PineSmokes

I wouldn't I guess hah, didn't really get into it yet for this reason exactly. I just read the post that said validator, I didn't do enough research yet so landed on the wrong link. I worked all day last evening on making my new layout and it's live now. It's not perfect yet but the site now has a fixed nav bar and header, the shadow looks a bit messed up on the left near the nav bar. I have NO idea how it looks rounded on the right but like a square block on the left, there isn't any setting to make it that way from what I can see but yet it is. And I say I use XHTML by what the code I posted? Is that by not including the head html code that exists on my actual live page? Pretty sure I don't write soup. Everything is always indented properly, I always use the proper tags at the head of a page. I thought it was unnecessary to include on this page seemed like extra code for no reason I could totally include it if it's really that necessary it's just a slightly different highlight job. I do know what an HTML page looks like I'm not totally stupid rofl. I was posting my form which apparently had issues but I'm sure it doesn't have many now. I slightly protected against clickjacking but it's still possible I have more work to do there I pretty sure. This is what I have so far I know I need more, it's in my header.php which is on every page: <script> if ( top != self ) { top.location=self.location; } if ( top != self ) { top.location=self.location; } </script> You can see in my services.php and index.php files below that I do use proper HTML and XHTML? Those pages represent every website I have created, pretty basic but not soup right, what isn't soup if mine is hah? header.php header.css services.php index.php styles.css

I fixed the buttons not working right away, they just needed to be set in the main html so they have a default value of block or none not in the CSS. When I put it in the CSS it loads a different default value or something which requires two presses on the button. I also noticed a problem on the booking page as the google recaptcha was not happy with two recaptcha's on the same page so I researched and solved the problem. All my forms seem to be functional at the moment so problems solved there. I'm looking into the html form validator now following these instructions https://validator.w3.org/docs/install_win.html I'm sure this is a good source but why not get opinions Something I can't seem to figure out is when I zoom out of the page I would like the footer.php include to be positioned at the bottom of the page that way the page doesn't look short and stubby it stays filling the whole page. This would help for the mobile view sometimes, one of my friends was telling me it looked a little wierd with the bottom bar right beneath the words instead of at the bottom of his phone. I've been trying this out and made little progress by making my organization better but still haven't gotten the bar where I want it hah, I am trying though. This is my test page I have a footer bar to play with needs to be fixed. http://jsfiddle.net/PineSmokes/jxcgjuLu/3/

