alpine

Try to add the fifth parameter and see if it's accepted. That will force the correct reply adress (some hosts/configs disables it such as safe_mode) [code] mail($to, $subject, $body, $headers, "-f". $return_adress) [/code]

Nor addslashes or mysql_real_escape_string inserts the slash to the table, it's only added to let the escaped value into the db. So stripslashes is not nessesary to output when fetching value from the db, the slash isn't there anyhow. Manual: http://no.php.net/manual/en/function.addslashes.php [quote] to insert the name O'reilly into a database, you will need to escape it. Most databases do this with a \ which would mean O\'reilly. This would only be to get the data into the database, the extra \ will not be inserted. [/quote]

The few skills i have is all selftaught but with a major credit to all the pro guys responding at phpfreaks + ofcourse all those asking questions. This was the gate-opener website in terms of learning php and mysql for me. Without it i would probably still be doing cludry cut'n paste with endless parse errors. Still it is strictly on hobby basis, but i never give up the hope that i can actually do it for a living some day. Realism ? well..... the competition is heavy.

set $_SESSION['id'] as array after it is set, example: [code] <?php session_start(); $_SESSION['id'] = "whatever"; $_SESSION['id'] = array(); while(whatever){   $_SESSION['id'][] = "whatever"; } ?> [/code]

I think it is screaming about the second while, I cannot see the need for the second while either, test: [code] <?php $fav_people = array( 1 => "John", 2 => "Fred"); foreach ($fav_people as $people_id => $value) { if ($people_id != 0) { $INSERT = "INSERT INTO favorites (user_id, fav_type, id) VALUES ('$_USER[user_id]', '2', '$people_id')"; echo $INSERT; } } ?> [/code] But it sertainly smells a register_globals issue

if you echo it you will se that it's transformed to [color=red]http%3A%2F%2Fwww.google.com[/color] try [color=blue]$data = htmlspecialchars($_GET['r']);[/color] instead, and if there is no particular reason, quit the habit of using older predefined variables ($HTTP_*_VARS) and start using $_GET, $_POST etc. instead.

You have an error in the checkbox remove[], you don't close it [code] <input type="checkbox" name="remove[]" id="remove[]" value=<?php echo $id ?> [/code] should be (note the last [color=red]>[/color]) [code] <input type="checkbox" name="remove[]" id="remove[]" value=<?php echo $id ?>> [/code] but it would be easier to read and then again more reliable if you quoted the form elements on a regular basis, like [code] <input type="checkbox" name="remove[]" id="remove[]" value="<?php echo $id ?>"> [/code] Don't know if this will fix your problem, it's an error anyhow and a typical one ie would struggle with

I use a combination of things, but mostly my first barrier is a decent captha. I run ajax to validate it as it is being written just to help people out visually - once posted it is ofcourse checked again. From all forms that have the captcha in it - or forms that i choose to include a spesific named hidden field in (both fields have fixed named that my postcheck function looks for) all posted values (exept the captcha field) is melted together into one string and put into a mysql table (works global on the entire site) to prevent submission of the exact frase more than once in an interval of 24 hrs. This prevents mass-reloading etc. Also if the hidden checkfield is not empty as it is designed to be, the form is stopped. I also validate title etc. to not contain sertain characters not expected such as @* and so on, and i use checkdnsrr() on the always mandatory email field in addition to ordinary pattern-validation and injection check's. I always prefer to name formfields in norwegian, not naming them name,email,title etc. On my oldest site, i've only had 3 known spam attempts in 3 years so i guess i'm lucky. It is a pretty visible site in search engines too with a google rank of 4/10 , i think is fairly good for a hobby site - and with an averal of 60.000 page views per month according to my BBClone, 3 attempts isn't bad in my eyes. To be realistic, there isn't such a thing as a spam-proof form in my eyes. The nearest would be Mark's email-activation, but this might prevent many people from entering anything at all. My experience is that if it's too complicated to use, most people won't use it at all.

I'm not expecting everything to be dumped in my lap at all, rather looking for an understandeable way of getting into it as a server-newbie. The webmin is NOT easy for a newbie in my sence - if your more familiar with servers i guess it may be a tool, but not for me. I Just didn't like it at all. <opinion>period</opinion> Going back to BASH

ok - the webmin was genuine crap in my oppinion, if i can't get a better interface than that i might aswell stick to BASH commands. I guess it isn't other interface to help a linux noob in the server world for the first time? For instance, i want ftp but i dont know how to get it...

Horray  ;D by following the exellent "howto" located at [url=http://ubuntuforums.org/archive/index.php/t-7507.html]http://ubuntuforums.org/archive/index.php/t-7507.html[/url] no problems occurred! webmin installed!

ok - still searching - feeling soo nooob here, alot of "howto's" out there but none seem to solve my case. Any good alternative to webmin ?

Thanks, yum is giving "command not found" so i guess it's not. RPM webmin is an RPM suitable for Redhat, Caldera, SuSE, Mandrake or MSC Linux so i guess i cannot use that ?

