password? (that's not the issue, but it's not a good idea.. a password like HX<123>Xt would be destroyed) Why is ob_start() still there? All this probably means that the code we're looking at is not the code you're working on right now... It's gonna be very hard to figure this one out if we don't know what's going on. I suggest you read through the entire post again, apply/try everything we mentioned, then post the final code here again with a detailed explanation of what's still going wrong.

where and how is $_SESSION['uid'] being set?

oh c'mon guys... this forum is about the code to get a job done, not the moral reasons behind it...

you could replace all those forms and IF's with just one, and use the variable to show the number of emails left... instead of all those IF $dbemails == 1, $dbemails == 2, $dbemails == 3, $dbemails == 4 ... just do something like: $html = '<i>You have free '.$dbemails.' spoofed emails left.</i><br> ... (it should say 'x free spoofed emails', not 'free x spoofed emails')

if you're absolutely sure you're using the correct username and password, i'm guessing you have more than one instance of your user and password in the database so the $count variable is greater than 1. add 'limit 1' to your query, and test again. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' limit 1";

What would you want to delete?

is it the first time you're connecting to that database (i.e. with a newly created user in mysql?)... I'm guessing either you didn't set the user's permissions correctly, or something like that. (set permissions fot where the user is allowed to connect from, what databases the user is allowed to see, what actions the user is allowed on each database). If you're using Mamp or Wamp, sometimes a restart to the mysql database gives it a little nudge (it doesn't always commit the permissions properly) You shouldn't use stripslashes on the $_POSTed password, some people use symbols that will be stripped away. Always hash your passwords before storing in database (check out md5() or similar hashing functions)

I didn't check out the API, so I'm just guessing here, but normally these remote logins require an encrypted password. Are you hashing yours before you send it?

There's a freelance section here on phpFreaks... maybe you can go get a cheaper quote for the job

try this (it reads through the directories, and writes everything to the text files without having to create an array.) <?php function drawArray(DirectoryIterator $directory, $file ){ $path = ''; foreach ( $directory as $object ){ if ($object->isDir() && !$object->isDot()){ $path .= $object->getFilename() .'/'; $result[$object->getFilename()] = drawArray( new DirectoryIterator( $object->getPathname() ), $file ); }else if($object->isFile() && $object != '.DS_Store'){ $line = $path . $object->getFilename()."\n"; file_put_contents($file,$line,FILE_APPEND); } } } drawArray( new DirectoryIterator( 'mods' ), 'mods.txt' ); drawArray( new DirectoryIterator( 'config' ), 'config.txt' ); ?> (it appends each line to the files as it reads through the directory, so you should delete the previous files first (or empty them, I'm sure you can figure out how to add that) ... Just realized there's still a little bug in there, but you get the idea. Hope it helps

can I ask exactly why you're doing that? (you're obviously trying to map the directories) but is is a one-time thing you need to do, or is it a script that will run for every user or something like that? (I'm asking because if it's a one-time thing you can simply type: find mods > mods.txt at the command prompt (I'm assuming it's a linux box) and it will map out all the files for you.)

would be more efficient to remove unwanted stuff from the array BEFORE even writing to the file.

I know this is not the answer to your question, but it seems you have other issues to deal with first. You're reading through the directories, adding everything into an array, converting that array to a string, creating a file(s), writing the contents of that string to the file(s), then opening that file again, reading each line and removing things you didn't want and writing back the ones you do want... Do you see a problem here? Remember: Simpler is better.

yes, by all means, change them, but be aware you may have parts in you code like this: <?=$variable;?> (very common amongst people who use short tags) This case is shorthand for an echo and should be changed to <?php echo $variable;?> also, in your initial post you wrote <? Php ?>... it's <?php to open and ?> to close (there's no space between ? and php ) hope this helps

so basically you're saying this line does not work as expected: mysqli_query($DB_CON,"UPDATE users SET Verified=1 WHERE Username='$USERNAME'"); it's based on the variable $USERNAME... You should check that it exists and is properly set.

Type hinting. Check out: http://www.php.net/manual/en/language.oop5.typehinting.php

take a look at array_merge()

Totally agree with Psycho, he sort of beat me to it on a lot of things. I was also going to say: If you MUST add a folder for each user (it is still not a very good idea) at least add the folder with the database id and not the username (what if the user decides he wants a different username after a while?). Also, you've managed to include pages you're going to use several times (like template_pageBottom.php), which is a good, but the database connection, which will probably be used more often than anything else is embedded into the code... I would create a separate file for the connection and include when necessary. (otherwise, if you need to change databases or database passwords later, you'll have to go searching through all the files instead of just one)