I thought the form was pretty good, I did realized the username was set to 16 characters so I set it to 25, also for some reason I can't explain Chrome, which is my testing browser, won't autofill the form correctly even though I set the fields correctly. I understand not everyone verify's the email twice but I wanted to confirm it and the password so I got it and it seems to work. I made all my test accounts with usernames like Pineapples and PineTrees and Penguins, all worked fine, but the form did try to autofill with my email so I just changed it to what I wanted my display name to be. I'm using the username/display name for the comments section I'll be making and I wanted to add the option for users to log in with either their email or username, I like choices myself so, I figured so would everyone else. I do not have to click just the text I just re-tested it and I noticed one thing. When you click the button nothing happens, click it again and it reacts properly, it must have something to do with the way I ended up finding to get the buttons to display or something. Also the cursor, I made it myself, it's not the best thing in the world but I've had good reviews so far, all I car about is the customer, if her and her dad like it, I'll keep it, I haven't heard their input. It seems a bit much but these people are only going to be on the site for a minute to get a job submitted or something. Do you think any type of cursor is an eyesore or just this one hah? I could see how it could be an eyesore but it does kinda match the color of the page And the sparkles seem kinda cool cuz they're pretty much the same color too. I agree, it's not mobile friendly, but, it does work and it gets the job done at the moment. I will keep developing the site to be more mobile friendly that just wasn't the main goal for the site yet, kinda just made a duplicate of the desktop site with an ok navigation bar, it seems to highlight the page when I click the buttons. Also I'll be looking into the HTML Validation thanks, will that stop click jacking or why am I vulnerable to that. Here it is if you wanna look it over: HTML: <!--~~~~~~~~~~~~~~~~~~!!~~~~~~~~~~~~~~~~~~~~!! LOGIN & SIGN UP SECTION START !!~~~~~~~~~~~~~~~~~~!!~~~~~~~~~~~~~~~~~~~~--> <div id="FloatingForm" class="Form"> <!---------------------------------------- SIGNIN LOGIN BUTTONS & INPUT START ------------------------------------------> <div class="FloatingContainer"> <div class="<?php echo $_SESSION['LoginSignupDisplay']; ?>"> <button onClick="toggle('FloatingLoginForm')" class="button hvr-wobble-skew" type="button" id="Login" name="Login";>Login</button> <button onClick="toggle('FloatingSignUpForm')" class="button hvr-wobble-skew" type="button" id="Sign Up" name="Sign Up";>Sign Up</button> </div> <div> <form class="<?php echo $_SESSION['LogoutDisplay']; ?>" action="" method="POST"> <button class="button hvr-wobble-skew" id="Logout" name="Logout">Logout</button> </form> </div> </div> <!------------------------------------------ SIGNIN LOGIN BUTTONS & INPUT END ------------------------------------------> <!------------------------------------------------ FLOATING ** START --------------------------------------------------> <div class="FloatingContainer"> <!---------------------------------------- FLOATING SIGN UP FORM START --------------------------------------> <div id="FloatingSignUpForm" class="FloatingSignUpForm hide"> <div> <fieldset class="InsideFloatingSignUpForm"><legend align="center">Sign Up</legend> <form action="" method="POST"> <table width="430"> <tr> <td colspan="2" class="outterSignUpText">Name: </td> <td> <input type="text" size="15" placeholder="First name" name="firstname" value="<?php if(isset($_POST['firstname'])){ echo htmlentities($_POST['firstname']); }?>"> <input type="text" size="15" placeholder="Last name" name="lastname" value="<?php if(isset($_POST['lastname'])){ echo htmlentities($_POST['lastname']); }?>"> </td> </tr> <tr> <td colspan="2" class="outterSignUpText">User Name: </td> <td> <input type="text" size="35" placeholder="Also known as your display name" name="username" value="<?php if(isset($_POST['username'])){ echo htmlentities($_POST['username']); }?>"> </td> </tr> <tr> <td colspan="2" class="outterSignUpText">Email: </td> <td> <input type="email" size="35" name="email1" placeholder="Email will be kept anonymous" value="<?php if(isset($_POST['email1'])){ echo htmlentities($_POST['email1']); }?>"> </td> </tr> <tr> <td colspan="2" class="outterSignUpText">Confirm Email: </td> <td> <input type="email" size="35" name="email2" placeholder="Re-Enter Email"> </td> </tr> <tr> <td colspan="2" class="outterSignUpText">Password: </td> <td> <input type="password" size="35" placeholder="Password" name="password1"> </td> </tr> <tr> <td colspan="2" class="outterSignUpText">Confirm Password: </td> <td> <input type="password" size="35" placeholder="Re-Enter Password" name="password2"> </td> </tr> <tr> <td colspan="1" rowspan="2" class="outterSignUpText" style="text-align:center; width:75px"> Sign Up with Google </td> <td colspan="1" rowspan="2" class="outterSignUpText" style="text-align:center; width:75px"> Sign Up with Facebook </td> <td align="center"> <?php if(isset($_GET['SignUp'])){ ?><div class="success">Sign Up Complete</div><?php } ?> <div data-theme="light" class="g-recaptcha" data-sitekey="6Lfueg8TAAAAADgAEeIGZ-VCuAwgv0ayk99iJXv4"></div> </td> </tr> <tr> <td colspan="2" align="center"> <button name="SignUp" onClick="" class="button hvr-wobble-skew">Sign Up</button> <div class="fb-like hide" data-share="true" data-width="450" data-show-faces="true" style="display:none"> </div> </td> </tr> </table> </form> </fieldset> </div> </div> <!---------------------------------------- FLOATING SIGN UP FORM END --------------------------------------> <!---------------------------------------- FLOATING LOGIN FORM START --------------------------------------> <div id="FloatingLoginForm" class="FloatingLoginForm hide"> <div> <fieldset class="InsideFloatingLoginForm"><legend align="center">Log In</legend> <form action="" method="POST"> <table> <tr> <td colspan="1" class="outterSignUpText"> Email: <input type="text" name="email" class="center" value="<?php if(isset($_POST['email'])){ echo htmlentities($_POST['email']); }?>"><br> </td> </tr> <tr> <td colspan="1" class="outterSignUpText"> Password: <input type="password" name="password" class="center"><br><br> </td> </tr> <tr> <td colspan="2" align="center"> <button type="submit" name="Login" id="Login" class="button hvr-wobble-skew">Login</button> </td> </tr> </table> </form> </fieldset> </div> </div> <!---------------------------------------- FLOATING LOGIN FORM END --------------------------------------> </div> <!-------------------------------------------- FLOATING ** END --------------------------------------------> </div> <!--~~~~~~~~~~~~~~~~~~!!~~~~~~~~~~~~~~~~~~~~~!! LOGIN & SIGN UP SECTION END !!~~~~~~~~~~~~~~~~~~~!!~~~~~~~~~~~~~~~~~~~~--> If you actually don't mind looking over my PHP I attached that too but it seems long and I already fell like you're all over helping me I love all the help though and will take as much as you'll give me This is school to me, I stepped into this PHP with only base knowledge, just trying to grow as an individual. I know I have some conditions inside my logic and it felt wrong when I was making it but it works at the moment it just needs me to fix it so it's all perfect for re-use in future sites. I do want it to be top notch at some point just didn't expect to spit out a top notch script right off the bat. Took me most of this month to come up with what I have so far, hah. Just a small edit: Right after uploading the header.php I changed the $admin_urls to all lowercase to match the strtolower($_SESSION['url']) command: $admin_urls = array("http://www.golden-wand.com/pages/admin.php","http://www.golden-wand.com/pages/admin-test.php"); header.php

