fastsol

Not sure if this is what you are after, but it should give you some insight on maybe how to go about it. http://tutorialzine.com/2011/03/better-check-boxes-jquery-css/

Simple, change this line echo to a variable $captchaError. Also you forgot to set the $hasError in the captcha check if() $captchaError = '<div id="recaptcha_error_box">The reCAPTCHA failed with this message: '.$response->error.'<br />Please try again.</div>'; $hasError = TRUE;

You don't have to unset them nor set them to nothing value. Just reassign their value directly when you need.

I fully admit that the video's method does nothing to validate it's actually an image, but is there any security risk in it's method. Allowing only a white list of extensions would surely be safe at the minimum, granted it doesn't mean a image will actually display if it's not truly a image but it shouldn't harm anything either.

http://www.youtube.com/playlist?list=PL10C2E583722F66E7

Do you have a unique ID for each row in the db? If so what is the column named? If not then you should put one in there to make this more fool proof. Let me know and I can likely help.

$('.x-combo-list-inner').change(function() { var item = $(this).text(); If that doesn't work, try this $('.x-combo-list-inner').change(function() { var item = $(this + " option:selected").text();

Take a look at these http://www.youtube.com/watch?v=CxY3FR9doHI&list=PLFA954987101252EF&index=35 http://www.youtube.com/watch?v=vFZfJZ_WNC4&list=PLFA954987101252EF&index=36

You need to move this line lower in the code to after where you define all the variables in it. Right now you have this at the top before any variables are defined giving this whole string no values. $sPath_Step3e = "http://career-updates.org/jobs-new/test-email.php?fname=$sFName&lname=$sLName&job=$sJobTitle&zip=$sZip&radius=$iRadius&num_days_back=$sDaysBack";

I have a tutorial on this http://amecms.com/article/Building-Chained-Select-Boxes-with-Jquery-and-PHP

If the info submitted is truly personal sensitive data like SSN or credit cards and such, then it would be best to keep it on the server and make them log in to view it. Otherwise the client will just have to deal with the possibility of someone sniffing out the emails.

You're missing a bunch of code to make this anything that someone would actually want to fill out. You don't even have anything that gathers the persons name, email, phone, etc. You don't have any clue who is even filling out the form and wants stuff. You're also wide open for XSS attacks, not that a beginner would be expected to know that kind of thing. Check out this tutorial series to get you started. http://www.youtube.com/playlist?list=PLF07A207A932D3997

$handle = @fopen("/tmp/".$item['Picture'], "r");

I didn't look through the code but here is a couple tutorial series that if you combine the concepts should get you what you are after. http://www.youtube.com/playlist?list=PLCE5448BCC44A1504 http://www.youtube.com/playlist?list=PL731FE4E4AFF8AD21

Are you trying to separate the list into different parts? You list table columns that are INT type which would only work for the score of the player, not the player name. INT will only store a number not string values. Even if you are wanting to separate the list you are missing a crucial column of something that would relate the list to a specific game or whatever you are saving this info for. So if separation is the the concept then this would be more correct columns. ID - AUTO_INCREMENT player_name - varchar(40) points - INT game_id - INT //This being a ID value form a table with a list of games, this way all the info inserted is related to a specific game and can be referenced later easier. If you wanted to do the original way I suggested then you would change the columns to something like this. ID - AUTO_INCREMENT game_info - TEXT game_id - INT

Looks like we missed a crucial part, forgot to actually set the session vars on login and put session_start() at the top, oops. <?php session_start(); ?> <html> <head> <title> Login Form </title> </head> <body> <div style="width: 200px; margin: 200px auto 0 auto;"> <form method='post' action='login.php'> <table width='400' border='5' align='center'> <tr> <td align='center' colspan='5'><h1>Member Login</h1></td> </tr> <tr> <td align='center'>Username:</td> <td><input type='text' name='username' /></td> </tr> <tr> <td align='center'>Password:</td> <td><input type='password' name='pass' /></td> </tr> <tr> <td colspan='5' align='center'><input type='submit' name='login' value='Log In' /></td> </tr> </table> </form> </body> </html> <?php mysql_connect("localhost","root",""); mysql_select_db("student_attendance"); if(isset($_POST['login'])){ require_once('function.php'); $username = $_POST['username']; $password = $_POST['pass']; $check_user = "select * from users where username='$username' AND pass='$password'"; $run = mysql_query($check_user); if(mysql_num_rows($run)>0){ $results = mysql_fetch_assoc($run); $_SESSION['type'] = $results['type']; checkUserType($results['type']); } else { echo "<script>alert('Username or password is incorrect!')</script>"; } } ?>

Well whatever page that the error is showing on is cause you haven't required the function.php previously in the code for that page, so the function is not defined.

