Ch0cu3r

The code will be same PHP code you're using for manually uploading the files.

Is the pin code the same as the users password? $query=mysql_query("SELECT * FROM pin_code WHERE pin='$password'"); The above query will select records where the pin matches $password

This is not enough to check if the form has been submitted if(isset($_POST)){ $_POST always exists on page load. You need to check if an element from _POST exists before running your form validation. The most common way is to give your submit button a name <input type="submit" name="submit" value="Register"/> And checking to see if it exists in the _POST. if(isset($_POST['submit'])){ Now you form validation should only run when the form has been submitted Also make sure you are sanitizing your user input before using it within database queries. $res = $mysqli->query("SELECT * FROM `users` WHERE `UserName` = '$username'"); Pass $username to mysqli_real_escape_string so it is safe to use within your SQL queries. Or better yet use prepared queries.

$phoneDevices is an associative array which contains phone manufactures as the array index (key) and corresponding models as regex patterns (value). Your current code most probably detects the manufacturer. Uses it as the key and performs a regex match on the phone models listed. For your code to match other models, you just need to add it to the list, separate each model with a pipe character |. If there two models named similarly, like GT-5830 and GT-5830i then add i? after the model name in the list.

You cannot all header() after you have sent any output to the browser. You should rearrange your code so you process the login before your output anything to the browser <?php include 'core/init.php'; if (empty($_POST) === false) { $username = $_POST['username']; $password = $_POST['password']; if (empty($username) === true || empty($password) === true) { $errors[] = '<div class="alert alert-info"> You need to enter a username and password </div>'; } else if (user_exists($username) === false) { $errors[] = '<div class="alert alert-danger">We can\'t find that username. Have you registered?</div>'; } else if (user_active($username) === false) { $errors[] = '<div class="alert alert-warning">You haven\'t activated your account!</div>'; } else { $login = login($username, $password); if ($login === false) { $errors[] = '<div class="alert alert-info"> That username/password combination is incorrect. </div>'; } else { $_SESSION['user_id'] = $login; header('Location: index.php'); exit(); } } } ?> <!DOCTYPE html> <html lang="en"> <?php include 'includes/head.php';?> <body> <?php include 'includes/header.php'; ?> <div class="container"> <h2>Login</h2> <hr> <?php print_r($errors); ?> <form action="login.php" method="post" class="form-horizontal" role="form"> <div class="form-group"> <label for="username" class="col-lg-1 control-label">Username:</label> <div class="col-lg-10"> <input name="username" type="username" class="form-control" id="username" placeholder="Username"> </div> </div> <div class="form-group"> <label for="Password" class="col-lg-1 control-label">Password:</label> <div class="col-lg-10"> <input name="password" type="password" class="form-control" id="password" placeholder="Password"> </div> </div> <div class="form-group"> <div class="col-lg-offset-1 col-lg-10"> <div class="checkbox"> <label> <input type="checkbox"> Remember me </label> </div> </div> </div> <div class="form-group"> <div class="col-lg-offset-1 col-lg-10"> <button type="submit" class="btn btn-default">Login</button> </div> <br> <div class="col-lg-offset-1 col-lg-10"> <a href="register.php">Register</a> </div> </div> </form> <div class="container"> <hr> <footer> <div class="row"> <div class="col-lg-12"> <p>Copyright © Company 2013</p> </div> </div> </footer> </div><!-- /.container --> <!-- Bootstrap core JavaScript --> <!-- Placed at the end of the document so the pages load faster --> <script src="js/jquery.js"></script> <script src="js/bootstrap.js"></script> <script src="js/modern-business.js"></script> </body> </html>

You dont modify the document_root. What you can do is define a constant that points to your projects root directory, for example define('ROOT', $_SERVER['DOCUMENT_ROOT'] . '/project/site/'); Then when you need to include a file you'd prefix the file path with ROOT include ROOT. 'filename.php'; Include will then include filename.php from <document_root>/project/site/ Or another method is to dynamically modify the include_path set_include_path(get_include_path() . PATH_SEPARATOR . $_SERVER['DOCUMENT_ROOT'] . '/project/site/');

