ignace

1. Many days of planning (combined: go Agile!!) (Project Analysis & -Design) Frontend (HTML, CSS, JS): sitemap, wireframe, card sorting, color theory, .. Backend (PHP): domain model, class diagram, use-cases, .. 2. development-, testing-, staging- & production (=live) server development: realm for "hackers" testing: realm for testers staging: realm for annoying clients production: realm for screw-ups 3. Subversion, GIT, CSV, Mercurial, .. distributed or centralized?!? Do you want fries with that? 4. apply Test-Driven Development (TDD) and use a Continuous Integration (CI) server PHPUnit & Selenium, PHPUnderControl Those are a few of the topics you would get thrown at you if you would work in a company that produces enterprise software

Open your editor search for name="pick1 and replace it with class="pick1" name="pick1 do this also for pick2 and pick3 Now using JavaScript: function checkSets() { var check1 = document.getElementsByClassName('check1'); var check2 = document.getElementsByClassName('check2'); var check3 = document.getElementsByClassName('check3'); var check4 = document.getElementsByClassName('check4'); var check5 = document.getElementsByClassName('check5'); var check6 = document.getElementsByClassName('check6'); return checkSubSet(check1) && checkSubSet(check2) && checkSubSet(check3) && checkSubSet(check4) && checkSubSet(check5) && checkSubSet(check6); } function checkSubSet(subSet) { var oneOfSubSetIsChecked = false; for (var i = 0; i < subSet.length; ++i) { if (subSet[i].getAttribute('checked') == true) { oneOfSubSetIsChecked = true; break; } } return oneOfSubSetIsChecked; } This will go over each set and make sure atleast one is checked. Use as: <script type="text/javascript"> function checkForm_onSubmit() { if (!checkSets()) { window.alert('Make sure that atleast each set has an answer checked.'); return false; } return true; } </script> <form onsubmit="return checkForm_onSubmit();" ..

update `users` set `gold`=? and `".$item."`=?where `id`=? should be update `users` set `gold`=? and `".$item."`=? where `id`=?

I am the only one not blind? $db->execute("update `users` set `gold`=? where `id`=?", array($id, $gold1 + $gold2)) should be: $db->execute("update `users` set `gold`=? where `id`=?", array($gold1 + $gold2, $id))

Simple: if !empty($_GET['user_id']) && is_numeric($_GET['user_id']) then delete from table where user_id = $_GET['user_id'];

You can also just do: $_POST = array_map('mysql_real_escape_string', $_POST); Which will apply mysql_real_escape_string to each value.

If you want a custom license you will either have to write it yourself (based on a template) or let someone write it for you. You can not opt for an open-source license as Is the first rule of Open-Source

Select one of those 10 websites which will become the base for authentication it's best to select the one with the easiest/best coding as you will have to make some adjustments so that all websites authenticate with the same database. Research how each application identifies a user as logged-in and make sure your modifications match this.

You are referring to server-driven content negotiation and if your server supports it (and most do) you should already be able to use it.

Select one of the 3 websites as your base and authorize all users against the base database.

If your query looks like this then you'll get 2 as a result and not 1,2 therefor use staff_1=1&staff_2=2

I think you forgot to add $user_id = $_GET['user_id']; in the delete.php file I also took the liberty to cleanup your code and give you an example how clean code will help you in your endeavors <?php //ini_set("display_errors","1"); //ERROR_REPORTING(E_ALL); function my_error_handler($errno, $errstr, $errfile, $errline, array $errcontext = array()) { die($errstr); } set_error_handler('my_error_handler'); session_start(); $con = mysql_connect("localhost", "username", "pw") or trigger_error('Could not connect: ' . mysql_error()); mysql_select_db("DBName", $con) or trigger_error(mysql_error()); class EmptyCredentialsException extends Exception {} class InvalidCredentialsException extends Exception {} // Same checking stuff all over again. function clean($value, $db = null) { $value = strip_tags($value); $value = htmlentities($value); $temp = @mysql_real_escape_string($value, $db) ? $value = $temp : $value = addslashes($value); return $value; } function login($username, $password, $db = null) { if (empty($username) || empty($password)) { throw new EmptyCredentialsException(); } $username = clean($username, $db); $pwid = clean($password, $db); $pwid = intval($pwid); $query = "SELECT name, username FROM Caris_roster_March2010 WHERE pwid = MD5('$pwid') AND username = '$username'"; $result = mysql_query($query, $db); if ($result && mysql_num_rows($result)) { $user = mysql_fetch_assoc($result); user_update(array('login_timestamp' => time()), $username, $db); session_regenerate_id(); $meta_data = array('ip' => $_SERVER['REMOTE_ADDR'], 'browser' => $_SEVER['HTTP_USER_AGENT']); session_store($user + $meta_data); return true; } throw new InvalidCredentialsException(); } function user_update($data, $username, $db = null) { $query = 'UPDATE Caris_roster_March2010 SET '; $data = array_map('user_update_callback', $data, array_keys($data)); $query = $query . implode(', ', $data); $query = "$query WHERE username = '$username'"; $result = mysql_query($query, $db) or trigger_error(mysql_error()); return $result && mysql_affected_rows($result); } function user_update_callback($value, $key) { return "$key = '{clean($value)}'"; } function session_is_auth() { return (isset($_SESSION['ip']) && isset($_SESSION['browser'])) && (($_SESSION['ip'] === $_SERVER['REMOTE_ADDR']) && ($_SESSION['browser'] === $_SERVER['HTTP_USER_AGENT'])); } function session_store($data) { $_SESSION = array_merge($_SESSION, $user); } if (isset($_POST['submit'])) { try { login($_POST['username'], $_POST['pwid']); } catch (EmptyCredentialsException $e) { echo "<h2 class='fail'>Please fill in both your username and password to access your exam results.<br />", "<br >You will be redirected back to the login screen in five seconds.</h2>"; echo "<meta http-equiv='refresh' content='5; url=StudentLogin.php'>"; exit; } catch (InvalidCredentialsException $e) { echo "<h2 class='fail'>You have entered a username or password that does not match our database records.", " please try again.<br><br>You will be redirected back to the login screen in five seconds.</h2> "; echo "<meta http-equiv='refresh' content='5; url=StudentLogin.php'>"; exit(); } } // Start a session. If not logged in will be redirected back to login screen. if (!session_is_auth()) { header("Location:StudentLogin.php"); exit; } echo "<table id='header'><tr><td><img src='Caris-Life-Sciences-Logo_small.png' /></td><td align='middle'><div id='welcome'><h3>Welcome! You are now logged in " . $_SESSION['name'] . "</h3></td></tr>"; echo "<tr><td><a class='logout' href='LogoutStudent.php'>Logout</a></td></tr></table>"; $user_id = $_GET['user_id']; //DELETE QUERY TO SELECT RECORD TO DELTE BASED ON LOGIN INFO. $query_delete = "DELETE FROM Caris_log_March2010 WHERE user_id = $user_id AND Caris_roster_March2010.user_id = $user_id"; //echo $query; //for debugging test $result_delete = mysql_query($query_delete) or die(mysql_error()); ?>

