ToonMariner

no quite sure what you are aiming for but php's file upload stuff is a good place to start.

you shouldn't have to as session data can only be manipulated on the server. If you KNOW you have data in there that is to be used in a query and has characters that need escaping then obviously you should ensure that takes place. any values you store in sessions that contain any qry language like 'OR 1 = 1' is bascially down to poor application design IMO - any values in session that could open you up to security lapses are your own fault - just make sure it can't be done.

you need to use a key... add a field - something like userid and make it the primary key in both tables - in the registration table it should have auto increment. Once the user registers add a record in the profile table and simply reference the key that was generated for their record in the registration table....

Then go and learn... jQuery may be a good starting point for you - it can do most of the leg work - word of warning jQuery 1.2 doesn't standardize the parsing of xml data in IE and other browsers - 1.3.1 may have addressed that though (not looked at it yet).

<?php print_r($_POST); /* if(isset($_POST['ConfirmInfo'])) // tried $_POST as well. { echo $_POST['ConfirmInfo']; } */ ?> <form method="post" action="<?php echo $_SERVER[php_SELF]; ?>"> <input type="text" name="PaymentChoice" /> <input type="image" src="<?php echo $FolderDepth; ?>"/Images/Webs/Cancel.jpg" value="Cancel" name="Cancel" /> <input type="image" src="<?php echo $FolderDepth; ?>/Images/Webs/Confirm.jpg" value="Confirm" name="ConfirmInfo" /> </form"> you are using an image input - this is handled differently in browsers - print out the entire post array and you will see which browsers report what. Some will return the x y coordinate of where the image was clicked others just the value...

????? why do all that? if you are just going to scale the image then width="100%" would do the job. if you wanted a nice un-pixelated image at different resolutions then you would have to produce and image of a size for each range of window resolution - otherwise the design will look amateurish.

why would you not generate your captcha images on the fly? if you only have 25 then a bot could come along and simply keep using one solution it knows (given by a human) and then keep trying it - a 1 in 25 chance of getting it right is nowhere near strong enough for any security purpose...

if these constants are defined... define('SOME_CONSTANT' , 36); then these would be in the global scope and available any where in your code...

not that easy - you could use svg (scaleable vector graphics) but I think olnly opera supports that at the mo - not checked other browsers for a bit so ff3 and safari could now support them. in the current state of affairs your only option is to use some js to detect viewport size and serve out different images sized accordingly for each...

what is wrong with just setting the action of a form??? what happens when your user comes along and javascript is disabled? you don't allow them to participate???

try giving the container div overflow: hidden. Also this old beauty which I still find useful... http://www.shauninman.com/archive/2006/05/22/clearance_position_inline_absolute

Again - as soon as I saw the term 'table' which wasn't associated with tabular data and therefore being used for layout - I lost all interest...

OK - using tables for layout is the old school method and I find it impossible to 'help' people with problems with table based layouts - I don't believe it helps anybody... this applies to you too - I will however point you to using some markup validation - that wlll help initially.

you say thats a problem.... what if someone has a low res monitor? should they have to scroll left and right to get that at the info you are providing??? NO they shouldn't. now-a-days this is not such a problem - most modern sites are designed under the premise of the user having a 1024 res display - changed from the 800 of yesteryear. I am cool with that; I VERY rarely consider the effect a 800 px wide iew port has on my sites these days... HOWEVER as a professional web developer you 'should' be building flexible sites - ones that don't force to user into anything just to be able to view the site. BE FLEXIBLE.

try giving your images display block. when images are displayed 'inline' they apply (i think its) line height and you end up with this 'gap'. also there is no need for the br tags - you are using them for presentational purposes so take them out and just use css. giving these images float: left will give them block level display properties also (but you will have to use some clearing to prevent them from lining up alongside each other. let us know how you get on.

well no not really - in this ocntext a method belongs to an object - something you can perform on that object. AN object (or an instance of a class) needs to be aware of what it can do - this is done by declaring these methods within the objects template (the class). Unless you have coded something like <?php class Myclass { private $foo; protected function__construct() { $this->foo = 'Initiated'; } private function bar () { echo $this->foo; } } ?> get some books or read some stuff on PHP OOP and you will pick it up v quickly... Doubt anyone on here will teach you to code!!!! you need something to clean before you call a 'clean' on it and where is the method 'clean' defined? again this will come...

