blacknight

it should but id make sire all post vars are cleaned and try it..

stripslashes(\"$desc\") why do you have " here anyway you dont need them....

this is the function i use to combine images function combineImage( $image,$filename,$x_loc,$y_loc ) { $info = getimagesize($filename); switch( $info['mime'] ) { case 'image/jpeg' : $im_temp = @imagecreatefromjpeg($filename); break; case 'image/png' : $im_temp = @imagecreatefrompng($filename); break; case 'image/gif' : $im_temp = @imagecreatefromgif($filename); break; default: debugMode( $line,'Unhandled image type: ' . $info['mime'] ); } // Get the image dimentions $im_temp_width = imageSX( $im_temp ); $im_temp_height = imageSY( $im_temp ); // Copy created image into main image @imagecopy( $image,$im_temp,$x_loc,$y_loc,0,0,$im_temp_width,$im_temp_height ); // Destroy the temp image if( isset($im_temp) ) { @imageDestroy( $im_temp ); } }

limiting there usernames is a good idea and not allowing char character that could be used as a sql or database query is allways a good thing

[a-zA-Z]{8,30} will work in preg match will alow any char a-z upper and lower min 8 max 30

try adding mysql_real_escape_string() around every car that is in the sql queries thsi shoudl saolve this issue best way is to use a function function escape( $string ) { if( version_compare( phpversion(), '4.3.0', '>' ) ) { return mysql_real_escape_string( $string ); } else { return mysql_escape_string( $string ); } } then its just escape($value) and its cleaned for sql

http://php.net/manual/en/function.imagecopy.php

rss feeds are usaly xml try an xml parser

try using $_POST insted of $HTTP_GET_VARS

preg_match('/[^a-zA-Z]{1,90}/i',$field) should allow 1-90 letters no spaces or numbers or other none letter chars

RewriteEngine On should turn it on for your site to test create a html file on your site called bob.html add RewriteRule ^bob\.html$ john.html after turning the engion on then go to yoursite.com/bob.html the address should change to yoursuite.com/john.html

this may help gen you addresses guessing you have given each symble a numerical value function generateUniqueRandoms($min, $max, $count) { if($count > $max) { // this prevents an infinite loop echo "ERROR: The array count is greater than the random number maximum.<br>\n"; echo "Therefore, it is impossible to build an array of unique random numbers.<br>\n"; break; } $numArray = array(); for($i = 0; $i < $count; $i++) { $numArray[$i] = mt_rand($min,$max); // set random number for($j = 0; $j < $count; $j++) // for each number, check for duplicates if($j != $i) // except for the one you are checking of course if($numArray[$i] == $numArray[$j]) { $numArray[$i] = mt_rand(1,39); // if duplicate, generate new random $j = 0; // go back through and check new number } } return $numArray; } then $x = generateUniqueRandoms(1, 39, 6); $r = implode('-',$x); $r would return ex 12-25-16-24-9-6 your 7th is allways your origin

i wouldent put your post script in the while loop place it at the top of your screen and make a hidden input for the emp_id value and then you press delete it will only post 1 value because once you submit then refresh the post is still set and will delete your table

what is it you are trying to do exactly maybe this is the wrong function

http://php.net/manual/en/function.strpos.php rtfm ftw?

$htmlx = str_replace('---replaceid---', nl2br($rows[0]), $html); $htmlx = str_replace('---replacetime---', nl2br($rows[1]), $htmlx); $htmlx = str_replace('---replacefrom---', nl2br($rows[2]), $htmlx); $htmlx = str_replace('---replacemail---', nl2br($rows[3]), $htmlx); $htmlx = str_replace('---replacehomepage---', nl2br($rows[4]), $htmlx); $htmlx = str_replace('---replacecomment---', nl2br($rows[5]), $htmlx); echo $htmlx; but why..... do it this way it would cause the page to load to slow.....

gotta watch the name of your var's $pass_conf = $_REQUEST['newpass']; $email = $_REQUEST['passconf']; should be $pass_new = $_REQUEST['newpass']; $pass_conf = $_REQUEST['passconf']; or add in if (isset($pass_conf) && $pass_conf !='' && isset($pass_new) && $pass_new !='') { if ($pass_conf == $pass_new) { $newpass = md5($pass_conf) } else { echo 'your passwords no not match'; } } else { echo ' one or more of your passwords are blank'; } this is long code but it make sure the passwords are set lol

mysql_query("UPDATE users SET password='$newpass' WHERE username='$user'") insted of $user sjouldent it be $username?

try using move_uploaded_file insted of copy copy is when the file exists on the server allready ...

$query = "SELECT COUNT(id) FROM `teamrosters` WHERE TEAM = '$team' "; should be $query = "SELECT COUNT(id) as idcount FROM `teamrosters` WHERE TEAM = '$team' "; then you would use $row['idcount'] COUNT(id) just counts but assignes it no name then echo 'ROSTER COUNT: '. $row [$COUNT]; would be echo 'ROSTER COUNT: '. $row['idcount'];

us ither ... you are getting no sql or php errors? have you tryed not using stmt tryed making the changes in the database using myadmin and changing them back on the webpage? have you tryed putting error_reporting(E_ALL); ini_set("display_errors", 1); at the start of the page directly after the <?php ?

alot of code for only needing echo "<li class='{$liclass[(((++$index)%2)+1)]}'>{$item_name}</li>"; but position 0 in the array has to be blank like in my example or this wont work...

thats sorrect bruteforce attacks can still occure if you use a salt for hashing once you allways have to use the same salt every where that user logging in or the password will not match making useres use casps and numbers in passwords helps alot example bruting "apple" has 5 letters with 26 possabilitys for each letter 52 if upper case the more time it takes to crack a password the better but passwords can all ways be cracked or bruteforced http://www.usewisdom.com/computer/passwords.html explanes this well... most sites just use simple md5 no salt this is acceptiable but if you want more strength you can use salts...

i think this is what your trying to do ...... each menu item has a class asigned by its row "line striping" so each line is nto the same collor but it alternated between 2 classes if im correct this is what you need... $liclass = array('','ac_menu-item', 'menu-item-last'); $liclass[(((++$r)%2)+1)] this will return position1 and position 2 in the array by each row looped i hope this helps...

try putting every thing from openTable(); down befor your functions.... and there has to be some sort of mysql error .... if its not updating...