Your problem is not with PHP. You must of changed something in the html/css/js for this to happen. I cannot reproduce this problem. Works fine in latest version of Chrome and IE on Win7 for me. I found the ordinal source code for this sliding panel is here http://tutorialzine.com/2009/10/cool-login-system-php-jquery/

Yes, if your host has imagemagic and TesseractOCR. You will have to ask your host to see if they have these php libraries/extensions available for your hosting package to use. If they don't, and your project really requires these libraries/extensions then you'll have to upgrade your hosting package to something where you can install your own PHP libraries/extensions yourself. Again you'll have to ask your host what hosting packages they provide for this and what support they provide.

I ran your code, but I don't get any distortion with the sliding menu. What code have you changed?

look at my edited post above

Update queries don't add new entries to the database. Your update query only modifies records where the tour_id matches the value of $id EDIT Also with update queries you need to check to see if the query modified any records with mysql_affected_rows, not by checking what mysql_query returns. Change return mysql_query( $sql ) or die( mysql_error() ); } //isset( $tour_name ) && isset( $day ) && isset( $nights ) && isset( $twin_triple_sharing ) && isset( $overview ) && isset( $itinerary ) && isset( $inclusions ) && isset( $exclusions ) && isset( $single_occcupancy ) && isset( $child_with_no_bed ) && isset( $inf_below ) && isset( $keywords ) && isset( $title ) && isset( $description ) && isset( $categories ) else { return false; } to $result = mysql_query( $sql ) or die( mysql_error() ); if($result && mysql_affected_rows($result) != 0) { return true; } } return false;

Even if someone gains direct access to the PHP files nothing should happen. The PHP source code is not viewable from the browser (right click > view source), only the output. You could prevent direct access to the files if the request is not from ajax. if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest') { die('Access Denied'); // not an ajax request kill it } // code to complete ajax request

What errors are you getting? Looking at the PHP code it should be updating the database with something.

You could set session variable, $_SESSION['can_access'] to true in index.php $_SESSION['can_access'] = true; Then in secound.php check if this session variable exists at the top of the page <?php session_start(); // kill the page if the access variable doesn't exists // or if the access variable does exist but is not set to true if(!isset($_SESSION['can_access']) || (isset($_SESSION['can_access']) && $_SESSION['can_access'] !== true)) { die('You cannot directly access this page!'); // kill the page display error } // rest of page code

Change $visited = TRUE; echo "Not your first visit."; to header('Location: http://site.com/new-location-here'); exit;

Sorry about that. Look at my code again. I did edit it to fix that (I removed the else)

The error occurred message is coming from this line { die("error occured:". mysql_error());} This line is executed because mysql_query() returned false. When this happens it usually indicates there is an error with the query/mysql. The mysql_error() should display the actual error from MySQL. So is that the full complete error message you are getting? In order for use diagnose the problem you need to post the full complete error(s).

Yes the join query will return the same category each time, but the sub category should be different? To get the result you want you'll want loop through the results and store the categories in an array // store categories in array $categories = array(); while($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $category_id = $row['idCat']; // create category if(!isset($categories[ $category_id ])) { $categories[ $category_id ] = array( 'title' => $row['Category'], 'sub_categories' => array() // store sub categories as an array ); } // add sub categories $categories[ $category_id ]['sub_categories'][] = array( 'id' => $row['idSub'], 'title' => $row['subCategory'] ); } To output the category list // output category list echo "<ul>\n"; foreach($categories as $cat_id => $category) { echo "\t<li><a href=\"#\">" . $category['title'] . "</a>\n"; if(is_array($category['sub_categories'])) { echo "\t<ul>\n"; foreach ($category['sub_categories'] as $sub_id => $sub_category) { echo "\t\t<li><a href=\"#\">" . $sub_category['title'] . "</a></li>\n"; } echo "\n\t</ul>\n</li>\n"; } } echo '</ul>';