Their not burnt their just slower than yours, all still present I promise I think I was just trying to learn the extents of those methods and you both covered them nicely I learned a quite a few helpful pointers and proper code methods. I'm done with this area chapter closed. I feel like most of the difficult ground work is now complete on my site I just have a few more things to work out but they aren't difficult I just put them off until last. The site is 100% functional now and directs me where I need to be (the admin-test.php page for work) and the company owner (the admin.php page) then it directs the user nowhere and gives them a little green line on top saying they are logged in. I have a full activation and now use the password_verify function instead of the homegrown method I had picked up along the way. Now that I can make users and log them in I'm going to add a comment box on the contact page that will only be allowed for logged in users otherwise the submit button will say something like Sign Up to Submit Comment. I feel very successful and feel I have learned a lot this month. http://www.golden-wand.com This site would probably have take someone like you two a day or two to make, hah, am I right? I am curious on how long some of you would take to make something like this. I'm assuming it's not long. I'm also assuming that I'll be getting up to a lot better speed with the next two jobs. Each one teaches me something new. I love coding, I'm about to start another site for another customer soon. I'm not really charging them much, since I'm really still learning and it's taking me 10 times longer than a pro with a wide knowledge base. Thanks for all the help off to my next task Nick Edit: Also, I'm going to be changing the one issue /Pages/ to /pages/ in a few minutes, then I'll never have another upper lowercase issue again, I'll always use lowercase from now on, now I understand why it's so important

So does strtolower() lower case everything in the whole line making my command not only unnecessary but it causes an error. Does it lowercase both variables? It seems to have the first variable in parenthesize which seems like it would only do the one. I'm going to test this a bit later but while it was on my mind I wanted to post and ask for clarification. What I wrote is wrong: if($_SESSION['admin']=='1' && !in_array(strtolower($_SESSION['url']), strtolower($admin_urls)))

Why the strtolower on only the first variable $_SESSION['url']? What if the admin url's ever had a capital in them wouldn't it stop working? I understand if I'm just supposed to know to not put capitals but isn't it just a little more fool proof to do this or am I incorrect? if($_SESSION['admin']=='1' && !in_array(strtolower($_SESSION['url']), strtolower($admin_urls))) You're answer is amazing

