ignace

Select one of those 10 websites which will become the base for authentication it's best to select the one with the easiest/best coding as you will have to make some adjustments so that all websites authenticate with the same database. Research how each application identifies a user as logged-in and make sure your modifications match this.

You are referring to server-driven content negotiation and if your server supports it (and most do) you should already be able to use it.

Select one of the 3 websites as your base and authorize all users against the base database.

If your query looks like this then you'll get 2 as a result and not 1,2 therefor use staff_1=1&staff_2=2

I think you forgot to add $user_id = $_GET['user_id']; in the delete.php file I also took the liberty to cleanup your code and give you an example how clean code will help you in your endeavors <?php //ini_set("display_errors","1"); //ERROR_REPORTING(E_ALL); function my_error_handler($errno, $errstr, $errfile, $errline, array $errcontext = array()) { die($errstr); } set_error_handler('my_error_handler'); session_start(); $con = mysql_connect("localhost", "username", "pw") or trigger_error('Could not connect: ' . mysql_error()); mysql_select_db("DBName", $con) or trigger_error(mysql_error()); class EmptyCredentialsException extends Exception {} class InvalidCredentialsException extends Exception {} // Same checking stuff all over again. function clean($value, $db = null) { $value = strip_tags($value); $value = htmlentities($value); $temp = @mysql_real_escape_string($value, $db) ? $value = $temp : $value = addslashes($value); return $value; } function login($username, $password, $db = null) { if (empty($username) || empty($password)) { throw new EmptyCredentialsException(); } $username = clean($username, $db); $pwid = clean($password, $db); $pwid = intval($pwid); $query = "SELECT name, username FROM Caris_roster_March2010 WHERE pwid = MD5('$pwid') AND username = '$username'"; $result = mysql_query($query, $db); if ($result && mysql_num_rows($result)) { $user = mysql_fetch_assoc($result); user_update(array('login_timestamp' => time()), $username, $db); session_regenerate_id(); $meta_data = array('ip' => $_SERVER['REMOTE_ADDR'], 'browser' => $_SEVER['HTTP_USER_AGENT']); session_store($user + $meta_data); return true; } throw new InvalidCredentialsException(); } function user_update($data, $username, $db = null) { $query = 'UPDATE Caris_roster_March2010 SET '; $data = array_map('user_update_callback', $data, array_keys($data)); $query = $query . implode(', ', $data); $query = "$query WHERE username = '$username'"; $result = mysql_query($query, $db) or trigger_error(mysql_error()); return $result && mysql_affected_rows($result); } function user_update_callback($value, $key) { return "$key = '{clean($value)}'"; } function session_is_auth() { return (isset($_SESSION['ip']) && isset($_SESSION['browser'])) && (($_SESSION['ip'] === $_SERVER['REMOTE_ADDR']) && ($_SESSION['browser'] === $_SERVER['HTTP_USER_AGENT'])); } function session_store($data) { $_SESSION = array_merge($_SESSION, $user); } if (isset($_POST['submit'])) { try { login($_POST['username'], $_POST['pwid']); } catch (EmptyCredentialsException $e) { echo "<h2 class='fail'>Please fill in both your username and password to access your exam results.<br />", "<br >You will be redirected back to the login screen in five seconds.</h2>"; echo "<meta http-equiv='refresh' content='5; url=StudentLogin.php'>"; exit; } catch (InvalidCredentialsException $e) { echo "<h2 class='fail'>You have entered a username or password that does not match our database records.", " please try again.<br><br>You will be redirected back to the login screen in five seconds.</h2> "; echo "<meta http-equiv='refresh' content='5; url=StudentLogin.php'>"; exit(); } } // Start a session. If not logged in will be redirected back to login screen. if (!session_is_auth()) { header("Location:StudentLogin.php"); exit; } echo "<table id='header'><tr><td><img src='Caris-Life-Sciences-Logo_small.png' /></td><td align='middle'><div id='welcome'><h3>Welcome! You are now logged in " . $_SESSION['name'] . "</h3></td></tr>"; echo "<tr><td><a class='logout' href='LogoutStudent.php'>Logout</a></td></tr></table>"; $user_id = $_GET['user_id']; //DELETE QUERY TO SELECT RECORD TO DELTE BASED ON LOGIN INFO. $query_delete = "DELETE FROM Caris_log_March2010 WHERE user_id = $user_id AND Caris_roster_March2010.user_id = $user_id"; //echo $query; //for debugging test $result_delete = mysql_query($query_delete) or die(mysql_error()); ?>

WHERE promotions.expiry > now() Returns all promotions that are set to expire in the future

In order for us to help you you should be more clear in what you want to achieve. Like what data do you want to pull from the database and what is it for?

