kicken

Your if statement implies that $ModType is a number (2,3,4,..) however in your eval your using it as if it were a symbol (+,-,*,...)

The screenshot add-ons for firefox will usually allow you to grab the entire page. Ex, Pixlr Grabber

Change to: $this->container = new Config_Container('section', 'root');

When you start a session, a unique ID is generated and assigned to that user by way of setting a cookie. The name of this cookie is set by the session_name() function, and defaults to PHPSESSID. Whenever the user visits a page, it's browser sends this cookie back to the server. When you call session_start, it first checks to see if this cookie value exists. If it does, it resumes that session by loading the data associated with that session out of a file. If no cookie value is sent then it starts a new session by generating an ID, as mentioned above. This cookie value is how you know which user is requesting the page. All this typically happens behind the scenes. You can customize the process if desired but usually you do not need to. You can pass the session id in the URL instead of as a cookie value, however this is not recommended as users may copy/paste a url to your site which contains the session id and send it to another person. This other person would then resume the first users session, even though they shouldn't. This is known as session hijacking. There are ways to prevent it (and you should even when using cookies) but by not passing the ID around in the url you go a long way toward preventing it. PHP cleans up the session data files periodically through a garbage collection process. When the data file is removed this way, the session is destroyed. You can also manually destroy it, such as on a logout page using session_destroy(). These configuration directives control this process: session.gc_probability session.gc_divisor session.gc_maxlifetime The gc_maxlifetime is the duration in seconds before the session is considered inactive and cleaned up. It defaults to about 20 minutes. When checking inactivity it compares the duration between when the session was last used and the current time. The last used time is the last time a request was sent using that session id. You don't really know if the session is timed out. It just disappears. If the user's session timed out, say from them going out to lunch, and php cleans up the session file, the next time they load a page it will be as if they are starting a brand new session.

Probably the best you could do with your query is using something like: ORDER BY INSTR(nom, 'plan')

JOIN syntax FROM kill4silence_photos_albums album LEFT JOIN kill4silence_photos_photos photos ON album.id=photos.album_id AND photo.visible=1 In that part, kill4silence_photos_albums is considered to be the left table, and kill4silence_photos_photos is the right. The condition after the ON is the join condition. When you do a LEFT join, then the database takes all matching rows from the left table, and attempts to find matching rows in the right table based on the join condition. If it finds no matching rows, then it uses an implicit all-null row to match against. Essentially, that means you will always get the full result of rows from the left table (all the albums). For each album it will find any photos belonging to that album. if there are none, it just uses a NULL row to fill in the blanks. Then the GROUP BY clauses tells it to group the results by each unique album id, and the COUNT() function will give a count of all the photo id that are non-null. For an album that has photos, this will be the number of photos matched. For an album that has no photos, it will be 0.

Use something like Fiddler2 to record all the http transactions as you go across the site, look at the cookie headers your scripts are sending (Set-Cookie headers in the response area) to see what is happening. Open fiddler2 Open your browser and go to your site Login, and hit a page or two Logout and then hit a page or two. If you want, yo-u can save all the sessions and send them to me and I will see if I spot anything unusual. I have PM'ed you my email address.

If your session cookie is sticking around (with the same id) then a few possibilities are: 1) You've configured PHP to set an expires date/time on the cookie, rather than using 0 to make it a session cookie (generally not wise) 2) You're not closing the browser completely. Session cookies only go away when the browser is fully closed. You have to close all windows, not just the single window or tab your site is in. 3) Your somehow re-starting the session with the same id Regardless, having the session ID stick around is not anything to really be concerned about. Provided you have cleared out the data in the session (ie, your session_destroy/$_SESSION=array() combo would do that) then that ID is just going to be linking to an empty session file. Session hijacking has less to do with the session id sticking around after logout, and more to do with people intercepting your session ID while it is in use, such as by using a packet sniffer to watch requests on the network and stealing the ID that way.

Nowhere. Your browser is the one that handles the actual storage of the cookie data. Where it stores it depends on the browser in use. I believe firefox stores them in a SQLite database somewhere in the profile folder. If you want to remove the cookies, just use the browser's tools for that. Either to clear all cookies or a cookie manager that will let you single out specific ones for removal. In firefox you go to Options->Privacy and click the 'remove individual cookies' link.

The only way you'll get your tree structure (reverse breadcrumb) with your current db structure (without a multiple-select loop) is to select everything from your albums table and build the tree in PHP. You can have a second query which pulls the count of photos in each album and merge that into the tree while you build it. //Get photo count $sql = ' SELECT album.id as album_id, COUNT(photo.id) as cnt FROM kill4silence_photos_albums album LEFT JOIN kill4silence_photos_photos photos ON album.id=photos.album_id AND photo.visible=1 GROUP BY album.id '; $res = mysql_query($sql); $photoCounts=array(); while ($row=mysql_fetch_assoc($res)){ $photoCounts[$row['album_id']] = $row['cnt']; } $sql = ' SELECT id, parent_id, name, description FROM kill4silence_photos_albums ORDER BY parent_id '; $res = mysql_query($sql); $albumTree = array(); $albumMap = array(); while ($row=mysql_fetch_assoc($res)){ $id = $row['id']; $parent = $row['parent_id']; $row['children']=array(); if (isset($photoCounts[$id])){ $row['photoCount'] = $photoCounts[$id]; } if ($parent != 0 && isset($albumMap[$parent])){ $albumMap[$parent]['children'][] =& $row; } else if ($parent == 0){ $albumTree[] =& $row; } $albumMap[$id] =& $row; unset($row); } If your going to run mysql_close at all, only run it at the end of the script. Closing the connection after every query is wasteful and only going to make the script even less efficient.