Wow, see how much adding code helps? Holly crap, you solved something I've been DYING to know XD Totally not even part of my question but you NAILED IT I'm so happy now cuz by you showing me my button echoed out in php form not in html form I am now able to add all this to the top of the page where it should be $msg.="<input type=\"button\" value=\"Admin Page\" class=\"button hvr-wobble-skew\" onclick=\"location.href='http://www.golden-wand.com/Pages/admin.php'\">\n"; I was never able to add my button to a variable until NOW Every time I did it I would lose the onclick ability but now I see all I needed to do was to use a \ before the double quotes making it \" so happy you solved both problems, thanks again.

You can see I got confused, if you completed the code there wouldn't be anything to get confused about sorry if I'm asking too much but it's the simple things that seem to confuse me. I did learn a few things from you, like the fact that it's easier to edit/add/delete data by doing what you stated. The problem is I had not fully understood the array part yet, I did try it but I failed. Is this the page with all the info regarding your answer? I've been there and I'm doing something wrong with this code. http://php.net/manual/en/language.operators.array.php Took me a bit almost asked another question but here it is now it's working I wasn't using in_array(): $a = array("email1", "email2", "email3"); if(in_array($_SESSION['email'], $a)) { echo "Success"; }

Ended up needing to change the xor to || I guess it wasn't working and I thought it was if($_SESSION['url'] != ('http://www.golden-wand.com/Pages/admin.php'||'http://www.golden-wand.com/Pages/admin-test.php')){} Edit: And now I feel silly cuz it's still not working properly but it's working when I'm using == at the top of the page with the xor, but not down here with the !=

To be simple this is less lines and less work in my opinion but I did get the answer from you so thanks, I wasn't thinking about putting them inside parenthesizes that solved everything. Took a second to realize how to make it more simple than setting an array like I've seen in some posts or if that's what you meant exactly then you should have copied my code and corrected it because I wasn't sure exactly what you meant. It would be nice for anyone who saw this post in the future to also see the complete answer so they don't have to figure it out themselves. I'll like your answer but for best answer please simply add the code so I feel like the answer is complete: if($_SESSION['url'] != ('http://www.golden-wand.com/Pages/admin.php'xor'http://www.golden-wand.com/Pages/admin-test.php')) {}

Trying to simplify my code to something like: if($_SESSION['url'] != 'http://www.golden-wand.com/Pages/admin.php'||'http://www.golden-wand.com/Pages/admin-test.php') This is what works that I would like simplified: <!---------------------------------- ADMIN FUNCTIONS START -------------------------------> <?php if($_SESSION['admin']=='1'){ if($_SESSION['url'] != 'http://www.golden-wand.com/Pages/admin.php'){ if($_SESSION['url'] != 'http://www.golden-wand.com/Pages/admin-test.php'){ ?> <input type="button" value="Admin Page" class="button hvr-wobble-skew" onclick="location.href='http://www.golden-wand.com/Pages/admin.php'"> <?php }}} ?> <!----------------------------------- ADMIN FUNCTIONS END -------------------------------->

Actually the first condition does work perfectly fine and you nailed the second one right on the head, that one seems to work fine but it is nice to know what two and three equal signs mean so thanks for that

It seemed to be working at some point but I'm not sure what I did now it displays the Admin Page button forever, I don't want it to include the button if the user admin is on the page. On the top of the admin.php page after the session_start(); I have this: $_SESSION['url']="http://www.golden-wand.com/pages/admin.php"; In the header.php I have this: <?php if($_SESSION['admin']==='1'){ if($_SESSION['url'] != 'http://www.golden-wand.com/Pages/admin.php'){ ?> <input type="button" value="Admin Page" class="button hvr-wobble-skew" onclick="location.href='http://www.golden-wand.com/Pages/admin.php'"> <?php }} ?> It's seems to be skipping the second if statement, I'm probably doing something wrong. I originally was attempting to put the entire input Admin Page button into a variable to be echoed back in my message section but it never worked because the variable seems to mess up the onclick fucntion since it's unable to accept double quotes. Please let me know how to accomplish hiding the button if this page exists Thanks I need this here with every post right? I own this site: http://www.golden-wand.com/phpfreaks.txt just added it to my signature