It may help explaining what you want to query? You may for example use a query like: SELECT checkin, nights, totalprice FROM booking b JOIN customer c USING customerID WHERE c.name = 'John' AND day(checkin) = day(CURRENT_DATE); To query all checkin's for today under the name John Ofcourse the queries entirely depend on your business requirements/rules

For portability reasons it is highly discouraged to replace functions with your own baked (untested) functions instead try namespacing your own functions like my_* or something

SELECT field, field, .. FROM table WHERE field = value ORDER BY id DESC LIMIT 10

Post your code we can not help you otherwise

The below does not work due to prevent SQLi foreach($_POST['station_id'] as $stationID => $value) { $insertStatement .= "INSERT into table (`song`, `station`) VALUES ('" . $_POST['song_id'] . "','$stationID');\n"; /*The semicolon inside is IMPORTANT.. the \n is just to put them on separate lines if you feel like looking at them */ } $insertThem = mysql_query($insertStatement); ID1 | song_id | station_id ID2 | song_id | station_id ID3 | song_id | station_id It's sufficient to write song_id (PK) | station_id (PK) As I doubt a station would have the same song twice even if so it shouldn't be documented in this table.

I think of it as a school assignment

Whatever you do don't believe him it will take you atleast 3-4 days to fully understand how osCommerce works especially because of it's great application design (*ahum*) depending on your familiarity with PHP you can deduct or add days which basically means that choosing osCommerce six days before the end will screw you over stick to what you have. It's better to mess 6 days with something you know to get it to work then to mess with something you know barely and stress is a slowing down factor. You can lean a great lesson out of this and that is to ALWAYS start with your high-risk, high-value components of your application you can identify these quite easily: If I didn't implement this am I then screwed? If the answer is yes you should put it on top and start or experiment on this first and make sure it WORKS.

Not if you are writing C++

Means you should switch to NetBeans or PhpStorm

Point them to the .frm file An easier method is: foreach ($t_array as $val){ list($order_of_verse, $book_name, $chapter, $verse, $text) = explode("\t",$val); echo "<p><strong>$book_name $chapter : $verse</strong></p>$text\n"; } I doubt I will ever see/go to that place altough I helped numerous of people. Christianity has a well-known history for burning, abusing, murdering and prosecuting without trial anyone related or in favour of Mathematics (to which we owe the Pentagram's dark background) or Technology (computers are tools of Evil apparently). None of this has any offensive meaning I just want to point out that it is anything but a ticket.

What type of server would i need, who would you suggest? (all data transfer will be text) If you are looking to host a community website you may be looking at servers. In this case you may want to contact a hosting company to discuss your needs and which solution fits your problem best. Altough you should do fine in the first year with one server. What type of programs need to be running on this server? You don't need to worry about this as hosting companies know their craft and they will take care of it. What should i have as the core language for this system? Really depends PHP is a good choice Facebook runs on it. They recently release HipHop of which you can benefit once the website and the number of visitors becomes really large. Is there a pre made program set up that is already available for this type of site or would i need to hire someone? I still can't really figure out what you actually want to build my current impression leans towards Twitter What type of set up would i need if i would want to make my site secure, i would like to be credible. A secure database ... go figure. This is a really broad topic and I strongly advice to use a framework of some sort that is well-tested and uses tried-and-true methods. What should i do for trauma management. ie attacks breakages and what not. Trauma Management???

No as you would delete your own record. Most likely you read this information from a database and if you include the uid in the select you can easily spit it out.

You code is not 100% plus I see some vulnerabilities read http://www.scanit.be/uploads/php-file-upload.pdf to avoid future problems

http://www.electrictoolbox.com/php-echo-commas-vs-concatenation/ I have done some searching on the web and it greatly differs some say it's faster others say it's slower Sources: http://hungred.com/useful-information/php-micro-optimization-tips/ http://www.phpbench.com/ http://www.simplemachines.org/community/index.php?topic=47171.0

I second that. You don't want to bother your client (or future maintainers) with half-baked code. Use well-tested and fully documented components or leave it all together.

I suddenly come to think about something how about the following setup: 1. Client: An IFrame that loads the XML file and applies an XSLT template 2. A stored XML file only known to A and B Now everytime a user submits it modifies the XML file (append node). Both clients refresh the IFrame at regular intervals. I wonder what other downsides this could have besides privacy/security? Would there be any gain performance wise? Because this would be the equivalent of multiple databases instead of many people searching (query) through one database each session would have it's own "database"

Makes you wonder why those boys at php.net go through all the trouble?!

I'm guessing you would mean: <a href="delete.php?uid=1" class="delete-button">Delete Record</a> <!-- OR --> <form action="delete.php" method="POST"> <div> <button id="uid" name="uid" type="submit" value="1">Delete Record</button> </div> </form>