ignace

There are divers ways of implementing an ACL ranging from easy to complex and it depends on what you want. If you want to be able to set it all from a database: create table page ( id .. parent_id .. -- pages can have sub-pages eg About, sub: What we do, Jobs, .. .. ); create table role ( id .. parent_id .. -- roles can inherit privileges from other roles .. ); create table user ( id .. role_id .. .. ); create table page_acl ( page_id .. role_id .. privilege varchar(32), -- view, edit, delete, .. rule enum('allow', 'deny') .. ); This ofcourse is a complex example a simple example would be the one WordPress uses: class User { const ROLE_GUEST = 1; const ROLE_MEMBER = 2; const ROLE_AUTHOR = 4; const ROLE_EDITOR = 8; const ROLE_ADMINISTRATOR = 16; public function isGuest() {} public function isMember() {} public function isAuthor() {} public function isEditor() {} public function isAdministrator() {} } This is an easy example and easy to use: if ('delete' === $action && $user->isAdministrator()) { Depends on who you want to let define the rules. The easiest setup is if you (programmer) define the rules instead of the user. There is also a difference between roles and groups.

in MySQL, I thought they were the same in PHP to, are they not?

Both provided methods work fine if you do not distribute your code. If you do want to distribute your code by for example selling your software then your first method will work (but has cons) and your second just won't work because you can not re-define constants therefor it is best to use a xml or ini file to read/write configuration settings.

You could take up Assembler it will give you a good idea how a programming language works and an if/else for that matter. Your if and else are basically two blocks if the if fails (based on internal flags) it jumps to the else block otherwise it jumps to the if block. The good old' days

So I can just send a complaint about a few players that they didn't accept there loss altough I never played against them? And who are you going to believe? It's his word against mine?!?

Well that's the tricky part you probably want them logged in both in the forum and on your website regardless of where they logged in. The best approach would be to digg into the phpbb code but before you do check the URL you use to login to phpBB if it's login.php or index.php?action=login then check those pages until you find the login procedure hopefully they use a function or a class to do this as this would make it really easy for you. If they also provide a is_logged_in() function then you have all required tools to implement the login procedure on your website. Additionally you can take a look at http://www.ozzu.com/website-design-forum/phpbb-integration-into-website-t64861.html Or try this http://www.google.be/search?q=phpbb+website+integration

Here's a list of frequently used directory layouts: http://framework.zend.com/wiki/display/ZFDEV/Choosing+Your+Application%27s+Directory+Layout Generally I adhere to two different directory layouts dedicated/vps private_html `- libraries `- modules `- install `- templates `- helpers `- scripts `- settings `- application.xml `- workspaces `- system `- sessions `- user `- uploads public_html `- images `- scripts `- styles `- index.php shared libraries modules setttings templates workspaces images scripts styles index.php In the shared hosting setup all directories except images, scripts and styles are protected and can not be accessed through the web.

Everything you specify in your controller (db, auth, session) is actually just a model and these may be present in the controller. I actually do not recommend adding your db directly into your controllers as your controller does not need to know that your application uses a database nor that it uses sessions. You can hide these behind a new model layer for example: $user = UserRepository::findByUsername(..); Uses a database to find the username but it actually does not know if this database is mysql, a flat file or sqlite or something.. Same applies for auth: AuthService::logon($this->getRequest());

Please note that if(time() > 1262930400 && time() < 1263427199){ Will only work only once that is between 1262930400 and 1263427199. Once it exceeds 1263427199 it will never be shown again. Is this what you are looking for? Or is it more something like this if (date('H', time()) == 15 && date('H', time()) < 18) { .. Which displays something during a certain part of the day?

Take a look at the FrontController pattern http://martinfowler.com/eaaCatalog/frontController.html

When the user click register redirect them to the phpbb register page. Couple your login to the users phpbb table.

No. Accessibility is to enhance the web experience for people who have a disability. Keep in mind that hey may be your clients prospects.

Plus they are unreliable like IP's so in the end it still won't work.

Is this a bug? Because if I request session_get_cookie_params it says: Using this code: session_start(); if (!isset($_SESSION['setcookie'])) { setcookie(session_name(), session_id(), time() + 86400); $_SESSION['setcookie'] = mt_rand(); } else { print $_SESSION['setcookie']; print_r(session_get_cookie_params()); } lifetime 0 would imply the session should close upon browser close.. Altough this may aswell be able to work because the garbage collector has not yet cleaned the session. This last makes most sense and is most plausible. PFMaBiSmAd here or salathe for the correct reason why this works?

Well there are flyout menu's that support accessibility (like Suckerfish) but are hard to implement. Modify the href attribute of both About and Services from # to the first element in the list or create a new page that lists all sub-items (make sure these list links have tabindex starting from 1)

getXML nor getDOM nor getJSON is a responsibility of your database. This should be delegated to a view helper.

Actually I think this could work as is session_set_cookie_params not just a proxy for setcookie? Edit: Works! session_start(); if (!isset($_SESSION['setcookie'])) { setcookie(session_name(), session_id(), time() + 86400); $_SESSION['setcookie'] = mt_rand(); } else { print $_SESSION['setcookie']; } Ran this script showed nothing (2 cookies were set with same id one to expire upon browser close and one tommorow), closed the browser, open it again ran the script displayed a random number (1 cookie was set to expire tommorow)

Actually I think this could work as is session_set_cookie_params not just a proxy for setcookie?

How is the response of the application when you run it locally?

$json_out = stripslashes(nl2br($mtj->get_json()));

Try: INSERT INTO `smartit`.`businesses` (`user_id`, `BusinessName`, `AddressOne`, `AddressTwo`, `Number`, `PostCode`, `City`, `County`, `Country`, `Forename`, `Surname`, `Title`) VALUES ( '$user_id', '$BusinessName', '$AddressOne', '$AddressTwo', '$Number', '$PostCode', '$City', '$County', '$Country', '$Forename', '$Surname', '$Title' )

That's not what I meant the OP asked for how to increase the session lifetime you adviced setcookie I'm asking if it possible to extend the session cookie lifetime using this function?

What does $mysqli->error return?

echo'<a href="page2.php?register=". $content['register']. "'; This is an error and should be: echo "<a href=\"page2.php?register={$content['register']}\">some text</a>"; //or echo '<a href="page2.php?register=' . $content['register'] . '">some text</a>'; //or echo '<a href="page2.php?register=', $content['register'], '">some text</a>'; Your page1 & page2 are actually the same: $query = 'SELECT id, register FROM store'; $result = mysql_query($query, $connection); if (0 !== mysql_num_rows($result)) { while (list($id, $register) = mysql_fetch_array($result, MYSQL_NUM)) { echo 1 === intval($register) ? '<span>Registered</span>' : '<span>Not Registered! <a href="register.php?id=' . intval($id) . '">Register now, it\'s free!</a></span>'; } }

How would that work? setcookie(session_name(), session_id(), time() + 86400); Like this? Is this possible?