wildteen88

As you have changed your code the highlighted lines below are not needed However your code can be much more cleaner still. EDIT Clean code <?php session_start(); include 'config.php'; if(isset($_GET['login']) && $_GET['login'] == "login") { if(!isset($_POST['username_post'], $_POST['password_post'])) { echo "<b>Error: Username and password required for login</b>"; exit; } $user = mysql_real_escape_string($_POST["username_post"]); // the password will not need to be `escaped` as md5 only returns a 32bit encrypted alphanumeric string (lettters and digits). $pass = md5($_POST["password_post"]); $sql = mysql_query("SELECT * FROM `clients` WHERE ID='$user' AND password='$pass' LIMIT 1"); if(mysql_num_rows($sql) == 1) { $result = mysql_fetch_assoc($sql); $ID = $result["ID"]; $_SESSION['session_username'] = $ID; $_SESSION['session_level'] = $result['level']; $_SESSION['session_ip'] = $_SERVER['REMOTE_ADDR']; echo "<meta http-equiv=\"refresh\" content=\"0;url=clients.php?action=edit$ID\">"; exit; } else { echo "<b><u>Error: The Username/Password Incorrect<br></u></b>"; } } ?>

NameVirtualHost *:80 should only have to be used once /etc/apache2/apache.conf For understanding Apaches file structure under Ubuntu I found the articles from http://articles.slicehost.com/ubuntu-intrepid very helpful.

The link you posted doesn't work. Post your configuration for mysitedotcom here. For your domain to work you'll need to setup DNS entries so it points to your computers IP Address.

mysql is case-sensitive root is not the same as Root. You can reset the root user password by reading this guide

No you don't have to use strip_slashes after the use of mysql_real_escape_string. However before running mysql_real_escape_string you should first run strip_slashes encase magic quotes is enabled. Forexample function makeSafe($data) { // undo magic_quotes if(get_magic_quotes_gpc()) $data = strip_slashes($data); return mysql_real_escape_string($data); } // example usage $myName = makeSafe($_POST['my_name_field']);

MySQL by default sets up a user with all privileges. This user is root with no password set. Try connecting to mysql with this user.

Oops! Yea sorry about that. Shouldn't be typing and watching TV at the same time. I'll correct my post.

Does $grade_level contain just a number eg, 10 If so you can do if($grade_level >= 9 && $grade_level <= 12) { // grade level is 9 to 12 } elseif($grade_level >= 6 && $grade_level <= { // grade level is 6 to 8 } elseif($grade_level >= 1 && $grade_level <= 5) { // grade level is 1 to 5 } else { // grade level is unknown. }

lines that start with a seimi-colon ( ; ) are ignored. However the extension_dir should be configured on/near line 542 To enable mysql support, remove the semi-colon from the following two lines: ;extension=php_mysql.dll ;extension=php_mysqli.dll Save the php.ini and restart Apache.

rename the file named php.ini-recommended to just php.ini (forgot to mention this earlier). This is the file you use to configure PHP. Whenever you make any changes to this file make sure you restart Apache

php_mysqli.dll should be located within the ext/ folder. Before enabling PHP extensions you should first add PHP to the PATH Environment Variable. You should also set the extension_dir directive within the php.ini to the full path to PHP's extension folder.

You'll need to add those lines manually to Apaches configuration file. The following lines can be added anywhere: NOTE: Change the path highlighted above to where PHP is installed to. Save the httpd.conf and restart Apache.

You should try to avoid short tags altogether. It is always best to use the full PHP tags (<?php ?>) as short tags can be disabled. This way you you know your PHP scripts will run on any PHP enabled server. You should also try to avoid going in and out of PHP. This just slows the processing of the script down. Also I prefer to use mysql_fetch_assoc when retrieving data from a mysql query over mysql_result. <?php include 'db.php'; $result = mysql_query("select * from news ORDER BY id DESC LIMIT 4"); // check to see if any results where returned from the query if(mysql_num_rows($result) > 0) { // loop through the results while($row = mysql_fetch_assoc($result)) { $date = $row['date']; $headline = $row['headline']; $sum = $row['sum']; $id = $row['id']; echo <<<HTML <p align="justify"> $date : Notam : $headline<br> $sum<br> <a href="news.php?id=$id" style="text-decoration: none; border-bottom: 1px dotted; color: #006699;">Read More</a> </p> HTML; } } // no results returned from the query. else { echo '<p>No news available at this time</p>'; } ?>

You must be doing something wrong. PHP does not display errors for no reason. You should always enable display_errors and ensure error_reporting is set to E_ALL whilst developing/testing your PHP scripts. The errors you have posted are easily fixed though.

Can you post common.php and movies.php too

No, I was just confirming whether /var/www/html/w/htdocs/online/admin/conn.inc Is the correct full path to the file you're trying to include? If so your relative path should work. However you could use include_once($_SERBER['DOCUMENT_ROOT']."/admin/conn.inc"); Also note, using .inc is insecure as your PHP code will displayed as plain text. You should use the following name convention instead filename.inc.php this will prevent your source code from being displayed and improve security. Remove // Flush memory imagedestroy($image_data); imagedestroy($new); }

As for the second error, change / Finally, output.. if($this->find_extension($image) == 'jpg') $image_data = imagejpeg($new); if($this->find_extension($image) == 'gif') $image_data = imagegif ($new); if($this->find_extension($image) == 'png') $image_data = imagepng ($new); to: $data = pathinfo($image); switch(strtolower($data['extension'])) { case 'gif': $image_data = imagegif($new); break; case 'png': $image_data = imagepng($new); break; case 'jpg': default: $image_data = imagejpeg($new); break; } if(isset($image_data)) { imagedestroy($image_data); imagedestroy($new); } else { die('Error processing thumbnail'); } For you first error. PHP will convert the following path ../admin/conn.inc to /var/www/html/w/htdocs/online/admin/conn.inc is this the correct path?

If you want to have suggestions for how improve your site post a new topic in the Website Critique forum.

This is normally caused due to you not telling the web browser which charset to use for displaying fonts. To tell the browser which charset to use you can use the <meta> tag in your HTML eg <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> Your should also ensure you're using a valid DOCTYPE too.

Sorry I updated my post while you posted,

URL's cannot contain spaces. You'll need to convert your spaces to dashes - or underscores _ For you're urls I would suggest you try to simplity them a bit, eg ready-teddy-go rather than Ready, teddy, go ... into space!! The aim of tidy urls is to keep them short and simple. I only allow the following chars A-Z (upper or lowercase) 0-9 and only the following symbols -_ making your rewrite rule RewriteRule ^([A-Z0-9_-]+)/([A-Z0-9_-]+)/$ test.php?c=$1&title=$2 [NC,L] NOTE: NC stands for case-insensitive.

You need to place \! within your character set (square brackets) [_\+A-Za-z0-9\!]+

to add symbols such as ! or $ you'll need to escape them, eg \!\$ if you're want to match all characters you can just use (.*) RewriteRule ^(.*)?$ index.php?c=$1

Use return instead of echo in your get-title() method.

Looks like you site is using some form of PHP template script (earlier identified as ITX which is a PHP Pear package). PHP code is not being parsed within your .tpl files, tags such as {content}, {Movies} etc is not anything to do with PHP. I think we need to first understand how your site is setup before we suggest anything, as currently we're going round in circles. Can you post the contents of index.php here.