ignace

Not true. You can have multiple email addresses in the "to:". From the manual: mail() Yeah I know. But I couldn't edit my post anymore.

Like Crayon already mentioned most likely spam filters block any mails with multiple to e-mail addresses. Therefor I suggest to add 1 to and to spread all others to cc and bcc.

Hmm I am not sure if I could figure out how to do that - my php skill is very very newbie-level. Can you give me an example of the code that uses an array and function so I can try to work with it? thanks. I wouldn't recommend using the described method. You are generalising your script to any given input. You would perform an mysql_real_escape_string() on an e-mail address field without really knowing that it actually is an e-mail address.

I agree with Batosi

http://sql-info.de/en/mysql/gotchas.html#1_2

Yes this is generally known as a form framework. This couples form data to table columns and allows you to add validation rules. A simpler solution would be using online form services like Wufoo (http://wufoo.com) This allows you to create your form (visually), embed it and retrieve the data using their API.

Granted it can't be spoofed, I guess.

Read up on this thread: http://www.phpfreaks.com/forums/index.php/topic,260768.msg1229279.html function getip() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { return $_SERVER['HTTP_CLIENT_IP']; // shared internet } else if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { return $_SERVER['HTTP_X_FORWARDED_FOR']; // behind a proxy } else { return $_SERVER['REMOTE_ADDR']; // directly connected to the internet } } This gives you the the ip address when the user uses shared internet, a proxy or is just directly connected to the internet.

$to1=$_GET['news']; if (empty($to1)) /*do something*/; $from1=$_SESSION['username']; if (!empty($_POST)) { $comment1=$_POST['comment']; if (!$comment1) { //=strlen($comment1)==0 echo "Comment not entered"; // odd at first but this checks if their is a character at position 10 (array is 0-based) if their isn't $comment1 < 10 if their is it atleast contains 10 characters. } else if (!isset($comment1[9])) { echo "Comment too short, must be 10 characters at least"; } else { echo "".$from1.", you have added a comment "; $query="INSERT INTO ".TBL_NEWSCOMMENTS." VALUES (NULL '$to1','$comment1', now(), $from1)"; mysql_query($query); } }

A website is like raising a child. Cute at first but as it grows older, so do your worries

Where does it say you can login on goofbay using your e-bay credentials? https://www.goofbay.com/login.html

There are a few ways you can do it, you could also instead of using numbers name each step by what they do (e.g. installdb): $page = $_GET['page']; $directory = realpath('/relative/path/to/steps/directory'); $file = implode(DIRECTORY_SEPARATOR, array($directory, $page . '.ext')); if (!$page || !ctype_alpha($page) || !file_exists($file)) { //invalid } require($file); Or as you are using a wizard, you could use: http://www.phpfreaks.com/forums/index.php/topic,261112.msg1229397.html#msg1229397

You'll need the e-Bay API to be able to do so http://developer.ebay.com/developercenter/php/ However I don't see any authentication information. So I'm not entirely sure if it is even possible.

Save the information between requests. session_start(); if (!empty($_POST)) { if (!isset($_POST['wizard_finished'])) { // preferably only present on the last step $_SESSION['_POST'] = array_merge($_SESSION['_POST'], $_POST); } else { //wizard finished $_POST = $_SESSION['_POST']; //process as if it were one-page request } }

will i be able to include the parent methods proceedure this way or do i have to call it parent::mthod();, thnx btw No you won't. Zend framework doesn't entirely come without it flaws, and one of the main complaints are what you are experiencing. You still need to copy-paste a serious amount of code to add some more functionality. The reason for this is because Zend framework is still in a serious development process and they don't intend to re-factor any code anytime soon. But eventually you'll be able to extend their code base without copy-pasting.

I want to post data from koos.co.za to domain.co.za. use cURL.

Not exactly. By default a session cookie expires once the user closes his browser (unless the TTL of the cookie was modified using session_set_cookie_params()).

Retrieve all values within a certain interval (math ftw): SELECT * FROM velden WHERE (x BETWEEN $x1 AND $x2) AND (y BETWEEN $y1 AND $y2) P.S. Belg of Nederlander?

Thank you for your clear explanation of IP spoofing and I know what you mean. I already mentioned that you shouldn't rely on an IP address anyway because every option available can be fake: 1) X-Forwarded-For and Client-Ip can be given any value (spoofed). 2) Remote-Addr can't be trust either because if they are using a proxy or shared internet the address we get is incorrect.

Yes if you did used something like: <select name="filename"> <option value="a-filename.ext">Filename</option> </select> You can access it using: $_POST['filename'] /*or*/ $_GET['filename'] Depending on the request method you used.

SELECT users_username, tweets_tweet FROM tweets JOIN users ON tweets_users_id = users_id WHERE tweets_users_id IN ( SELECT followers_followee FROM followers WHERE followers_follower = 1 ) ORDER BY tweets_tweet_date DESC; Which shows all statusses of your friends: http://webdevkid.files.wordpress.com/2009/03/twitter-clone.png?w=536&h=376 (don't mind the text)

Well if you ask me you shouldn't even rely on IP anyway as REMOTE_ADDR can be surpassed by using a proxy or shared internet and the alternatives can be spoofed. IP was created for one thing and it does that well. To get information from point A to B (not the actual transfer but identifying the source and destination, and even then it also needs a MAC and port number). There is one thing you can do though use it to detect ip changes for an authenticated client.

Where are $_SERVER['HTTP_CLIENT_IP'] and $_SERVER['HTTP_X_FORWARDED_FOR'] documented? I have never seen these in the manual. http://us3.php.net/manual/en/reserved.variables.server.php You can't see the wind either and yet it's there Some more information about these custom headers: http://en.wikipedia.org/wiki/X-Forwarded-For

Yes this is possible however you'd need a twist: abstract class USorter { protected $_parameter = null; public function __construct($parameter) { $this->_parameter = $parameter; } public function sort(&$array) { return usort($array, array(&$this, '_sort')); } abstract protected function _sort($a, $b); } //your usort class MySort extends USorter { protected function _sort($a, $b) { return $a->{$this->_parameter} - $b->{$this->_parameter}; } } Call like: $sort = new MySort('Windows'); $sort->sort($array); However I'm not sure if you can pass protected methods altough you pass $this. However if not, then change the function name and change protected to public. If you want to expand it further I suggest you take a look at the Strategy pattern. Add a setParameter($param) method. That will allow you to do something like: $sort = new MySort('Windows'); //initialize for sorting on Windows $sort->sort($array); $sort->setParameter('Doors'); $sort->sort($array); //..

require('authent.php'); if (!empty($_SESSION['useragent']) && (!strcmp($_SESSION['useragent'], hashPassword($_SERVER['HTTP_USER_AGENT']))) || !strcmp($_SESSION['userip'], hashPassword(getip())) { session_destroy(); header('Location: login.php'); }//<-you forgot this