Does it seem like a good idea at all to place a variable on every page with the link to itself that way in the header I can use the variable I set on the page that loaded the header, I could make it a session variable even $_SESSION['url'] then call it like: header('Location: '.$_SESSION['url'].'?activationsent=1'); Seems to be working fine, guess I solved this one by myself today

Main issue is I'm using this header page to display my login and signup with code and all so I had to change the header("Location lines from permanent to self, when they were permanent that was how I was going back to the "main" page (wiping the statement variable away). Since my new method to make it universal directs to self it always keeps those variables I used to drop which in turn leaves up messages I wish weren't there sometimes. I didn't think I had explained it properly the first time, hopefully there is enough information to find any sort of solution, thanks.

Trying to figure out how, when I press my logout button, do I get my page to go back to it's original page without the ?variable=something at the end: header('Location: '.$_SERVER['PHP_SELF'].'?activationsent=1'); I own this site: http://www.golden-wand.com/phpfreaks.txt

Yes I did read your answer I just posted at the same time you wrote that so it took me a minute to make sure I got it all and had no more questions here. It was just those quotes huh? It's always gotta be something small, it's working now can't believe I didn't figure that out by myself I thought I had tried it all. Where exactly was the useless statement the entire statement on the end that I removed right? Is everything good now I think I removed it. http://www.golden-wand.com/members/tester.php <?php include "../Scripts/connect.php"; $email = "test@gmail.com"; $stmt1 = $db->prepare("SELECT id, activated, username, email, password, token FROM members WHERE email=:email LIMIT 1"); $stmt1->bindParam(':email',$email,PDO::PARAM_STR); $stmt1->execute(); $count = $stmt1->rowCount(); if($count > 0){ while($row = $stmt1->fetch(PDO::FETCH_ASSOC)){ $uid = $row['id']; $username = $row['username']; $email = $row['email']; $hash = $row['password']; $activated = $row['activated']; $token = $row['token']; } } echo "Before: <br>"; echo 'UID = '.$uid; echo '<br>Token = '.$token; echo '<br>Activated = '.$activated; echo '<br>Hash = '.$hash; if($activated==0){$activated=1;}else{$activated=0;}; // Activated Toggle from 0 to 1 $token = md5($hash); $db->beginTransaction(); $updateSQL = $db->prepare("UPDATE members SET activated=:activated, token=:token WHERE id=:uid LIMIT 1"); try{ $updateSQL->bindParam(':activated',$activated,PDO::PARAM_STR); $updateSQL->bindParam(':token',$token,PDO::PARAM_INT); $updateSQL->bindParam(':uid',$uid,PDO::PARAM_INT); $updateSQL->execute(); $db->commit(); echo "<br><br><br><br> Update Successful <br><br><br><br>"; echo "After: <br>"; echo 'UID = '.$uid; echo '<br>Token = '.$token; echo '<br>Activated = '.$activated; echo '<br>Hash = '.$hash; } catch(PDOException $e){ $db->rollback(); echo "<br><br><br><br>Update Failed<br><br><br><br>"; } ?> Thanks for everything you really are amazing and quick Now back to the activate.php page, I've been trying to fix it up so the token is inside my members table instead of off by itself. Wasn't as easy as I thought