I've just setup a lamp server with ubuntu 606 and i'm trying to install webmin. No success - if i use the .deb file and run the package installer i get an error "Dependency is not satisfiable: libauthen-pam-perl" downloaded the mentioned package but i have no clue how to install it, i have the package on the desktop. Anyone care to help a linux noob on this ? tried the webmin website and it seems so easy installing - yet it wont work for me....

The FireBug for Firefox - makes ie's errormessages seem like a joke (and it is) https://addons.mozilla.org/firefox/1843/

I think you are looking to parse remote xml files, not write them in arrays ? Post what you have (code) or start in the manual: http://no.php.net/xml_parse There is some examples there too.

This is in the wrong board (mods) run phpinfo() and see where your running php.ini is example: ----------------------------------------------------------------- Configuration File (php.ini) Path    | C:\wamp\Apache2\bin\php.ini ----------------------------------------------------------------- Open the php.ini and find the [mail function] and uncomment/comment to suit your system and prefs (this is an example) ----------------------------------------------------------------- [mail function] ; For Win32 only. ;SMTP = localhost SMTP = smtp.blah.net ;smtp_port = 25 ; For Win32 only. sendmail_from = your@blah.net ; For Unix only.  You may supply arguments as well (default: "sendmail -t -i"). ;sendmail_path = ; Force the addition of the specified parameters to be passed as extra parameters ; to the sendmail binary. These parameters will always replace the value of ; the 5th parameter to mail(), even in safe mode. ;mail.force_extra_paramaters = ----------------------------------------------------------------- Should get it running

example: [code] <?php function Is_Chars($string) { if(preg_match("/^[a-zA-Z]+$/", $string)) return true; else return false; } // example if(Is_Chars($_GET['value'])) {   echo "Value is chars only"; } else {   echo "Not only chars in the value"; } ?> [/code] And [color=red]is_nan()[/color] is not a way to check if it is chars only but rather to see if the value is not a number http://no.php.net/manual/en/function.is-nan.php

Ok, i add that my first primary goal is a private server so i will have plenty of time (!?) to work on an install/setup. But, these days private homes around here are getting fiber lines (50/25 Mbit/s) so when it's blinking in my cellar things would change and i might want to put it online. Thanks for every experience

Thanks for your reply. My Linux knowledge IS NULL - but as you, i have someone with the knowledge to ask when nessesary. I'm not afraid to step in some challenges, a stable and secure OS is to be preferred above easiness/lazyness on installing. The knowledge from trying,failing and fixing is too valuable to loose. I've heard about debian too, but i don't know whats to be preferred - maybe just what you prefer in the end. I understand Ubuntu have Long Term Support (5 years on server) and thats assuring. Was checking the downloads, it a pure server version available (without graphical user interface) and i assume that's the one to start with ? Thx

Hope i'm not in the wrong forum section with this... I am about to set up my first server running Apache (2?) and i plan to use it only for running PHP 5 and MySql 5 + various extensions. What Operating system should i install ? I don't want to install a premade packade on it (like wamp running windows) as i want to install as clean as possible and also get familiar with each part as i work it. I installed wamp on my laptop here the other day just to easily test php etc. but i feel it's not suited on a "clean" server as i don't ever use either php-myadmin or sql-lite. A Linux dependant friend of mine mentioned Ubuntu 606 as a good installation to start on. Any thoughts ?

Can't think of any tutorial, but here is a start for you - i'm sure you can work on it to understand it and make it what you want [code] <?php $site_name = "whatever"; $site_email = "send_form_info@wherever.net"; $form_subject = "Form from $sitename"; $done = false; if(isset($_POST['submit']) && !empty($_POST['message'])) {   $message = strip_tags($_POST['message']);   $headers = "From: $site_name <$site_email>\r\n";   $headers .= "Reply-To: $site_name <$site_email>\r\n";   $headers .= "Return-Path: $site_name <$site_email>\r\n";   $headers .= "X-Mailer: PHP v".phpversion()."\r\n";   $send_it = mail($site_email, $form_subject, $message, $headers);   $done = true; } if($done == false) { echo <<<_HTML <form method="post" action="{$_SERVER['PHP_SELF']}"> <input type="text" name="message" value="{$message}" /> <input type="submit" name="submit" value="Send it!" /> </form> _HTML; } ?> [/code]

You can also set session_start() on top inside your admin.inc file, then it would always be there but just written once. When that is said, i would also recomend to rename the extention in admin.inc from .inc to .php since admin.inc probably contains config settings ? ? Just a safety issue (just ?!)

