scootstah

Users can manipulate cookies and get data, so sessions is really the only secure option here. However, sessions isn't really "secure", but for this case it should be fine.

<script>function();</script>

How is it going to be displayed if its null?

1. It's pretty well commented. 2. I do not like this at all. The reason is because the "error codes" seem arbitrary and are meaningless. Without searching around, nobody knows what the error "62" means. Instead, you should use meaningful error codes. So instead of "62", "form_values_missing". You could then further improve this by not serving a static message, but by loading a language file where "form_values_missing" is given a value - this makes your application extensible by allowing different languages, and also organizes all of your text in one convenient location. 3. You have a form_token field but don't do anything with it, which means you are open to CSRF attacks. Also, unless you are sanitizing data on output, you are open to XSS as well. 4. You can improve things by being a little more DRY (Don't Repeat Yourself). For example, instead of if ... blah redirect if ... blah redirect And so on, you could do something like: $response = ''; if ... blah $response = 'some response'; if ... blah $response = 'some other response'; ... if (!empty($response)) redirect 5. You can do this by not having a huge wall of HTML at the bottom of your script. This script is business logic, presentation should be in another place. Also, having the entire block of HTML like that is not a good idea. You should only have the HTML that is relevant to that page, and the rest in header/footer files (or a layout file). This is again going on the DRY principle. What if you ever wanted to change a style sheet? You'd have to change it in every single script that displays something.

Think about it, there's no way to tell if the code was sold or not sold. All you can do is see who sent it and who signed up with it. Unless you secretly find some rogue forum somewhere selling codes to your site, you're not going to know for sure. And neither is any other website, so if they claim they can, they are bullshitting you.

Something like nav a { color:inherit !important; }

I want a critique of the entire script... Debbie So post it.

So if you ban the IP "2.2.2.2", anyone with "2.2.*.*" is also banned? You realize that by doing this you ban a LOT of people, but the person you banned can easily bypass it.

How did you come to that conclusion?

If they have private WHOIS, you might just see GoDaddy's details. It doesn't mean they actually own it.

By the way, GoDaddy is just a shitty host. Most hosts allow you to specify a different working directory for your subdomains.

file_get_contents()

Mostly they are for separate applications on the same domain, or splitting up resources. Each subdomain could point to a completely different server. For example, images.example.com goes to a server optimized for serving images.

It mostly refers to how they decide page rank. There is a lot of factors involved. They don't just sort by "paying customers", or keyword usage... there really is a lot going on.

I agree. I don't dislike Flash sites because they are Flash...I dislike them because of all the annoyingness. Although HTML5 solves a lot of the problems Flash introduces, it is still annoying.

Only one does change at a time. You can put this in a loop.

You could do something like this: table_columns id | data table_rows id | column_id | data Then it would look like: table_columns id | data 1 | column 1 2 | column 2 3 | column 3 id | column_id | data 1 | 1 | row 1 in column 1 2 | 1 | row 2 in column 1 3 | 1 | row 3 in column 1 4 | 1 | row 4 in column 1 5 | 1 | row 5 in column 1 6 | 1 | row 6 in column 1 7 | 2 | row 1 in column 2 8 | 2 | row 2 in column 2 9 | 2 | row 3 in column 2 10 | 2 | row 4 in column 2 11 | 2 | row 5 in column 2 12 | 2 | row 6 in column 2 Then use a query like this to get it: SELECT c.id AS col_id, c.data AS col_data, r.id AS row_id, r.column_id AS row_column_id, r.data AS row_data FROM table_columns AS c LEFT JOIN table_rows AS r ON r.column_id = c.id There. Easier to work with, and still dynamic.

Post the "gibberish"?

There is a PHP solution, but you are then doing unnecessary formatting because the database can handle it just fine.

How's this work for you? http://jsfiddle.net/PwGZ3/

Try just $('.showcase').click(function() { clearInterval(myInterval); }

Is user_dob a MySQL time/date/datetime? If yes, you can just use a WHERE clause with MySQL's date functions to find it.

Yes... When you do "echo $bad_words" what do you get?

Something like this? a { color:#000; text-decoration:none; } a:focus, a:active { background:yellow; }

Which element is the problem one?