I don't understand why the PDO version I was attempting to use isn't working, I see now that the $db->commit(); isn't even necessary I'm assuming since I'm no longer using PDO. If anyone could explain what went wrong with my PDO attempt I would still appreciate it, I found an answer for the following works but is not the answer I'm looking for I believe: http://www.golden-wand.com/members/test.php <?php include "../Scripts/connect.php"; $email = "test@gmail.com"; $stmt1 = $db->prepare("SELECT id, activated, username, email, password, token FROM members WHERE email=:email LIMIT 1"); $stmt1->bindParam(':email',$email,PDO::PARAM_STR); $stmt1->execute(); $count = $stmt1->rowCount(); if($count > 0){ while($row = $stmt1->fetch(PDO::FETCH_ASSOC)){ $uid = $row['id']; $username = $row['username']; $email = $row['email']; $hash = $row['password']; $activated = $row['activated']; $token = $row['token']; echo "Before: <br>"; echo 'UID = '.$uid; echo '<br>Token = '.$token; echo '<br>Activated = '.$activated; echo '<br>Hash = '.$hash; } } $stmt2 = $db->prepare("UPDATE members SET activated = ? WHERE id = ? "); try{ if($activated == '0'){ $activated=1; } else { $activated=0; }; // Activated Toggle from 0 to 1 $stmt2->execute(array($activated,$uid)); echo "<br><br><br><br>Update Successful<br><br><br><br>"; } catch(PDOException $e){ $db->rollback(); echo "<br><br><br><br>Update Failed<br><br><br><br>"; } $stmt3 = $db->prepare("SELECT id, activated, username, email, password, token FROM members WHERE email=:email LIMIT 1"); $stmt3->bindParam(':email',$email,PDO::PARAM_STR); $stmt3->execute(); $count = $stmt3->rowCount(); if($count > 0){ while($row = $stmt3->fetch(PDO::FETCH_ASSOC)){ $uid = $row['id']; $username = $row['username']; $email = $row['email']; $hash = $row['password']; $activated = $row['activated']; $token = $row['token']; echo "After: <br>"; echo 'UID = '.$uid; echo '<br>Token = '.$token; echo '<br>Activated = '.$activated; echo '<br>Hash = '.$hash; } } ?> Is this fine to use or is PDO somehow safer or better?

Not sure why I can't get this been trying to figure it out all evening :/ The included smconfig.php contains my database password. Any ideas, I know it's gotta be easy, I must be missing something. PDO connect.php: <?php session_start(); include 'smconfig.php'; $db_host = "127.0.0.1"; $db_username = "root"; $db_pass = "$dbpass"; $db_name = "golden_wand"; // PDO CONNECT $db = new PDO('mysql:host='.$db_host.';dbname='.$db_name,$db_username,$db_pass); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); ?> http://www.golden-wand.com/members/tester.php <?php include "../Scripts/connect.php"; $email = "test@gmail.com"; $stmt1 = $db->prepare("SELECT id, activated, username, email, password, token FROM members WHERE email=:email LIMIT 1"); $stmt1->bindParam(':email',$email,PDO::PARAM_STR); $stmt1->execute(); $count = $stmt1->rowCount(); if($count > 0){ while($row = $stmt1->fetch(PDO::FETCH_ASSOC)){ $uid = $row['id']; $username = $row['username']; $email = $row['email']; $hash = $row['password']; $activated = $row['activated']; $token = $row['token']; } } echo "Before: <br>"; echo 'UID = '.$uid; echo '<br>Token = '.$token; echo '<br>Activated = '.$activated; echo '<br>Hash = '.$hash; $activated="1"; $token = "md5($hash)"; try{ $db->beginTransaction(); $updateSQL = $db->prepare("UPDATE members SET activated=':activated' WHERE id=':uid' LIMIT 1"); $updateSQL->bindParam(':activated',$activated,PDO::PARAM_STR); $updateSQL->bindParam(':uid',$uid,PDO::PARAM_INT); $updateSQL->execute(); $db->commit(); echo "<br><br><br><br>Update Successful<br><br><br><br>"; } catch(PDOException $e){ $db->rollback(); echo "<br><br><br><br>Update Failed<br><br><br><br>"; } $stmt2 = $db->prepare("SELECT id, activated, username, email, password, token FROM members WHERE email=:email LIMIT 1"); $stmt2->bindParam(':email',$email,PDO::PARAM_STR); $stmt2->execute(); $count = $stmt2->rowCount(); if($count > 0){ while($row = $stmt2->fetch(PDO::FETCH_ASSOC)){ $uid = $row['id']; $username = $row['username']; $email = $row['email']; $hash = $row['password']; $activated = $row['activated']; $token = $row['token']; } } echo "After: <br>"; echo 'UID = '.$uid; echo '<br>Token = '.$token; echo '<br>Activated = '.$activated; echo '<br>Hash = '.$hash; ?> I own this site: http://www.golden-wand.com/phpfreaks.txt