WHERE promotions.expiry > now() Returns all promotions that are set to expire in the future

In order for us to help you you should be more clear in what you want to achieve. Like what data do you want to pull from the database and what is it for?

It may help explaining what you want to query? You may for example use a query like: SELECT checkin, nights, totalprice FROM booking b JOIN customer c USING customerID WHERE c.name = 'John' AND day(checkin) = day(CURRENT_DATE); To query all checkin's for today under the name John Ofcourse the queries entirely depend on your business requirements/rules

For portability reasons it is highly discouraged to replace functions with your own baked (untested) functions instead try namespacing your own functions like my_* or something

SELECT field, field, .. FROM table WHERE field = value ORDER BY id DESC LIMIT 10

Post your code we can not help you otherwise

The below does not work due to prevent SQLi foreach($_POST['station_id'] as $stationID => $value) { $insertStatement .= "INSERT into table (`song`, `station`) VALUES ('" . $_POST['song_id'] . "','$stationID');\n"; /*The semicolon inside is IMPORTANT.. the \n is just to put them on separate lines if you feel like looking at them */ } $insertThem = mysql_query($insertStatement); ID1 | song_id | station_id ID2 | song_id | station_id ID3 | song_id | station_id It's sufficient to write song_id (PK) | station_id (PK) As I doubt a station would have the same song twice even if so it shouldn't be documented in this table.

I think of it as a school assignment

Whatever you do don't believe him it will take you atleast 3-4 days to fully understand how osCommerce works especially because of it's great application design (*ahum*) depending on your familiarity with PHP you can deduct or add days which basically means that choosing osCommerce six days before the end will screw you over stick to what you have. It's better to mess 6 days with something you know to get it to work then to mess with something you know barely and stress is a slowing down factor. You can lean a great lesson out of this and that is to ALWAYS start with your high-risk, high-value components of your application you can identify these quite easily: If I didn't implement this am I then screwed? If the answer is yes you should put it on top and start or experiment on this first and make sure it WORKS.

Not if you are writing C++

Means you should switch to NetBeans or PhpStorm

Point them to the .frm file An easier method is: foreach ($t_array as $val){ list($order_of_verse, $book_name, $chapter, $verse, $text) = explode("\t",$val); echo "<p><strong>$book_name $chapter : $verse</strong></p>$text\n"; } I doubt I will ever see/go to that place altough I helped numerous of people. Christianity has a well-known history for burning, abusing, murdering and prosecuting without trial anyone related or in favour of Mathematics (to which we owe the Pentagram's dark background) or Technology (computers are tools of Evil apparently). None of this has any offensive meaning I just want to point out that it is anything but a ticket.

What type of server would i need, who would you suggest? (all data transfer will be text) If you are looking to host a community website you may be looking at servers. In this case you may want to contact a hosting company to discuss your needs and which solution fits your problem best. Altough you should do fine in the first year with one server. What type of programs need to be running on this server? You don't need to worry about this as hosting companies know their craft and they will take care of it. What should i have as the core language for this system? Really depends PHP is a good choice Facebook runs on it. They recently release HipHop of which you can benefit once the website and the number of visitors becomes really large. Is there a pre made program set up that is already available for this type of site or would i need to hire someone? I still can't really figure out what you actually want to build my current impression leans towards Twitter What type of set up would i need if i would want to make my site secure, i would like to be credible. A secure database ... go figure. This is a really broad topic and I strongly advice to use a framework of some sort that is well-tested and uses tried-and-true methods. What should i do for trauma management. ie attacks breakages and what not. Trauma Management???