ignace

I believe the error occurs due to: printlog=False Which possibly should have been: $printlog=False

What games? There are no games... :S LOL, sorry I was evaluating multiple design's (yours and one from another thread) and replied in the wrong one

I've never known any project, even the very smallest, that didn't require a form of planning (wire-frames, a Photoshop design, and SE strategy). I don't see how you could skip those? You can't go think about what strategy you will use to generate leads as these should be incorporated in to the design or where should come what or how it should look after you published the website.

1) Only use tables for tabular data not to build websites (-> SEMANTICS) 2) Any project starts with PLANNING not hacking away at some code For more information see: http://www.idesignstudios.com/blog/web-design/phases-web-design-development-process/ http://webdesignfromscratch.com/design-process/web-design-process.php

<?php class Database { public function __construct($name, $password, $username = 'root', $host = 'localhost') {} public function __destruct() {$this->disconnect();} public function connect() {/*lazy-load*/} public function disconnect() {} public function select($table, $fields, $where = '') {} public function insert($table, $data) {} public function update($table, $data, $where = '') {} public function delete($table, $where) {} public function fetchAll($mode = MYSQL_ASSOC) {} public function fetchOne($mode = MYSQL_ASSOC) {} } class UserDao { public function __construct(Database $db) {} public function findByCredentials($username, $password) {/*return new User();*/} public function findByUsername($username) {} public function findById($id) {} } class User { private $id, $username, $password; } class Auth implements SplSubject { private $authObservers; public function notify() {/*foreach ($this->authObservers as $o) if (false === $o->update($this)) return $this->abort();*/} public function detach(SplObserver $observer) {} public function attach(SplObserver $observer) {} public function logon($username, $password, $rememberMe = 3600) {/*$username = new FilterUsername($username);*/} } class CleanIp implements SplObserver { public function update(SplSubject $subject) {} }

1) You don't need unset() in your class method, local variables are cleaned once it leaves the method scope 2) CREATE TABLE queries should only be made during installation, nowhere else 3) Installation is not a responsibility of UserData 4) Favor composition over inheritance class User/* extends Data*/ { private $data; public function __construct(Data $d) { $this->data = $d; } } 5) Separation of Concerns UserData should not be responsible for query handling Your design is an overall improvement but still miles away from being flexible.

Why not donate the point when they login? The problem is that you probably do something like: points = points + 1 In your database and thus have no idea which days they logged in. Change your database design to: points (user_id, date) When they login, check if an entry exists for that day: WHERE user_id = $uid AND date = curdate() If it doesn't add one. The get the number of points for a user, use: SELECT count(*) AS user_points FROM points WHERE user_id = $uid This technique has the advantage that when even if the user would use a proxy you could remove their points by looking up dates and removing any duplicates. To create a ranking, use: SELECT .., count(*) AS user_points FROM points GROUP BY user_id ORDER BY user_points DESC

Nothing to say sorry about I'm only human and therefor subject to error

That will never happen, for a few reasons: 1) The workforce is cheaper but so is the quality; 2) Different countries have different standards. US quality advertising works only in the US, US design works only for US customers; 3) Tricky to manage an offshore development team (least misinterpretation can lead to a wrong application design); 4) Logistics; 5) Trust issues; These are the few that popped in to my mind and their are probably more.

Did you create these games yourself?

You can't just start playing music like that. You need licenses (and the price is scaled towards the number of visitors you are to have). So unless you have some $1000 for spare, don't.

I take my words back thorpe, you were right.

Try changing <br/> to \n

Quite possibly a supplier.

A programmer with a consciousness, I respect you. You can use XDebug to profile the application, for some pages (database intensive) it may be beneficial to add caching. You could introduce a Zero Query Policy (no queries on landing pages) and you can find slow queries in the mysql log or by asking mysql his query execution plan (EXPLAIN) and optimize from there. You also have Apache Bench (ab.exe in the Apache directory) and MySQL itself provides tools from it's website. There are literally tons of tools to benchmark your application including network & hardware.

Do note the use is discourage as you can't rely on the setting short_tags be set.