If you want to get the sub-albums then you just query for all the albums who's parent_id is the current album. You can do that and get your # of photos per album in a single query.

What you pasted is not JSON. It is a string of serialized data, and you can reverse it using unserialize. After you unserialize it you can access the key 'calendarJson' which contains json and you can decode that using json_decode.

Not if your table is indexed properly. The database will just scan the index to find the specific rows it needs, rather than having to go through every row. There are other ways to improve performance too such as partitioning. Until you reach numbers in the millions for your number of rows, you shouldn't see and big problems with just some indexes.

Just like you'd do any loop. function getParentList($currentId){ $list=array(); do { $sql = 'SELECT name, parent_id FROM kill4silence_photos_albums WHERE id='.intval($currentId); $res = mysql_query($sql); if ($res){ $row = mysql_fetch_assoc($res); $currentId = $row['parent_id']; $list[] = $row['name']; } else { $currentId = 0; } } while ($currentId != 0); return $list; } It's a valid approach. On the positive side, it's much simpler to implement and maintain. On the down side, it makes things like this bread crumb list less efficient. The better way is described in the link I posted above.

My guess is that your $products_image_base variable contains a '/' character, possibly as a directory separator. you'd have to print the variable to see what it contains. Since your using '/' as your regex delimiter, any instances of '/' inside your regex (in the variable) must be escaped by prefixing them with a '\' character. preg_quote should be able to take care of this for you.

Given your current db structure, you can do it one of two ways: 1) Issue a query to select the current albums name and parent id. Save the name and then repeat the query using the parent id just received as the new current album id. Continue this process until the parent id is 0 2) Choose most likely maximum nesting level (say, 6) and then issue a single query with a bunch of left joins. If you feel like changing the db structure, you could implement it as a nesting doll type approach, which makes things like querying the parent categories easy, but slightly complicates adding/removing items.

Assuming all your dates are in YYYY-mm-dd format, they will compare correctly as strings.

That query should be more like this: $idList = array_keys($_POST['close']); //Since your ID's are the keys in the array, not the values. $idList = array_map('intval', $idList); //Ensure all values are integers and not strings (protects from sql injection) $closequery = 'UPDATE sellerinfo SET Closed='y' WHERE Index IN ('.implode(',', $idList).')'; //Do not use mysql_real_escape_string in this instance. Since your row id is being used as an array key (name="close[xxx]"), you need to extract the keys of the close array. Using intval on all the keys will ensure they are integers and protect from any sql injection attempts. invalid values will be converted to 0, assuming you have no rows where index=0, they will essentially be ignored since they wont match any rows. Since we use intval to protect from sql injectection, mysql_real_escape_string is not needed. In any case, it's usage there is incorrect as you'd want to apply it to each value in the array, not the whole imploded string.

That's what you were told to do. At some point in your page you're running a query to fetch the information. If that query returns 0 rows, then (and only then) do you output those 404 headers. If the query does find data, you just continue on normally.

$query = 'ipmitool -I lanplus -H '.$devices.' -U admin -P adminpass sdr list'; Variables are not translated inside single-quote strings. You have to concatenate them, or change your string to use double-quotes.

Is it possible? Yes. It would be far easier and much more user-friendly to use javascript for this task though. To you PHP you would have to submit your form, and then re-create the entire form, just with an extra field, while also maintaining anything they had already typed in so they don't have to type it in again. With javascript, you can just use a couple DOM methods to create a new field and add it to the page, quick and simple. Then just make sure your PHP script is aware of these additional fields and processes them. Usually when I do something like these the dynamic fields are named as an array and I just use a foreach() loop on the php end.

If you have one variable and want to test against several possibilities, a switch is generally the way to go. I'm not sure what your concern is with "loose comparsion". Unless all your if statements are comparing using the === or !== operators then your performing a loose comparsion there as well and there's no difference between them and a switch, other than a switch being cleaner and easier to read. There's nothing wrong with a loose comparison generally. Only in a few instances might it cause a problem.

Keep track of the last post heading and when it changes output a new header Something like this. Just typed off the top of my head. $lastPostId = null; echo '<ul>'; while ($row=$res->fetch()){ if ($lastPostId != $row['rowId']){ if ($lastPostId !== null){ echo '</ul></li>'; //close previous } echo '<li>'.$row['rowId'].'</li><ul>'; $lastPostId = $row['rowId']; } echo '<li>'.$row['comment'].'</li>'; } echo '</ul></li></ul>';

Only the boxes that are checked are submitted, so it's as simple as looping over your array of boxes. foreach ($_POST['association'] as $sent_id){ //do something } Since what you want to do is delete them, you could do it all in one query by just using implode() to get a comma separated list of ID's and use that in your query. I would use array_map + intval to ensure they are all integers first to protected against sql injection.

That is because there is no place to put your details. That class does not connect to the database on it's own. You do that in your code, then pass the handle to the classes' constructor. Read that comment you pointed out. It tells you to do just that, and even shows you exactly how to do it. Perhaps you will understand better if it is separated out: $dbConnection = new PDO('mysql:dbname=mydb;host=localhost', 'user', 'pass'); $oauth = new PDOOAuth2($dbConnection);