I got it, I set $ok = "true" at the start of the posted section from the sign up button click. Then wherever there was an error message I had written to the $msg variable (basically once inside every else{} or catch{} blocks) I set ok = "" (which made ok = !ok). Last I set up an if(!ok){ echo "Not ok"; } else { processing code goes here } section and everything seems to stop correctly except it doesn't really have an end to the script. Did I just use $db=null too early? Should I still use it on the end of my PHP code after either the processing code or the final errors when the code is done?

And you're amazing, not sure where I picked up that line of code, I think I didn't want a white screen with the exit(); code, what do I do to stop the script nicely when it realizes I already have that email address in the system or when it fails in general? It works when I removed ALL the $db = null code except it obviously now doesn't know how to stop. That was my whole issue I guess and I didn't even know it please let me know how to fix it then I'll go work on everything else you noted Thanks so much I really appreciate your knowledge.

It's totally included, the file is at the top of my script and Dreamweaver see's all of the included files as well like in the attached image. Also I did a simple try catch to do what I think is a test, you tell me if this works or not, it's outputting the entire string on to of the page which looks to me like a success. http://www.golden-wand.com/members/contact-test.php try { $db = new PDO('mysql:host='.$db_host.';dbname='.$db_name,$db_username,$db_pass); foreach($db->query('SELECT * from members') as $row) { print_r($row); } $db = null; } catch (PDOException $e) { $msg .= "<li class='error'>$e->getMessage()"; $db = null; } I definitely did my best to write it up myself no copying that way I was learning something in the process, then I tried to pull it all together and make something on this test page instead of just a black page and that's when it got a little dicey. I hashed with sha512 once everything was working I planned to maybe hash it better since there are better options. If there are better methods for handling the password could you point me in that direction. I redid the entire script to make it better and more secure, that's my goal, I don't expect to get it right the first time around but I did think I was doing something better than "homegrown" password mechanics, like where do I go to learn about professional password mechanics hah I'll be attempting to move the activation column token to the members table at some point since that indeed does make very little sense. Also why are strip_tags harmful? I thought it takes the spaces out of the front and end of a users input in case they accidentally ended with a space or maybe even started with one, if there's a better way or if this is bad practice I would like to learn the correct way if you could Is this what you meant by nonsensical or harmful? The printing of the message? I thought I was doing that because I'm developing and would like to see errors then remove later? catch(PDOException $e){ $msg .= "<li class='error'>$e->getMessage()</li>"; $db = null; } You are very helpful and I overly appreciate the time you are taking to respond to my inquiries, so thank you very much

Pretty sure it's a PDO connect, sorry I forgot to post it here's the file. It is easier and from what I've learned more secure, if I keep keys and passwords in a separate file that is forbidden to access, seems secure to me and it was working at one point but I deleted the page I had completed on accident now I'm having issues remaking it is all. <?php include 'smconfig.php'; $db_host = "127.0.0.1"; $db_username = "root"; $db_pass = "$dbpass"; $db_name = "golden_wand"; // PDO CONNECT $db = new PDO('mysql:host='.$db_host.';dbname='.$db_name,$db_username,$db_pass); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); The password is in the include file since it's my secure password, this connect works I have thrown a try catch in there to test and it came back successful. Is there something wrong with it? Edit: Ahh activation token in a seaprate file, I was learning PHP and PDO a week or so ago from Isaac Price on his YouTube channel, he had some very very helpful videos and taught me quite a bit about the login process. When I was learning there some of those files are still separate like he had them. He had literally everything as a separate file it seemed I like to try to be a little more in one file but I'm still developing it and learning at the same time. Here's the link to his files, no need to post his YouTube video I'm sure you know enough but if anyone want to find it, his name will be enough. https://github.com/IsaacNeal/backburnr He was the entire reason I switched from the other Mysqli connect to this PDO version, it was obvious why PDO is necessary after watching his videos

