scootstah

Well, they can link to all sorts of things that are bad. Like websites infected with malware, downloads, phishing sites, etc. But as for your own site, as long as you only allow a legit http/https link and don't have any XSS vulnerabilities, you should be okay.

You could also try CTRL+SHIFT+V, which will paste as plaintext without rich text formatting - that's probably what is messing up the WYISWYG.

Try turning the WYSIWYG editor off by clicking the little square icon in the top left, and then paste with either CTRL+V or right-click > paste.

You're going to want to enable slow query logging, make sure you have proper indexing, have efficient schema, etc. It would also help to profile the PHP code to see which things are taking time. If you have to loop queries you didn't design something properly.

Show your database schema and what you have for code.

Gotcha. So everything at the moment is on a single server, but different domains. Therefore there is no network latency, and you're not really going to get a sense of scalability. Running a bunch of queries inside of a loop could certainly be another potential bottleneck, especially if there is inefficiencies in the query or database setup. You should look at ways to get rid of that looping. Have you posted that code already? If not, please do so.

http://jsfiddle.net/esv3b854/1/

mt_rand() is going to eventually produce duplicates. That is not a good way to do it. You'd probably want a "transactions" database table with the transaction number being the auto-incremented primary key. Of course, then the transaction numbers would be sequential, so if that is a problem you'll have to use something else.

How are you commenting out the HTTP request and the system still work? Which server is the dual hexacore 2.4GHz - is that the mail server, or the one sending HTTP requests?

Because it is waiting on a response from the external HTTP server. That response time is going to vary slightly, based on a whole bunch of factors. It might be helpful if you make a quick diagram of what your infrastructure looks like, just so that we're all on the same page. What it sounds like to me is that you have a server A which is reaching out to server's B and C to get some data, then sending emails from server A. Is that accurate?

For what purpose? You're not going to want to rely on the price given by the client, otherwise the client can just change the price.

First you need to figure out how to access the mybb session data outside of its normal scope. Look for mybb "portals". Then it's just a matter of reading/writing data from/to the mybb database tables.

You should not be using MD5() to store passwords. Use a proper password hashing algorithm like bcrypt or password_hash.

Ah, well that's an entirely different thing. You cannot directly access those object properties because they are protected. It's returning a Varien_Data_Collection object, so you need to look there to figure out how to extract the data.

You indicated in your first post that $product->getMediaGallery() was already returning an array, so you do not need to wrap it in another array.

Yes, it's possible. It depends what version the code was actually developed for. If your code is fully 5.3.3 compliant, then you should be okay. I believe at most you'd have deprecated warnings that you'd want to take care of pretty soon. The easiest way to check is to get a virtual machine running with the newer version and see if it works or not.

Did you try the manual?

I tend to stay away from shared hosting. I haven't used it in so long that I don't really know a reputable host these days. I use either a VPS or a dedicated server. DigitalOcean is great for a VPS. 80 sites is a bit much for one VPS though. What you could do is rent a dedicated server and get a cPanel license, and then you'll have something familiar to a shared hosting setup. You can get a managed dedicated box from LiquidWeb for a decent price. As for the mail, you could use an SMTP service, but you'll probably have to setup MX and/or SPF records on all of your domains.

Oops, good catch.

I really wouldn't recommend working on older PHP4 code in a PHP5 environment. Your development environment needs to match what it's going to be running on, otherwise you're going to get quirky little bugs. Going from such extreme version differences is going to exacerbate that. If it were me, I'd go with a virtual machine and compile PHP from source for the version he's running.

Try outputting the mimetype to see what it thinks it is. $finfo = new finfo(FILEINFO_MIME); $mimetype = $finfo->file($_FILES['cvfile']['tmp_name']); var_dump($mimetype); exit;

You can't decrypt a hash. That's why it is called hashing and not encrypting. It is one-way only. Also, MD5 is pretty much just as bad as plaintext for storing passwords. You need something like bcrypt, or what I linked in my other post. You should never ever be able to retrieve a user's password for any reason. EDIT: And to compare it when they login, you just hash it the same way and then compare the hashes.

If you've forced to use an old version, I'd recommend you install VirtualBox and setup a virtual machine to install the specific version of PHP and MySQL. Otherwise you're going to endure massive headaches.

I'm assuming he is talking about vendor support. But, good OS software has plenty of good vendor support, and community support too.

First I'd find out why the client is willing to run 10+ year old PHP versions.