GingerRobot

Is the error still showing up on line 3 for you?

Well i would guess that this game would all depend on form submission? If so what you CAN do, is, each time a page is loaded, create a random number and apply the md5 hash to it. Put this hashed number into your database. Then, if the page has a form on it, put that hashed number as a hidden field. When the form is sent, check it matches the last one in the database. If someone was to load a second window, they would alter the hashed number in the database and thus make the first window unusable. You would, of course, have to do this with every form in your game. Seems very OTT, perhaps you could prevent cheating in some other way. But that is certainly one method.

But that wont work, because you can have two windows/tabs open using the same session. As Orio says, why do you want to limit people to one active window/tab? Wont that just be very annoying?

What i would do is have a field on my user table called last active of something. Then, as i say, i would insert a unix timestamp on each click... $time = time(); mysq_query("UPDATE `table` SET `lastactive`='$time' WHERE....") then, on the users online page: $now = time(); $fiveminsago = $now - 5*60; $sql = mysql_query("SELECT * FROM `table` WHERE `lastactive`>'$fiveminsago'");

Thats what im saying. The session is valid throughout all the tabs you created in firefox in the same window. If you open up firefox and login, then open up another firefox browser, e.g. start the program again your protection should work fine.

As was posted, you have a field that contains a timestamp of when they last clicked something. Then where ever you want to show the users online, you only select those where they last clicked in, say, the last 5 minutes. There is no need to delete anything at all.

When you say it worked using the same browser, do you mean you actually opened up two differant instances of the browser? If you were logged in in firefox and simply opened a new tab, or in either browser you right clicked a link to open it in a new window, then it will not work because the session is the same. However, if you opened up internet explorer of firefox twice, what you already did should work.

Well i get the error on line 25 which is this line: print("<li><a href=\"$val\" tabindex=\"$tabindex\">$key[/url] </li>"); It is due to the fact there is no space between $key and [/url]. Therefore, php thinks that $key is an array and thinkgs /url is an element of that array. Put a space between them and it should work.

when you say the bits in red, do you mean ; "?user=" ? If so, that is not a variable. That is plain text.

Looking at phpMyAdmin, there is a database called information_schema with a table called tables. This seems to contain all the tables i have created with their creation date. I see no reason why you couln't select this database and retrieve this information. I guess your ability to do this would depend on your access. I would think that if you are not logged in as root then you probably wont be able to access this. I could be wrong though.

I did a bit of testing and incase anyone is interested... With magic_quotes_gpc off, if you do not do anything to a string such as ' and try to enter it into the database you get an error. If you apply mysql_real_escape_string() to it, it enters it into the database, although, interestingly, it does not enter the version with the slashes applied, rather it simply shows ' Unless, of course, phpMyAdmin has stripped the slashes which is a possibility. However, if you echo the string after applying mysql_real_escape_string, it shows up as \'. And yes, whe you retreive the data, there is no need for stripslashes.

Ok, thanks for the help but one further question You say that i do not need to use stripslashes because PHP does that for me. Is that only if i use mysql_real_escape_string? If i were to use addslashes on data to be inserted into a database, i would need to use stripslashes on retrieval? I already do use mysql_real_escape_string, but im just trying to fully understand the differant ways in which it works.

Thanks for your help although it seems i must have made a typo when trying what i did above, as that is working fine now in both FF and IE6.

Just a couple questions on which i want to check the answer. If i use mysql_real_escape_string, i do not need to add slashes and i can also turn off magic_quotes_gpc, is that correct? And secondly, if i am using mysql_real_escape_string, do i still need to strip slashes after retrieving information from the database? Thanks, Ben

[code] <?php $gamertag = 'usename'; echo "<a href='http://profile.mygamercard.net/$gamertag'>"; ?> [/code]

No, on your login page use: $_SESSION['first_name'] = $first_name; Then, on the subsequent pages, you can either access the contents in $_SESSION['first_name'] directly, or assign it to a shorter variable e.g. $first_name by doing: $first_name = $_SESSION['first_name']; So, both of these examples would work: [code] <?php session_start(); echo $_SESSION['first_name']; ?> [/code] And [code] <?php session_start(); $first name = $_SESSION['first_name']; echo $first_name; ?> [/code]

Thats not actually true xyn, mysql_numrows() also works. Ive no idea why though! I take it that you are applying the md5 function to the password when they register?

Well what happens when you use the code that mewhocorrupts provided?

You do not need to register the sessions at all. On your login page, simply use: $_SESSION['first_name'] = $first_name; To store it in the seession. There is no need to register it first

If you are having problems with logic, go through and echo something meaningful at various places through your code. That might help you identify where something is going wrong.

Yes, this is javascript and most likely CSS. Google javascript table highlighting. 2nd link looks like it shows you what to do.

Has this forum suddenly turned into somewhere for people to slag each other off? Anyways, scheols, without further irritating anyone, from what you have said, ignace is right; the manual has to be the best place to start. You just said you are looking to learn about mysqli functions, and the manual gives details about all of them. The menu on this page: http://uk.php.net/mysqli_connect Has all of the functions. Why not try looking at them and if there are specific functions you need help with, then ask away.

Well i dont know a lot about mysqli, but: You are going to need to change your included database connection file to a php file otherwise it isn't going to pass the information. Also, if you think you are having troubles with your database connection, try the examples on the php website: http://uk.php.net/mysqli_connect

[code] <?php function bbcode($txt) { $bbcodes = array( "|\[b\](.+)\[/b\]|is",                      "|\[u\](.+)\[/u\]|is",                      "|\[i\](.+)\[/i\]|is",                      "|\[img\](.+)\[/img\]|is" ); $replace = array( "<strong>$1</strong>",                      "<u>$1</u>",                      "<em>$1</em>",                      "<img src='$1'>" ); $txt = preg_replace($bbcodes, $replace, $txt); return nl2br($txt); } $texter = strip_tags($_POST[message]); $str = "$texter"; $str = bbcode($str); echo $str; ?> [/code] i got 2 errors on line 13. Firstly, you need to either replace with single quotes on escape the inside double quotes on this line: "<img src="$1">" I replaced them. Secondly, you were missing a comma at the end of the preceding line.

Ok, i have solved my previous problem but have another so i might as well just modify this topic. why does this: parent.document.all.due.value=date; work, and not this: parent.document.getElementById('due').value=date; As i understand it, you shouldn't use all anymore, but use getElementById, and certainly Firefox gives a warning although it still functions. Any help would be much appreciated. Thanks, Ben