wildteen88

You have more of a logic issue. The variables $votes will only be defined/incremented when your form for submitting a vote is submitted. If no form is submitted then the variable $vote will not be defined/incremented.

You can either store these files within a folder that is outside of your sites root folder. Or store them in a database.

<? ?> and <?= ?> are called short tags. These can only be used if the setting called short_open_tag is enabled. However it is not recommended to use these tags as not all PHP configurations have this setting enabled. You're better of of using the full PHP tag syntax <?php ?> and <?php echo ?>

From what you're saying I think you're using basic HTTP authentication for your password protected directories, you could try the $_SERVER['PHP_AUTH_USER'] variable to retrieve the username. Eg echo $_SERVER['PHP_AUTH_USER'];

Remove $result = in this code block if (isset($sql) && !empty($sql)) { $result = mysql_query($sql) or die ("Invalid querrry: " . mysql_error()); }$result = mysql_query($sql) or die ("Invalid querrry: " . mysql_error());

No not really. How are authenticating your users at the moment?

Remove the s on this line You miss typed your variable. Should be $result not $results

The script relies on a setting called register_globals. This setting has been disabled for a while now (about 8 years ago), but a lot of hosts kept this setting enabled to prevent legacy scripts from breaking. However recently hosts are now starting to disable this setting as they transition over to PHP5, which is most probably what your webhost has done. This is why your script no longer works properly I recommend you to recode your script or find someone that will do it for you.

In order to send emails with the mail function, PHP needs to be configured to use an SMTP server for sending the emails. If you cannot gain access to the php.ini for conifiguring PHP then you could give phpMailer a go.

Change those four lines to $result = dbquery("INSERT INTO ".$db_prefix."users (user_name, user_password, user_email, user_hide_email, user_location, user_birthdate, user_aim, user_icq, user_msn, user_yahoo, user_web, user_theme, user_offset, user_avatar, user_sig, user_posts, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status) VALUES('".$user_info['user_name']."', '".$user_info['user_password']."', '".$user_info['user_email']."', '".$user_info['user_hide_email']."', '', '0000-00-00', '', '', '', '', '', 'Default', '0', '', '', '0', '".time()."', '0', '".USER_IP."', '', '', '101', '$activation')"); $result = dbquery("DELETE FROM ".$db_prefix."new_users WHERE user_code='$activate'"); $result = dbquery("INSERT INTO ".website_forums."phpbb_users (user_id, user_type, group_id, user_permissions, user_perm_from, user_ip, user_regdate, username, username_clean, user_password, user_passchg, user_pass_convert, user_email, user_email_hash, user_birthday, user_lastvisit, user_lastmark, user_lastpost_time, user_lastpage, user_last_confirm_key, user_last_search, user_warnings, user_last_warning, user_login_attempts, user_inactive_reason, user_inactive_time, user_posts, user_lang, user_timezone, user_dst, user_dateformat, user_style, user_rank, user_colour, user_new_privmsg, user_unread_privmsg, user_last_privmsg, user_message_rules, user_full_folder, user_emailtime, user_topic_show_days, user_topic_sortby_type, user_topic_sortby_dir, user_post_show_days, user_post_sortby_type, user_post_sortby_dir, user_notify, user_notify_pm, user_notify_type, user_allow_pm, user_allow_viewonline, user_allow_viewemail, user_allow_massemail, user_options, user_avatar, user_avatar_type, user_avatar_width,user_avatar_height, user_sig, user_sig_bbcode_uid, user_sig_bbcode_bitfield, user_from, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_website, user_occ) VALUES (".mysql_insert_id().", 0, 3, '', 0,'".USER_IP."', 0, '".$user_info['user_name']."', '', '".$user_info['user_password']."', '', 0, '".$user_info['user_email']."', 0, 0, 0, 0, 'index.php', '', 0, 0 ,0, 0, 0, 0, 0, 'en', '-6.0', 0, 'D M d, Y g:i a', 13, 0, '', 0, 0, 0, 0, -3, 0, 0, 't', 'd', 0, 't', 'a', 0, 1, 0, 1, 1, 1, 1, 230271, '', 0, 64, 64, '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', 0, 0, 0)");

You cannot use PHP to create files on yours or other peoples computers. The only way would be emailing the XML file/data to yourself.