Trying to finish up this PHP section to this login and sign up section. At the moment I'm having issues with the sign up, it's throwing me an error when I signed up, not sure exactly what happened because it did work once and only once. My error throws on line 206 the beginTransaction line. http://www.golden-wand.com/members/contact-test.php try{ $db->beginTransaction(); $ipaddress = getenv('REMOTE_ADDR'); $stmt2 = $db->prepare("INSERT INTO members (firstname, lastname, username, email, password, signup_date, ipaddress) VALUES (:fistname, :lastname, :username, :email, :bcrypt, now(), :ipaddress)"); $stmt2->bindParam(':fistname',$fistname,PDO::PARAM_STR); $stmt2->bindParam(':lastname',$lastname,PDO::PARAM_STR); $stmt2->bindParam(':username',$username,PDO::PARAM_STR); $stmt2->bindParam(':email',$email,PDO::PARAM_STR); $stmt2->bindParam(':bcrypt',$bcrypt,PDO::PARAM_STR); $stmt2->bindParam(':ipaddress',$ipaddress,PDO::PARAM_INT); $stmt2->execute(); /// Get the last id inserted to the db which is now this users id for activation and member folder creation //// $lastId = $db->lastInsertId(); $stmt3 = $db->prepare("INSERT INTO activate (user, token) VALUES ('$lastId', :token)"); $stmt3->bindValue(':token',$token,PDO::PARAM_STR); $stmt3->execute(); // Create our email body $link = 'http://golden-wand.com/Scripts/activate.php?user='.$lastId.'&token='.$token.''; $data = "Thanks for registering an account at Golden Wand! We are glad you decided to join us. Theres just one last step to set up your account. Please click the link below to confirm your identity and get started. If the link below is not active please copy and paste it into your browser address bar. <br><br> $link"; // Create the Transport $transport = Swift_SmtpTransport::newInstance('smtp.gmail.com', 465, 'ssl') ->setUsername($user_name) ->setPassword($pass_word); // Create the Mailer using your created Transport $mailer = Swift_Mailer::newInstance($transport); // Create a message $message = Swift_Message::newInstance('Sign Up') ->setFrom(array('support@golden-wand.com' => 'From: Auto Resposder @ Golden Wand')) ->setTo(array('ditto.100@gmail.com' => 'Recipient')) ->setSubject('IMPORTANT: Activate your Golden Wand Account') ->setBody($data, 'text/html') ; // Send the message $result = $mailer->send($message); $db->commit(); $msg .= "<li class='success'>Thanks for joining! Check your email in a few moments to activate your account so that you may log in. See you on the site!</li>"; $db = null; } catch(PDOException $e){ $db->rollBack(); echo $e->getMessage(); $db = null; } I own this site http://www.golden-wand.com/phpfreaks.txt

I ended up finding the answer over here http://stackoverflow.com/questions/21103622/auto-resize-image-in-css-flexbox-layout-and-keeping-aspect-ratio it was answer by Omega and they provided an example using http://jsfiddle.net/93TPS/. My code now works perfect and I'm done working on this. Contact Test Page CSS: div#bannerImage { display: -webkit-box; display: -moz-box; display: -ms-flexbox; display: -webkit-flex; display: flex; -webkit-box-orient: horizontal; -moz-box-orient: horizontal; box-orient: horizontal; flex-direction: row; -webkit-box-pack: center; -moz-box-pack: center; box-pack: center; justify-content: center; -webkit-box-align: center; -moz-box-align: center; box-align: center; align-items: center; } .cell{ -webkit-box-flex: 1; -moz-box-flex: 1; box-flex: 1; -webkit-flex: 1 1 auto; flex: 1 1 auto; padding: 10px; margin: 10px; text-align: center; max-height:200px; } img { max-width:100%; max-height:200px; } Contact Test Page HTML: <div id="bannerImage"> <div class="cell"> <img src="../Assets/Pictures/Golden Wand/CutOut/Tools.png" alt="Tools"> </div> <div class="cell"> <img src="../Assets/Pictures/Golden Wand/CutOut/Angled Truck.png" alt="Truck"> </div> </div>