I don't know if i should cry, burry my self, burry my computer, or simply just give a flat **** and buy myself a good old fashion newspaper! All this time it was the computer firewall (ZoneAlarm Pro) that wiped out all cookie and session variables. Some kind of bulb stroke my head and i turned it off, and what do you see - sessions work  :-* I can confort myself with the fact that i probably have some sort of local record in reading wamp and lamp tutorials in one night - and i probably could duplicate both the php.ini and httpd.conf file just out of my plain memory right now  ::) * FINAL SOLUTION EDIT: * By unchecking the "Remove Private Header" option in "Privacy" it runs ok with the firewall ON The final ini opt: session.save_path = "C:\wamp\tmp"

Actually it is already set like that, paste from the php.ini in Apache2/bin [code] [Session] ; Handler used to store/retrieve data. session.save_handler = files ; Argument passed to save_handler.  In the case of files, this is the path ; where data files are stored. Note: Windows users have to change this ; variable in order to use PHP's session functions. ; ; As of PHP 4.0.1, you can define the path as: ; ;    session.save_path = "N;/path" ; ; where N is an integer.  Instead of storing all the session files in ; /path, what this will do is use subdirectories N-levels deep, and ; store the session data in those directories.  This is useful if you ; or your OS have problems with lots of files in one directory, and is ; a more efficient layout for servers that handle lots of sessions. ; ; NOTE 1: PHP will not create this directory structure automatically. ;        You can use the script in the ext/session dir for that purpose. ; NOTE 2: See the section on garbage collection below if you choose to ;        use subdirectories for session storage ; ; The file storage module creates files using mode 600 by default. ; You can change that by using ; ;    session.save_path = "N;MODE;/path" ; ; where MODE is the octal representation of the mode. Note that this ; does not overwrite the process's umask. ;session.save_path = "c:/wamp/tmp" ;session.save_path = "C:\WINDOWS\Temp" session.save_path = "c:/tmp" ; Whether to use cookies. session.use_cookies = 1 ; This option enables administrators to make their users invulnerable to ; attacks which involve passing session ids in URLs; defaults to 0. ; session.use_only_cookies = 1 ; Name of the session (used as cookie name). session.name = PHPSESSID ; Initialize session on request startup. session.auto_start = 0 ; Lifetime in seconds of cookie or, if 0, until browser is restarted. session.cookie_lifetime = 0 ; The path for which the cookie is valid. session.cookie_path = / ; The domain for which the cookie is valid. session.cookie_domain = ; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. session.cookie_httponly = ; Handler used to serialize data.  php is the standard serializer of PHP. session.serialize_handler = php ; Define the probability that the 'garbage collection' process is started ; on every session initialization. ; The probability is calculated by using gc_probability/gc_divisor, ; e.g. 1/100 means there is a 1% chance that the GC process starts ; on each request. session.gc_probability = 1 session.gc_divisor    = 100 ; After this number of seconds, stored data will be seen as 'garbage' and ; cleaned up by the garbage collection process. session.gc_maxlifetime = 1440 ; NOTE: If you are using the subdirectory option for storing session files ;      (see session.save_path above), then garbage collection does *not* ;      happen automatically.  You will need to do your own garbage ;      collection through a shell script, cron entry, or some other method. ;      For example, the following script would is the equivalent of ;      setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): ;          cd /path/to/sessions; find -cmin +24 | xargs rm ; PHP 4.2 and less have an undocumented feature/bug that allows you to ; to initialize a session variable in the global scope, albeit register_globals ; is disabled.  PHP 4.3 and later will warn you, if this feature is used. ; You can disable the feature and the warning seperately. At this time, ; the warning is only displayed, if bug_compat_42 is enabled. session.bug_compat_42 = 1 session.bug_compat_warn = 1 ; Check HTTP Referer to invalidate externally stored URLs containing ids. ; HTTP_REFERER has to contain this substring for the session to be ; considered as valid. session.referer_check = ; How many bytes to read from the file. session.entropy_length = 0 ; Specified here to create the session id. session.entropy_file = ;session.entropy_length = 16 ;session.entropy_file = /dev/urandom ; Set to {nocache,private,public,} to determine HTTP caching aspects ; or leave this empty to avoid sending anti-caching headers. session.cache_limiter = nocache ; Document expires after n minutes. session.cache_expire = 180 ; trans sid support is disabled by default. ; Use of trans sid may risk your users security. ; Use this option with caution. ; - User may send URL contains active session ID ;  to other person via. email/irc/etc. ; - URL that contains active session ID may be stored ;  in publically accessible computer. ; - User may access your site with the same session ID ;  always using URL stored in browser's history or bookmarks. session.use_trans_sid = 0 ; Select a hash function ; 0: MD5  (128 bits) ; 1: SHA-1 (160 bits) session.hash_function = 0 ; Define how many bits are stored in each character when converting ; the binary hash data to something readable. ; ; 4 bits: 0-9, a-f ; 5 bits: 0-9, a-v ; 6 bits: 0-9, a-z, A-Z, "-", "," session.hash_bits_per_character = 4 ; The URL rewriter will look for URLs in a defined set of HTML tags. ; form/fieldset are special; if you include them here, the rewriter will ; add a hidden <input> field with the info which is otherwise appended ; to URLs.  If you want XHTML conformity, remove the form entry. ; Note that all valid entries require a "=", even if no value follows. url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" [/code] Now it stores sessions in the tmp folder that i have in the above ini, just won't read them at all Is this a windows issue ? dmn - i must really consider a separate local server running on linux. This is my absolute first attempt in setting up a local server with php and mysql, currently to try and learn something  :o Everything else works as i can see just great. I also ran throug a filecompare with the php.ini i use where i have hosted my webpages, and it's similar now exept for the win issues.