Could you explain what you're trying to do with two queries?

You'll need to post more lines. Post lines 30 - 33

Oops. I see you're using mysql_fetch_object. Change $row['name'] to $row->name instead.

Your PHP code is fine. Its your rewriterules which are at fault. I do not recommend using (.*) as it is greedy. You should be more specific with your regex partterns. Such as if you want to match only numbers use ([0-9]+), or for strings use ([A-Z0-9\-_]). I'd setup your rules as such RewriteRule ^category/([0-9]+)/([A-Z0-9\-_]).html$ /index.php?pg=dssGallery&catId=$1&catTitle=$2 [L,NC] RewriteRule ^([A-Z0-9\-_])\.html$ /index.php?pg=detail&catTitle=$1 [L,NC]

I'm guessing you mean the name field in your database. The following code is your sql query, which at the moment only selects the username and password. $query = "SELECT username,pwid FROM table_name WHERE pwid = '$pwid' AND username='$username'"; You'll want to change your query to this. Now the name field will be returned from your query. $query = "SELECT username, pwid, name FROM table_name WHERE pwid = '$pwid' AND username='$username'"; To save the name in the session add this line $_SESSION['name'] = $row['name']; Before this line $_SESSION['username'] = $username;

Looking at your form you don't have a field named id, but you do have a form field named suid. SO may maybe you meant to use $_POST['suid'] instead of $_POST['id'] Check how _POST is formatted using echo '<pre>'.print_r($_POST, true).'</pre>';

Add this rewrite rule RewriteRule ^login/([0-9a-z\_]+)/$ /staff.php??mid=8&spname=$1 [L] Before this rule RewriteRule ^login/$ /staff.php?mid=8&smid=0&ssmid=0&login=1 [L] That will get some of your links working.

Try using an alias instead $result = mysql_query("SELECT MAX(jobID) as maxJobID FROM job WHERE jobEmail='[email protected]'"; $row = mysql_fetch_array($result); echo $row['maxJobID ']; NOTE: if your query only returns one row/result, then you don't need to use a while loop.

EDIT Yes they are clashing. When you go to http://www.whiwh.com/login/ Then that url will match this rule RewriteRule ^login/$ /staff.php?mid=8&smid=0&ssmid=0&login=1 [L] However when you go to this url http://www.whiwh.com/login/general_info/ Then it will match this rule RewriteRule ^([0-9a-z\_]+)/([0-9a-z\_]+)/$ /index.php?pname=$1&spname=$2 [L] Do you know what the (non clean) url should be for displaying the sub pages once logged in?

Yes you would use array_slice() like so $last20 = array_slice($array, -20, 20, true); $last20 will store a copy of the last 20 items in your array ($array);

You could use array_slice

The code in your .htaccess is correct, it will pass the correct urls to PHP. The problem is more to do with your PHP code. If your PHP code was working correctly then this form of url should display the correct page index.php?pname=who_we_are&spname=bill_of_writes But it doesn't it just displays the who_we_are page. You'll need to debug your PHP code to see why its not displaying your sub pages correctly

Add these three lines $name = mysql_real_escape_string($_POST['name']); $email = mysql_real_escape_string($_POST['email']); $comment = mysql_real_escape_string($_POST['comment']); Before these two lines $datetime=date("y-m-d h:i:s"); //date time $sql="INSERT INTO $tbl_name(name, email, comment, datetime)VALUES('$name', '$email', '$comment', '$datetime')";

You're not calling session_start for check login. You need to call session_start() at the top of the script, eg <?php session_start(); $host="asdfasdf.asdf.com"; // Host name ...