You can just save it like that in the db and echo it back using the nl2br() which will redisplay it with the same line break formatting it was put in the db as.

Yes it's been thought of a million times and no it doesn't work.

You also don't need any of the doctype and head tag info in the email.

Based on what I know of the tutorial, this should be fine. Realistically all you are doing is defining a different include than the system usually uses, which is totally fine to do, it's common practice for such things. The one thing I would change in the code above is how you are checking the url string, the method you are using is open to xss attacks. I would switch it to this instead. if ($_SERVER['SCRIPT_NAME'] === '/produktion.php') I actually define a var at the beginning of my system that strips out the / and .php so I can simply check for the file name alone. It also allows me to add this defined var to an id attribute for the body tag of each page in case I need to make a css change specific to that page as a whole. define ("body_id", basename($_SERVER['SCRIPT_NAME'], ".php")); echo body_id; // This is just so you can see what it returns for the defined above. <head> </head> <body id="<?php echo body_id; ?>"> //Content here </body> Just some examples and methods that allow for greater usage.

header('Location: '.$page); // if your admin, student, etc. pages are in the root then you don't need to do any thing different than what I have shown. If they reside in another location then you need to change where the path goes to like folder/admin.php rather than admin.php exit(); // Add this line in the function, I forgot it earlier. Your login page is not right. <html> <head> <title> Login Form </title> </head> <body> <div style="width: 200px; margin: 200px auto 0 auto;"> <form method='post' action='login.php'> <table width='400' border='5' align='center'> <tr> <td align='center' colspan='5'><h1>Member Login</h1></td> </tr> <tr> <td align='center'>Username:</td> <td><input type='text' name='username' /></td> </tr> <tr> <td align='center'>Password:</td> <td><input type='password' name='pass' /></td> </tr> <tr> <td colspan='5' align='center'><input type='submit' name='login' value='Log In' /></td> </tr> </table> </form> </body> </html> <?php mysql_connect("localhost","root",""); mysql_select_db("student_attendance"); if(isset($_POST['login'])){ require_once('function.php'); $username = $_POST['username']; $password = $_POST['pass']; $check_user = "select * from users where username='$username' AND pass='$password'"; $run = mysql_query($check_user); if(mysql_num_rows($run)>0){ $results = mysql_fetch_assoc($run); checkUserType($results['type']); } else { echo "<script>alert('Username or password is incorrect!')</script>"; } } ?>

Well you didn't provide us with how you are doing your title tags now, so this is a bit of a guess on that for your situation. <!-- Header --> <?php if (isset($_REQUEST["id"])) { $query = "SELECT * FROM news WHERE news_id=".$_REQUEST["id"].""; $result = mysql_query($query); $row = mysql_fetch_array($result); ?> <!DOCTYPE HTML> <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" /> <title><?php echo htmlentities($row['news_title']); ?></title> <meta name="description" content="<?php echo htmlentities($row['news_description']); ?>"/> // You need to chang the news_description to something that your db actually holds to describe the news article. </head> </body> <div class="twelve columns"> <div class="row"><h3 class="n3"><?php echo $row["news_title"]; ?></h3> </div> </div> <div class="row"><!-- Row interior--> <div class="twelve columns"> <div class="panel"> <p id="data"><?php echo $row["news_date"]; ?>, <?php echo$row["hour"] ;?> GMT</p> <p><?php echo $row["news_post"]; ?></p> </body>

You're reassigning the vars and setting them to last name for both. Why even do that? Just echo them as you need them to display $a = <YOUR FIRST NAME>; $b = <YOUR LAST NAME>; echo 'Name (last, first)'.$b.','.$a;

If the first form doesn't submit anything then why do you have it as a different form than the second? Why not just put them in the same form and submit it all at once? Is the select boxes in the first form dynamic and gather info as you select down the list? Even if it does, you can put it all in the same form unless you're not telling us some critical part to why you are doing it this way.