mlin

$_SERVER['PHP_SELF'] will give you the current file plus any get vars in the uri to get the full uri, you would use: $_SERVER['REQUEST_URI'] I'd also recommend the function parse_url() to break it down into pieces for you.

my bad. the hp need > signs like the other values...ie. $players = array( 1 => array('name' => 'buddhasmak', 'hp' => 1200), 2 => array('name' => 'bobafrost', 'hp' => 1324), 3 => array('name' => 'tool', 'hp' => 0) ); see the difference right? Sorry again, that was my bad. Let us know how it goes.

$doc_root = getcwd(); That will return the full path to your working directory. So running... /var/www/dev/includes/whatever.php $doc_root == '/var/www/dev/includes/' but if say your were running... /var/www/dev/index.php $doc_root == '/var/www/dev/' now you should define doc_root as a constant define('DOC_ROOT', $doc_root); then including files would be something like: include DOC_ROOT . 'includes/whatever.php'; hope that helps

tomfmason, Google may use a flash applet to connect to the server, but if you believe state is gained without using the user's browser at all, your wrong. Launch firebug and watch gmail request for new data at given intervals. Then, don't interact with that page for a while and watch the request's slow down. They're using a stateless protocol just like the rest of us and have to ask if new data is available. most of my sitiuations like this, I'd only as for new data from the once every 4-5 seconds, so where you get 1000's of requests per second...I have no idea.

that's the most effiecient solution I can think of. Not sure if it would work, but you might wanna try: inputelement.setAttribute('name', elem+'[]'); hopefully that does the trick for you

Yes they do, and the yahoo mail beta heavily uses ajax as well. Lots of applications have to do things like this like ajax chat, dynamic server side tickers, etc. If you take the things your asking about into consideration, your going to be fine. I like setTimeout since it's easier to degrade the timing. Keep a count of all the times setTimeout is called so that you can know how long it's been since the user has been idle on a single page. If it's been over a certain time, you can assume that their Probably idle, so you reduce your ajax procedure interval to occur a bit less often, then after the next 10 or so calls, reduce a bit more, then finally after 10 more simply don't call setTimeout again so you can save your bandwidth that the user is unknowingly wasting by walking away from their machine. Make sense? Firebug extension for firefox is awesome for debugging your ajax in case you haven't heard of it yet.

I believe you that it somehow works in your application, but he's right about the syntax. If the key is anything other than a numerical index, the key String should be quoted as such. To echo in quotes without concatenating, or saving the session var into a simpler var like $user = $_SESSION['user'], then echoing, you can use this syntax (I forget the name): echo "{$_SESSION['user']}"; works for all arrays such as: echo "favorite browser is {$browsers['favorite']}, while the worst is {$browsers['worst']}";

show us what your array looks like and we'll show you how to loop through it. most of the it's something like this: $players = array( 1 => array('name' => 'buddhasmak', 'hp' = 1200), 2 => array('name' => 'bobafrost', 'hp' = 1324), 3 => array('name' => 'tool', 'hp' = 0) ); //count players $cnt = count($players); //the loop for ($i = 0; $i < $cnt; $i++) { $player = $players[$i]; $hp = $player['hp']; if ($hp <= 0) show_skull(); $name = $player['name']; } Does that help?

good call Darkwater...that way you can at least see if their are escaping issues there. You'll make your life a lot easier using an ide and watching the values of your variables change step by step. Don't know if there's anything gpl'd out there yet with decent debugging facilities, but zend studio (eclipse or otherwise) has fantastic debugging support for php. please post if anyone knows any open source tools that will do something similar.

I really don't think I'm following your question so I'm sorry for the simple answer that your probably not looking for. $val = $arr['title0']; //$val == 'Iron Man' $val = $arr['year1']; //$val == 2008 From what I'm looking at...people are entering more than one year, country, actor, etc... Why not separate them all into their own arrays? form could look something like: Title 1: <input type='text' name='title[]' /> Title 2: <input type='text' name='title[]' /> Actor 1: <input type='text' name='actor[]' /> Actor 2: <input type='text' name='actor[]' /> etc... then on the server side you could loop through each separate array like this: //loop through actors if (isset($_POST['actor'])) { //count actors $cnt = count($_POST['actors']); for ($i = 0; $i < $cnt; $i++) { $actors[] = mysql_real_escape_string(htmlentities(strip_tags($_POST['actor'][$i]))); } } //loop through other arrays accordingly, then construct your query Hope that helps

