ToonMariner

<?php session_start(); ....DATABASE INFO.... mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $sql="SELECT * FROM $tbl_name WHERE to = '". mysql_real_escape_string($user) . "'"; $result=mysql_query($sql); if (mysql_num_rows($result) > 0) { while($rows=mysql_fetch_array($result)){ ?> <p class="clearboth style1"> <p><div style="height:500px;width:350px;font:16px/26px Georgia, Garamond, Serif;overflow:scroll;"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><? echo $rows['from']; ?></td> <td><? echo $rows['message']; ?></td> <td> </td> </tr> </table> </div> </p> <div class="clearboth"></div> <div class="end"></div> <? } } else { echo "<p>no recipient could be found</p>"; } mysql_close(); ?> is $tbl_name set? is to the correct field?

be careful nesting encryption like that - it can lead to th eprobability of MORE collisions rather than less. personally encrypt using mysql's AES_ENCRYPT DES_ENCRYPT. this is do in a class and the file that class is in is encoded with ion cube so the keys I use wouldn't be instantly available should someone get hold of that file. get notification if that file has been accessed or ftp or what ever - by the time they have decoded the file you should have updated your key and the fields dependant on it... the cost of security is eternal vigilance!!!!!!

yep - what ever is in your markup between the open and close tag of a text area will be reflected in the browser.

<textarea name = "data" id = "textbox"> <?=trim($row['data']);?> </textarea> change to: <textarea name = "data" id = "textbox"><?=trim($row['data']);?></textarea>

if you don't have access to the fla then realistically you are left with using the xml that it says you must use - php can create and manage that for you... we can't write the script for you but if you look at simpleXML and spend a couple hours playing with it you WILL be able to do this yourself.

abstract your database layer - use the pear DB library... alternatively with your installer - get the user to give database connection details - check the version and have the installer download the appropriate file(s) from yoru own server to allow your application to function. I am a fan of remote installs (that's what I call them any way) it allows you to provide auto updates and ensures that the applications you build have the appropriate technology support. you could even have a checker that when run will check the apps settings and if the dependant database version, platform or php installation has been upgraded it could auto update your entire app... people pay for that kind of quality automated support.

<?php foreach($NSN as $key => $val) { echo '<input type="hidden" name="NSN['.$key.']" value="'.$val.'" />'; } ?>

yep - use the date data format for your fields in mysql - it makes searching/ordering by date more natural. retrieve that value and then you can manipulate it how you like with PHPs date/time functions

I may be misreading but one more littel tweak $new = $xml->createElement("img"); $image = $xml->createAttribute("src"); $new->appendChild($image); $new->setAttribute("src", $_GET['image']); $xml->appendChild($new); you create the src attribute on the $image object but set it on the $new(node) object... should it not be $new = $xml->createElement("img"); $image = $xml->createAttribute("src"); $image->setAttribute("src", $_GET['image']); $new->appendChild($image); $xml->appendChild($new);

what if javascript is off? admittedly i doubt this is a critical task - but i am always of the ilk that your site should work - not be dependant on any technologies that may or may not be available. in this case yeah I'll concede the js option is probably right.

not really called for - your script should not take long to run just sending email - if you are sending mass emails then you should fork your script (google background processes in php or threading php scripts or something like that). a 'working' graphic such as one that can be generated here would suffice. Progress bars are really only beneficial to users when they are uploading large files like video - in which case you need a script capable of assessing the expected size of incoming file and monitoring how much has uploaded - like http://uber-uploader.sourceforge.net/

if you post back to the same script then its straight forward.. markup <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <label for="username">Username</label> <input type="text" name="username" id="username" value="<?php echo $username;?>" /> <label for="password">Password</label> <input type="password" name="password" id="password" /> <input type="submit" name="login_bttn" id="login_bttn" value="Login" /> </form> the code that must come before... <?php $username = isset($_POST['username']) ? $_POST['username'] : null; .... ?> this means that when the form shows then $username has been initialized and will not error. if the form had been submitted and validation failed so we show the form again then $username will be set to what was previously submitted....

you could use geoip to locate them and map that to a timezone however this is labour intensive. if you have users that login perhaps ask them to select which timezone they reside in (save it in their profile) and use that to amend your base time ins any computations/display. you could also set a cookie for guest visitors - a discreet part of the page could request their timezone or a nasty javascript pop-up (even a nicely-still nasty for UI styled ajax pop-up).

hmm strange... i personally add the node to the dom after creating and populating it. try this and let us know what happens... $new = $xml->createElement("img"); $image = $xml->createAttribute("src"); $new->appendChild($image); $new->setAttribute("src", $_GET['image']); $xml->appendChild($new);

not changed then it should fail in older versions of php. @ratcateme has alluded to the problems your are encountering but without refactoring your code the simplest solution is to use the ob_start() / ob_end_flush() solution I suggested above. alternatively you can go through all your code - ensure all your datachecks/validation redirects etc are done BEFORE you start the output - as soon as you start outputting markup (including whitespace) all headers must have been sent.

add ob_start(); to the beginning of your script and ob_end_flush(); at the end.

every language used can be insecure - its not inherent to that language - its the quality of te code written that is invariably insecure.

why? if you want to prevent hot linking to your images then probably best use this... http://underscorebleach.net/jotsheet/2004/11/stop-image-hotlinking-tutorial-htaccess-apache storing files in the database cost quite a lot - you get large overheads in your database storage and if you are trying to prevent others getting your images then don't bother they have them once they see it on their screen. you can water mar images like stock site do so that they don't see an image without it unless logged/purchased..

browser? markup? css? url to view this in action? we need something to work with...

check that if (($_FILES["file"]["type"] == "video/mpeg") && ($_FILES["file"]["size"] < 200000)) evaluates to true before that statement put echo 'file type = '. $_FILES["file"]["type"] . ' Filesize = ' .$_FILES["file"]["size"]; that will be the 1st step in solving your problem.

good coders code - great coders re-use...

if your refences are in an array indexed with matching indices to the ufile array then its easy.. foreach ($_FILES['ufile']['name'] as $key => $val) { $ref = $_POST['ref'][$key]; ...

lol - jquery does all the stuff it used to take me hours to achieve in minutes... still have to do some intricate stuff which is where the fun is but as far as I am concerned jquery is THE tool to use...

when you are looking to do multiple inserts into a database its best to do it in one query rather than running lots of queries in a loop - not very efficient. this code here <?php .... foreach ($_FILES['ufile']['name'] as $key => $val) { move_uploaded_file ($_FILES['ufile']['tmp_name'][$key], $picture); // and insert into the database $result = mysql_query("Insert into images (picture, ref) values('". basename($picture) ."', '$ref')") or die(mysql_error()); } .... ?> 1st off I don't see $picture changing on each loop which would mean you overwrite your image all the time.. ok the query.. <?php .... $qry = NULL; foreach ($_FILES['ufile']['name'] as $key => $val) { move_uploaded_file ($_FILES['ufile']['tmp_name'][$key], $picture); // and insert into the database $qry .= "Insert into images (picture, ref) values('". basename($picture) ."', '$ref'),"; } $qry = substr($qry,0,strlen($qry) -1); // remove last comma. $result = mysql_query($qry) or die(mysql_error()); .... ?> now like I said - each time you run through this loop you are NOT updating $picture so your database records wont be what you expect and each file you upload will overwrite the previous file.. revisit that part and all should be well. the qry I did above is just to help you improve performance and save your server some hassel.

learn jquery - it takes 99% of the pain out of javascript...