AyKay47

OOP goes way beyond simply throwing some classes together. My advice would be to get a firm grasp on the fundamentals of sequential/procedural styles before dabbling in OOP. Then when you are ready to start learning OOP, begin with the fundamentals and build off of that by delving into OOP design patterns/frameworks etc.

A less resource intensive solution would be: $search = array("{NAME}", "{EMAIL}", "{MESSAGE}", "{none}", "{Ntwo}"); $replace = array($postname, $postemail, $postmessage, $None, $Ntwo); $page_contance = str_replace($search, $replace, $page_contance_before);

Look into using .htaccess for this.

Post the updated relevant code.

The else condition is not needed. $_FILES will only be populated when the form has been submitted. With the else condition present, every time the script is executed without the form being submitted, it will output the text in the else block (e.g every time the page is refreshed)

Unfortunately that information is provided by the server so you would need to contact your hosting provider. I do not know of another way to display that information.

Check if the $_FILES element isset before assigning its value to a variable, this will take care of the notice. A couple other things as well: 1. Use the comparison operator ( == ) instead of the assignment operator ( = ) in conditional statements. 2. More then one file input is necessary inside of a form in order for a user to be able to upload multiple files. 3. You do not need to load an array with the values from $_FILES, as $_FILES already contains the information you need. For instance in the for loop that you have written, you can write $_FILES['file']['name'][$i] which would retrieve the name of each uploaded file.

Sounds like the new server does not provide the HTTP_REFERER entry. You should not depend on this information anyway as some User-Agents do not provide it and it can be spoofed.

Any field that is to be unique should be properly indexed. This will allow you to use ON DUPLICATE KEY UPDATE or possibly INSERT IGNORE

I doubt that the second output that you posted is one single array, as it looks like the output of 2 separate one-dimensional arrays. The below code will assume that the $prices array is a two-dimensional array like $productItems. If it's not, the code will need adjusted: $productItems = array(array('item_id' => 13, 'quantity' => 4), array('item_id' => 15, 'quantity' => 1), array('pricetotal' => 3709)); $prices = array(array('price' => '3,200.00'), array('price' => '509.00')); for($i=0; $i < count($prices); $i++) { $productItems[$i]['price'] = $prices[$i]['price']; } print_r($productItems); Output: Array ( [0] => Array ( [item_id] => 13 [quantity] => 4 [price] => 3,200.00 ) [1] => Array ( [item_id] => 15 [quantity] => 1 [price] => 509.00 ) [2] => Array ( [pricetotal] => 3709 ) )

What is returned from glob is an array of files that match the given pattern as I assume you already know. However if you are going to use that data directly in an <img> tags src attribute, you will need to specify a path to the directory where the images are stored. As of now the code above assumes that all of the images are in the same directory as the active file directory. Something like this: echo '<img src="/kenai_river_fishing_images/{$num}" alt="kenai river fishing images" width="200px" height="200px" />'."<br /><br />";

Unless Class1 extends Class2, I would encapsulate the str variable inside Class1 and implement a public getter method. class class1 { protected $str; public function variable($str) { $this->str = $str } public function get() { return $this->str; } } class class2 { protected class1; public function get(class1 $class1) { $this->class1 = $class1; echo $class1->get(); } } $c2 = new class2; $c2->get(new class1);

Both add and date are MYSQL reserved words. To use them in a query you must wrap them in backtics ( ` ). However, it is encouraged that you change the field names to avoid future errors. For your information: MYSQL Reserved Words

Implement round with the second precision parameter set to 1

Remember a closing </table> tag.

I think it would be best if you posted all relevant code along with the full logic. Most likely this needs to be cleaned up a bit.

You're right it does't, because it was meant to point out a few things that you are doing incorrectly. 1. Your attempt will output an entire html page/table every iteration; you want to generate rows within the table, thus the while loop belongs inside of the table 2. As Ignace pointed out, you are including <?php tags and functions inside of an echo statement, this is incorrect and will output the literal string "<?php echo"

This is pseudo code to get you started with the basic structure. <table> <?php while($row = mysql_fetch_array($result)) { echo "<tr><td>something</td><td>something else</td></tr>"; } ?> </table>

Is this an apache error or PHP error? Post the relative directives from the master php.ini file.

//sql parts $percentage = $votes / 100 * $total; echo "<td class='result' style='width:{$percentage}%'>{$votes}</td>";

I'm sure it's possible. Can you give a better description/example of what exactly you want to do?

You can acquire all of the necessary information that you need from one query, instead of the 3-4 you are currently using. Are you storing the md5 hashed version of the password inside of the database? Using exit() at the end of a script does nothing, as the script will exit naturally. Side note, using an md5 hash on passwords is simply not enough, as md5 hashes are easy enough to crack using brute force methods. I suggest instead using the crypt function with CRYPT_BLOWFISH hash type and a compatible salt.

A couple of things to note: 1. You need to be sanitizing any arbitrary data from the user before inserting it into an SQL statement using mysql_real_escape_string 2. Get into the habit of validating both a files mime type AND extension, mime types are fairly easy to spoof. Also, creating whitelist arrays of both mime types and file extensions and then using in_array to validate is a cleaner solution. 3. In the call to move_uploaded_file, I recommend using an absolute path to the file vs a relative path. Most likely the error is being triggered because the directory proimage does not exist relative to the active file directory. 4. MYSQL has been soft deprecated and should not be used any further. Instead, use either mysqli or PDO.

This question relies on the behavior of the application you are designing. Bound parameters are used when a dynamic SQL statement is used that relies on a certain set of data that needs to be sanitized. Bound results are typically used when your application requires a bound variable(s) of the result set to be passed to another part of the application, or when you simply want a more logical separation of the result set. Otherwise a simple static SQL statement with a call to fetch() is typically used. To directly answer your question, using both bind functions will not confer better protection.

Post the updated code.