Your if statement for checking if the file size is wrong if($_FILES['myfile']['size'] > $max_size); // semi-colon should not be there } // this should be a { echo "File is too big."; exit; } To check for valid file extensions put all valid file extensions in array, not a string $allowed_ext = array('pdf', 'doc', 'dotx'); Then use in_array to check if the uploaded files extensions exists in the $allowed_ext array $extension = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION); if(in_array($extension, $allowed_ext)) { // uploaded file has valid file extension }Fixed php code $uploaddir = "uploads/"; $allowed_ext = array('pdf', 'doc', 'dotx'); $max_size = "20000"; $extension = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION); // get the file extension // check if extension is in the allowed extensions array if(in_array($extension, $allowed_ext)) { // uploaded file has valid file extension // check file size if($_FILES['myfile']['size'] > $max_size) { echo "File is too big."; } // file size ok else { // move uploaded to storage location if (move_upload_file($_FILES['myfile']['tmp_name'],$uploaddir.'/'.$_FILES['file']['name']) { echo "Your file has been uploaded successfully."; } else { echo "Sorry, something went wrong"; } } } // file extension not allowed else { echo "Invalid file type"; }

What is the error message? Also when you post code in the forum place paste it within tags

Yes. When you name a fields like foo[bar].The the $_POST becomes a multidimensional array. You can see how the $_POST is formatted using printf('<pre>%s</pre>', print_r($_POST, true));

Maybe something somewhere else is converting the > to > I think this maybe the setAttribute that is causing it. > is the html entity value of >

$_POST['s2member_pro_paypal_registration'] should be $_POST['s2member_pro_paypal_registration']['email']

What is code you're using to save the contents to the text file? When you're saving to the text file you are most probaly not including the newlines. The code for reading the text file could be simplified as $textfile = "/home/xxxxx/public_html/inventory/xxxxx.txt"; function explode_assoc($filename) { $data = file($filename, FILE_IGNORE_NEW_LINES); $array = array(); foreach($data as $line) { list($key, $value) = explode(" ", $line); $array[$key] = $value; } return $array; } //usage: $inventoryarray = explode_assoc($textfile); To write the inventory array to the text file function write_inventory($filename, $data_array) { $data = ''; foreach($data_array as $key => $value) { $data .= "$key $value\n"; } file_put_contents($filename, $data); } write_inventory($textfile, $inventoryarray);

Yes this is possible. I doubt there is a simple drop in script for this. You are better of coding this yourself. A simple way to set this up is in your users table you'll have to have two fields, activated and activate_code. When the user signs up set the activated column to 0 and the activate_code column to store the random generated code. You'd then email the person the random generated code. In the email provide the activate link like http://yoursite.com/activate.php?code=$random_active_code&user_id=$users_id When the user try to login you'll want to check if that the profile is activated. Example login code if($result = mysql_query("SELECT user_id, activated, ..other columms... WHERE username='$username' AND password='$password'")) { $row = mysql_fetch_assoc($result); if($row['activated'] == 1) { // user is actiavted and can login } else { // user is NOT actiavted. Tell them to activate account or resend the activation code } } Now for the user to activate theire account they must goto the link provided in the email. Example code for actiavte.php would be <?php // connect to database here mysql_connect(db_host, db_user, db_pass); // select database mysql_select_db(db_name); // check that the required data exits // user id // and the activation code if(isset($_GET['code']) && isset($_GET['user_id'])) { $user_id = (int) $_GET['user_id']; // user id $code = mysql_real_escape_string($_GET['code']); // activation code // update the users table, setting the profile to active and removing the activation code $query = "UPDATE users_table SET activated = 1 && activate_code = NULL WHERE activate_code = '$code' && user_id='$user_id'"; if($result = mysql_query($query)) { if(mysql_affect_rows() == 1) { // display profile is now active message and user can login } else { // display error, the provided user_id or activate_code is invalid } } else { // Something wrong the query display an error message } }