AND (opportunities.stage <> '08' ANDOR opportunities.stage <> '09')

In most instances an exception caught at the top-level does mean the application is in an unusable state. This would most like occur when active directory, a domain server, or the database server is unavailable. In those instances, my application can't be used. Not every uncaught exception has something to do with a failing DB server although it is possible. Even in that case I would give them the option to return to the frontpage or something, even if it's the case that the DB server is unresponsive. This in turn will throw another exception with more details. Not all clients just jump to the phone when something happens, some really try to figure out what is wrong, to be able to give a very accurate description of the problem. It's just to let the client feel that the application isn't entirely dead and provide some minimal form of functionality. Like when the DB fails it would save the text in a file instead of resulting in a complete loss.

Too many programmers start out by writing code for other programmers to use, and I wonder why? Do you honestly believe millions of people will start using your script once you publish it? That you will become a rock-star amongst the countless number of programmers? That people start worshiping you while you achieved/learned yet nothing? What good is fame if your word is no good? There are rock-stars on these forums but you and I are not one of them (yet). Ask yourself: do you use code from an unknown/unreliable source? Most likely not, as you don't want to be bothered to be debugging something you didn't even write or for that matter understand (and in debugging you want to exclude as many reliable sources as possible in order to pinpoint the root-cause). Don't understand me wrong I highly encourage you to post your code on-line in the form of documentation and refer to it from within your scripts, anyone who will ever have to maintain your work will be grateful, sadly they don't teach these great de facto rules in school. In the first place you should write code for yourself and in the best way possible (maintainable and highly flexible) as you will spend quite some time weeding through it. So, it's beneficial you make this maintenance a breeze. It also has other benefits like easier/low-cost adjustments.

I am not someone who just gives critic but shows no examples (fear of being criticized himself), so here goes in how I would model it: class Session { public function regenerateId(); public function rememberUntil($until = 3600); public function destroy(); } class Auth { private $session; private $database; private $logonObserver; public function logon($username, $password, $rememberMe = 3600) {} public function logout() {} public function hasAuth() {} //1) add IP blocking for too many bad attempts public function addListener(SplSubject $l) {} } // 4) XSS security checks class FilterUsername {} class FilterPassword {} // 2) use database for session handeling class SessionDao { public function findById($id) {} } class UserDao { public function findByCredentials($username, $password) {} } This design allows for everything you wished to accomplish (and more) Using the Observer pattern you can add functionality that checks if a spoofed IP was used, too many attempts have been made, .. The DAO objects separate your database from your application logic. Specialized classes can be used to filter username and password throughout the entire project. The Session class separates the actual $_SESSION from your application logic so that it can vary. Believe it or not you can skip $_SESSION altogether. Of course I just wrote this out of the top of my head and I'm sure this design has some flaws but in overall this provides for better flexibility/maintainability as even you have to admit this is much clearer (easier to understand) then what you wrote?

Tact is for wimps who don't have the balls to say how it is. Your client won't use tact when you messed up or when he decides to let another programmer maintain your code, and he tells him that because of your negligence the design is not flexible enough to make the necessary changes and shall require a serious amount of refactoring (money) to implement the new features. There's no need for exaggeration here, besides what made you suddenly an expert? To you it may seem counter-productive, to us it looks like a design that is flexible and allows change. To submerge yourself in OOP you should learn more then just how to use a class, you should learn about principles, patterns, and practices. While you model an application you should be able to recognize patterns and adhere to principles (SOLID) & best practices.

There is literally nothing good about this class, every class should have only one responsibility, your class has the following responsibilities: 1. Cookie/Session management 2. Db Management (incl. table creation) 3. Cryptography 4. Unique ID generation 5. Auth Management Basically you wrote a script and wrapped a class around it. You have much to learn Kemo-Sabe

Yeah, until the teacher asks him to explain it. Well done. Life is full of risks Besides I made his assignment the least he can do is try to figure out how it works quite possibly he got 3 weeks to finish it That will be 3 weeks of healthy studying I am certain this exercise will have taught him more then what his fellow students will have learned over these 3 weeks... It has always worked for me anyway. I have always found that I learned more when I got the solution from the teacher then when I had to actually create it (stack of failures leading to a correct outcome). If I could see the solution, I could find the thought process behind it, and learn from it. This forum is a good example, I have learned a lot from you (thorpe), Daniel, Mchl, and many others, just by looking at their code examples to a given problem. Just look at that code of JonnyThunder (I had to look up the name though), he posted that years ago and I still remembered.

$_SESSION['name'] = $_POST['name'] ?: 'some default'; I think is best not used as it will spread confusion, not many read the manual as thoroughly as we are

You ever heard of a rainbow table? You should not only hash it but also salt it, like: md5( concat( password_salt, md5( '$password' ) ) )