Could be issues with input None of your variables are being escaped. $address_1=$_POST['address_1']; should look like: (at least) $address_1 = mysql_real_escape_string($_POST['address_1']); you should also think about getting rid of unwanted html or evil js using something like a combo of strip_tags and htmlentities...ie $address_1 = mysql_real_escape_string(htmlentities(strip_tags($_POST['address_1']))); unless you actually want to allow users to post html, then you still have to look into some sort of filter, such as kses (kses kills evil scripts...ask google) Also, when your expecting numbers only from certain input such as hidden id fields, you can validate them easily by typecasting: $id = (int)$_POST['id']; that will change any sort of input to a number. 12 will remain 12. the string '12andabunchofcrap' will end up 12, but 'bunchofcrap12' will end up 0 I do something like: $id = (int)$_POST['id']; if ($id > 1) { //data's good, save it } else { //user's doing something weird, tell em to go sit on their thumb and log what you can }

I'm wondering if anyone knows of the best anti-spam solution for things like blogs or contact pages. Yahoo, and google think that akismet seems to be the best solution but I need something a bit more flexible than just a wordpress plugin. I'd like to be able to receive a post and simply submit that string to akismet for the thumbs up/down, without needing wordpress or some other 3rd party app. If I go through the trouble of getting an api key for wordpress can I somehow use this on my own stuff, or can I use the api key for another wordpress blog that I already have on another domain with a custom blog solution? Otherwise does anyone know of a simple solution that will respond with a simple true or false and we can decide whether we'd like to trust the service, or create our own spam table to store the garbage to make sure we're not completely deleting valid contact forms or blog comments. Thanks

$insert = "INSERT INTO release(name) VALUES('{$gnames[1][$i]}')";

windows uses a carriage return and a line break fwrite($ourFileHandle, $name."\r\n");

all of the queries directly using the $_POST array should be sanitized or someone could cause some big problems.

if $_POST['uname'] is not empty, but any of your other required fields are empty your trying to concantenate a string to a string that doesn't exist. It may work, but it's at least throwing a warning everytime. You could save your error log by setting $error = ''; before all of you if empty conditionals. I really don't think you ought to truncate email addresses or passwords. If a user enters a 30 char password (paranoid) and you truncate the last 5 chars without letting them know, their hash will never match. Also, MySQL will truncate for you. If you send a 30 char value to a varchar(12) field, it will save the 1st 12 chars. It looks good, I'm sure it's running just fine

if (!isset($_SESSION['valid'])) { session_regenerate_id(true); $_SESSION['valid'] = true; }

$_SERVER['PHP_SELF']

or you could typecast like this: $id = (int)$_GET['id'];

header(); needs to be sent to the browser before any other output. I'm not sure it would help anything, but it's worth a shot. also, just a quick thing. the action attribute in your form tag could be empty and produce the same results. action will default to the current file so you really don't have to open php and echo PHP_SELF

backendform.php must be sending something to the browser. try putting require_once('Connections/backendform.php'); below setcookie()

ooo...good call I wasn't thinking

Any way you look at it, your gonna have to use a little javascript. you could replace the submit btn with your message, or you could post to an intermediate page with the message, but since you'll have to display something, you can't use the location header, so you have to redirect with js

If your still getting that error, something is being sent to the browser. Could you post more code?

your missing imagejpeg() also, your dimensions will get mangled if their always set to 300. What if the uploaded image doesn't have the same width and height? here's a function: [code] function resizeImage ($dir, $filename, $maxWidth, $maxHeight, $prefix) { $size = getimagesize($dir . $filename); $width = $size[0]; $height = $size[1]; if ($width > $maxWidth || $height > $maxHeight) { if ($width > $height) { $newWidth = $maxWidth; $newHeight = $height * ($maxWidth / $width); } elseif ($height > $width) { $newHeight = $maxHeight; $newWidth = $width * ($maxHeight / $height); } else { $newHeight = $maxHeight; $newWidth = $maxWidth; } } if (isset($newHeight) && isset($newWidth)) { $img = imagecreatefromjpeg($dir . $filename); $tmp = imagecreatetruecolor($newWidth, $newHeight); imagecopyresampled($tmp, $img, 0, 0, 0, 0, $newWidth, $newHeight, $width, $height); if (!empty($prefix)) $dir .= "thumbs/"; imagejpeg($tmp, $dir . $prefix . $filename); } } [/code[/code]