<?php require_once ('../inc/config.php'); $db = new mysql(); //....... //This is in a class mind you: $username_query = "SELECT username FROM user WHERE username = '$username'"; $username_queryR = $db->query($username_query); echo $username_queryR->num_rows; $email_query = "SELECT email FROM user WHERE email = '$email'"; $email_queryR = $db->query($email_query); echo $email_queryR->num_rows; ?> what do you mean to achieve with this line? $email = $this->clean($email); answer to question 1. Not being funny but you need to know about scope if you are going to code - even at a basic level.... question 2. you should read up on classes and OOP and learn what a 'method' is...

I question the requirement for these persistent connections.....

NOPE I'll stick with never

DOOOOOOOOOOOOOOOODDDD you killing the server!! My bad on the $lastat check - got lost in there somewhere that you only wanted the -5 when they ARE equal which would be <?php if (strcmp($lastat,$icao_orig) == 0).... ?> OK lest look at making you code a bit nicer and easier to play with... <?php include 'db.php'; foreach ($_POST as $key => $val) { $$key = stripslashes(mysql_real_escape_string($val)); } //check for empty fields if ( empty($date) || empty($icao_orig) || empty($icao_dest) || empty($routenum) || empty($flthrs2) ) { echo 'You did not submit a complete pirep! Please be sure all fields are completed. <br />'; // Show the form again! include 'pirep.php'; exit(); } //Double flight time if an event if (strcmp($routenum,'EVT') == 0) { $flthrs2 *= 2; } //insert info into pirep table $comments2 = htmlspecialchars($comments); $sql = mysql_query ("INSERT INTO pirep (date, username, icao_orig, icao_dest, aircraft, routenum, dep_time, flthrs2, hub, online, last_pirep, comments) VALUES('$date','$username','$icao_orig','$icao_dest','$aircraft','$routenum','$dep_time','$flthrs2','$hub','$online','now()','$comments')") or die (mysql_error()); if(!$sql){ echo 'There has been an error processing your pirep. Please contact the webmaster.'; } $sql = "SELECT * FROM users WHERE username = '$username'"; $result = mysql_query($sql); $user_array = mysql_fetch_array($result); //add time to flight hours $flthrs = $user_array['flthrs']; $newflthrs = $flthrs + $flthrs2; $newacct = $user_array['money'] + ($flthrs2 * 40); If (strcmp($lastat,$icao_orig) == 0) { $newacct -= 5; } $sql = mysql_query("UPDATE users SET flthrs = '$newflthrs', lastat = '$icao_dest', book = '', money = '$newacct' WHERE username = '$username'"); mysql_close($connection); include 'login_success.php'; echo '<script language="JavaScript"> alert("Flight Approved"); </script>'; ?> try to make our code more readable - indenting and using new lines will really help - u can always minimize before upload... I hope you can see there are plenty of opportunities to reduce the amount of code you write (reducing code is the goal - you want a minimal amount of code to achieve the task - thats the best solution!) or the number of queries you need to make. Please go back and have a look at why you are escaping all the posted data and stripping slashes when you do - not that thats wrong its just you could save yourself some hassel... Try it and let us know how you get on....

well you have used the OOP notation with no visible instantiation of an object... you need to pass the dabase obect in too!!!! Why have you wriiten a function to do what a method already available to you can do???? Why are you using $this outside a class???? what are you doing?

NEVER executre queries inside a loop - its the most horrible thing - simply highlights the lack of thought that has gone into someones 'code'.

if you have a bit of cash (and you don't need much!!) I'd use campiagn monitor - its just too awesome....

OR... WTH aren't you breaking out of php to html out and using css properly to control your presentational layer????????

my bad misreading what your after... don't rely on $_SERVER['HTTP_REFERER']; being set though!!!!! and are you sure you asked the right question?