JonnoTheDev

$values = Array("1",addslashes(nl2br($_POST['Message']))); It may be better to modify your dbAdminHandler class to auto escape any values rather than you using the above method.

When you say format im guessing that you mean checking the file type i.e. jpg, gif For this: // image.jpg would display jpg $fileType = substr($filename,strpos($filename, ".")+1); print $fileType; You may also want to check if the file exists if(file_exists($pathToFile)) { // ok file exists }

Try with a manual event handler such as a link click: onClick= If that works I am guessing the JS event is called prior to the server side php so wont work with onLoad. Never attempted this method.

Too much Javascript setting values

Not sure what you mean compare. If you paragraph is contained in the variable $string then run it through the preg match function as per the code example. Working code: $string = "askdhasdkf[sld[askfsdjflasjdajjdljkd;askd;ad[addjljdlaldajdjad \"jshdkjshdsd@gmail.com\" sajdkasjdlsjd dsakdhal sjdlasjdksajdjsapj kdpsoakdpoa skdklasdsa daddasd dadsadj asjdoijdo; iqwueiqe pqjlnd sandsahdsj dghkjshd kadsadsakhdkjsahdkjd."; if(preg_match('/\\b([a-zA-Z0-9._%-]+@(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,4})\\b/', $string, $matches)) { print "I have found the email address: ".$matches[0]; }

$body .= $_SESSION['sessionName'].$newline;

// $string is your sentence containing an email address preg_match('/\\b([a-zA-Z0-9._%-]+@(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,4})\\b/', $string, $matches); print_r($matches);

If the form method is POST: $p_id = $_POST['proj_id_edit']; If the form method is GET: $p_id = $_GET['proj_id_edit'];

Searching large text fields in a big database may take up huge resources and have come across this many times. In MYSQL you can create a fulltext index. I would prefer to remove the search from the databases entirely and use something like Lucene. You can update your lucene search indexes when new records get added into whatever database. http://lucene.apache.org/java/docs/ I think that the Zend framework also supports this

I would validate you URL parameters before touching your database. look what happens here: http://www.footieclassics.com/catalogue/index.php?club=hjghghg#

You could do it with XML but the sole idea of using XML is that it is non platform specific so a site written in java or asp or any language could parse the XML and display the results identical on each. If all your sites are php based then you could grant access direct to the database from each IP that your site is hosted on (setup good username and passwords) and make the queries direct. Essentially if you were to make an XML request it would be created by pulling data from your database anyway so using XML may just create extra work.

Your database could end up massive! I would never use this approach. Use a template system.

Read a bit about database normalization. Some hints for you: 1. If a user only has one profile then this should be contained in the user table. 1 to 1 joins are not best practice. 2. If there will be only 2 types of users for the lifetime of the app then this can be an ENUM field in the users table. If more will be added then a userTypes table is best with the typeId a foreign key in the users table. 3. If users are allocated to events then you will need a join table such as usersToEvents where the userId and the eventId are foreign keys to events and users. 4. If users can add many videos, music and pictures then these should be tables using a userId as a foreign key

Use a javascript event on a link: <a href="javascript:window.print()">Print out this page</a>

You have more to the class than posted so cant actually see what it is doing. However it seems that the data is held in a array parameter $this->inputs so i'm not sure where you are getting confused. Would you not add your conditional clases before the string replace so: if($valueContainingTertId == 5 || $valueContainingTertId == 7) { $translated = str_replace("[iMAGEPATH]", $this->inputs['arrayKeyOfImagePathReplacement'], $translated); }

That will not make any difference the ON clause is used for certain types of joins suck as LEFT, RIGHT, INNER etc. What will slow the query down is if there is no index on lets say forum_id

Set $server and $portNum to your values if(!$handle = @fsockopen($server, $portNum, $errorNo, $errorString, 30)) { print "connection error"; exit(); } $response = fgets($handle, 4096); if(stristr($response, "+OK") === FALSE) { print "connection error"; exit(); } This is a very simple piece of code to start a connection off. Have you actually tested the connection using TELNET first?

Run your query using EXPLAIN to see what indexes are in use. You can then decide to optimize the query or add indexes to the tables for performance.

Rather than restricting image sizes why not just auto resize the image on upload. Image Magick can do this.

This is certainly the wrong approach to implement captcha. The form action should not be set after captcha validation. Your form fields should be validated along with the captcha input in the same instance so in psuedo code: // form submitted, validate fields // 1. user entered name? // 2. user entered email address? // 3. captcha valid? // 4. errors found // 4a. yes, display errors and reload form generating new captcha, restore user entered values into form fields // 4b. no, save form data and redirect user to success page

I would not use php's date functions to extract parts of the date from your db. Leave this out of the programming logic and let your SQL return this data like so: SELECT MONTH(dateField) AS month, DAYOFWEEK(dateField) etc..... What your require is query that will select a range of dates based on what year/month is showing on your calender. So lets say that the user is viewing August 2008 your SQL is going to return all dates in the selected month/year that have an entry in your reservations table so: FROM reservations WHERE MONTH(dateField) = 'selectedMonth' AND YEAR(dateField) = 'selectedYear' You would then build the results from the query into an array. When you are displaying the calender you will have a peice of code within the calender loop to check if the calender date is present in the array from the database query. If it is then the date is reserved and you can show this in the calender.

Look into IFrames

http://uk2.php.net/manual/en/function.eval.php eval — Evaluate a string as PHP code From your original post. Sorry not read the recent posts in depth, just you original caught my eye. I find eval() quite useful when variables are stored in database records which I have used before. If it doesnt help just ignore.

Requires DOM scripting in Javascript. Look for some tutorials.

No. Store the values into an array and then implode as a string: $values = array(); // your while loop while($row = $result->fetch_assoc()) { $values[] = $row['mp3id']; } print implode(",", $values);