JonnoTheDev

I thought that was a happy meal in America LOL

No, test it out. Again, you cannot store user credentials in a file that can be accessed by the whole world. If that file were to be read I wouldn't want to be in your shoes.

So your FTP access is limited to your document root? Store the text files within a subfolder and protect with .htaccess

Yes, but not within the document root of the website i.e not accessible via a url

Nothing to do with how you are storing passwords but where you are storing them. i.e I could visit your url http://yourdomain.com/pass.txt and I have a list of all user login credentials. Store the files outside of the document root i.e //the list of files containing passwords $files = array("/usr/etc/passwords/pass.txt", "/usr/etc/passwords/test/pass2.txt", "/usr/etc/passwords/admin/pass3.txt" );

The referring page is stored in $_SERVER['HTTP_REFERER'] header("Location:".$_SERVER['HTTP_REFERER']); exit(); $HTTP_SERVER_VARS is depreciated

My god. The fact that you are storing passwords in a text file that is accessible from the website document root is ridiculous!

use a header // run mysql query $result = mysql_query("blah...."); // redirect user header("Location:page1.php"); exit();

If you cannot restore the files from a backup or re-upload the original files from the script that you have modified then I suggest you ask a freelance coder to solve.

Heres an error (line 23) <? if(empty($_SESSION[userid])) /* { ?><font color="#9999ff">|</font><a href="user_reg.php"> <register></register></a> <? } */ Comment the lot out! Also that code is an awful mess. And when posting code please use the code tags. Indent opening an closing braces so you can see where they start and end. i.e. <?php if($x == true) { // indent code to make readable print "hello"; }

This is not enough code. You need to paste the entire prev0~.php

Without regex <?php $string = "aaaaaaaaaa: bbbbbbbbbb (ccccccccc) ddddddddddddddddddddd eeeeeeeeeeeeeeeeeeeee"; $string = substr($string,0,strpos($string,")")); print substr($string, strpos($string,"(")+1, strlen($string)); ?>

In the simplest fashion <td><a href="view-file.php?file=1.txt">View Log</a></td> <td><a href="view-file.php?file=2.txt">View Log</a></td> <?php // view-file.php $fileContents = file_get_contents($_GET['file']); print $fileContents; ?>

You can finish off: <?php foreach($tele as $key => $value) { echo $key." - Phone: ".$value." - ID: ".$id[$key]." - intref: ".(($id[$key] == $intref[$key]) ? "<strong>".$intref[$key]."</strong>" : $intref[$key])." - dataref: ".$dataref[$key]." - sysref: ".$sysref[$key]."<br>"; } ?>

kickstart, $CountOfRows will always be 1! SELECT COUNT() A count is a count, not a recordset.

The .htaccess should be placed in the document root for the website. Your apache configuration should allow .htaccess override. i.e. AccessFileName .htaccess <Directory "/var/www/html"> AllowOverride All </Directory>

As you are using a COUNT statement in your query your result will only contain 1 row so you are not to use mysql_num_rows() in this case. You are selecting the number of records, not the actual rows so you can display the result as follows: <?php $result = mysql_query("SELECT COUNT(*) as num FROM gpu WHERE signoff_status = '".$so."' AND `service` = '".$service."'"); $row = mysql_fetch_assoc($result); print "There are ".$row['num']." results"; ?>

redirectMatch is for pattern matching (regex). It is not what you need. Use the above post. See the apache docs for examples of redirectMatch http://httpd.apache.org/docs/1.3/mod/mod_alias.html

$sel_subject is undefined. i.e It has no value, it has not been set. Consider the following print foobar($x); $x = true; print foobar($x); The first example will throw the notice that $x is undefined. I am using an undefined variable in a function call. As it is only a notice it is not a fatal error, however your function: navigation($sel_subject, $sel_page); may produce unexpected results. You can turn notice errors of by changing the level of error reporting: ini_set('error_reporting', E_ALL & ~E_NOTICE);

redirect 301 /hamza.html http://localhost/phpinfo.php

This is not an array it is a string. You should get rid of the allpics=members from this file. I do not understand why it is used in the first path? Create an array from the comma separator. You can then view the array, convert it back to a string. I have placed the file in a variable. Use file_get_contents() to read the file. <?php $textfile = "allpics=members/1/images/13.jpg,members/1/images/14.jpg,members/1/images/15.jpg"; $textfile = str_replace("allpics=","",$textfile); $filepaths = explode(",",$textfile); print "There are ".count($filepaths)." files"; print "<pre>"; print_r($filepaths); print "</pre>"; ?>

The php configuration will send the session id through the url if a cookie is not set or the option to use cookies is disabled. Look for: session.use_only_cookies = 1 session.name = PHPSESSID

I would say that it is more what you can or have achieved than what you currently know. New libraries, frameworks, technologies are introduced daily. A good developer can read dev docs and be able to use a new technology, api fairly quickly.

If you are searching through text fields I would highly recommend using a full text search engine such as Sphinx or Lucene rather than querying the database. http://sphinxsearch.com/docs/manual-0.9.9.html http://www.lucenetutorial.com/

<?php $word = 'James Bond'; $word = substr($word,0,strpos($word," ")+2); print $word; ?>