ignace

$value_one=$two_num_below+0.125; $value_one_fin=round($value_one*$value_one,2); $value_two=$value_one+0.125; $value_two_fin=round($value_two*$value_two,2); $value_three=$value_two+0.125; $value_three_fin=round($value_three*$value_three,2); $value_four=$value_three+0.125; $value_four_fin=round($value_four*$value_four,2); $value_five=$value_four+0.125; $value_five_fin=round($value_five*$value_five,2); $value_six=$value_five+0.125; $value_six_fin=round($value_six*$value_six,2); $value_seven=$value_six+0.125; $value_seven_fin=round($value_seven*$value_seven,2); $value_eight=$value_seven+0.125; $value_eight_fin=round($value_eight*$value_eight,2); $value_nine=$value_eight+0.125; $value_nine_fin=round($value_nine*$value_nine,2); $value_ten=$value_nine+0.125; $value_ten_fin=round($value_ten*$value_ten,2); $value_eleven=$value_ten+0.125; $value_eleven_fin=round($value_eleven*$value_eleven,2); $value_twelve=$value_eleven+0.125; $value_twelve_fin=round($value_twelve*$value_twelve,2); $value_thirteen=$value_twelve+0.125; $value_thirteen_fin=round($value_thirteen*$value_thirteen,2); $value_fourteen=$value_thirteen+0.125; $value_fourteen_fin=round($value_fourteen*$value_fourteen,2); $value_fifteen=$value_fourteen+0.125; $value_fifteen_fin=round($value_fifteen*$value_fifteen,2); $value_sixteen=$value_fifteen+0.125; $value_sixteen_fin=round($value_sixteen*$value_sixteen,2); $value_seventeen=$value_sixteen+0.125; $value_seventeen_fin=round($value_seventeen*$value_seventeen,2); $value_eighteen=$value_seventeen+0.125; $value_eighteen_fin=round($value_eighteen*$value_eighteen,2); $value_nineteen=$value_eighteen+0.125; $value_nineteen_fin=round($value_nineteen*$value_nineteen,2); $value_twenty=$value_nineteen+0.125; $value_twenty_fin=round($value_twenty*$value_twenty,2); $value_twentyone=$value_twenty+0.125; $value_twentyone_fin=round($value_twentyone*$value_twentyone,2); $value_twentytwo=$value_twentyone+0.125; $value_twentytwo_fin=round($value_twentytwo*$value_twentytwo,2); $value_twentythree=$value_twentytwo+0.125; $value_twentythree_fin=round($value_twentythree*$value_twentythree,2); $value_twentyfour=$value_twentythree+0.125; $value_twentyfour_fin=round($value_twentyfour*$value_twentyfour,2); Can all be replaced with: $value = $two_num_below; $names = array('one', 'two', 'three', 'four', 'five', 'six', 'seven', 'eight', 'nine', 'ten', 'eleven', ..); // up to twentyfour //alternatively use pear/Number_Words //$nw = new Number_Words; for ($i = 1; $i <= 24; $i++) { $value += 0.125; //$word = str_replace('-', '', $nw->toWord($i)); ${'value_' . $names[$i - 1]} = $value; ${'value_' . $names[$i - 1] . '_fin'} = round($value * $value, 2); //${'value_' . $word} = $value; //${'value_' . $word . '_fin'} = round($value * $value, 2); }

Yes. Same with user_has_access()

Not onclick but instead on the page you land. UPDATE jobs SET views = views + 1 WHERE id = 1

It doesn't save replies. It delegates the responsibility to save reply to another function. (otherwise we may say that the Main() function handle too many responsibilities). Isn't it a controller's job? The main() function is completely unrelated to my response, since it's a C artifact used to bootstrap an application. I was referring to the fact that your functions are described vaguely. One would assume for example that calling GetMessagesHtml() ALWAYS returns messages in HTML format while the simple existence of a _GET or _POST variable could save a reply or even return a form instead of the expected formatted html messages. Hardly a side-effect free function. GetMessagesHtml() is a very poor name if it would have to represent a Controller in your application. IMO it's not a data access layer's or repository's responsibility. It's a business logic and should be placed in business logic layer (model layer). I agree that it shouldn't be in controller class, but I disagree it should be in data access layer or in repository code. Actually it's presentation logic... An actual e-mail has headers to indicate this was a reply to a previous message. So your model should have a isReply(true) function if you don't have Headers. getReplyMessageFormHtml() does not duplicate validation. There is no validation inside. Validation is initiated in the controller code (see $formValidator->addRules() call). Could you please explain what is exactly wrong here? A form is a UI representation of a model/aggregate to let a user input data to store it in some data source. Your model validates data as it's entered through it's mutator functions, right? So any external object that validates your model data actually copies your model validation.. Instead I would have a method on my model like so: public function getForm() { $form = new SomeModelForm(); $form->setValidator($this); // validate by calling set*() methods $form->setData($this->_data); // used to edit the model return $form; } Do we always need OO? What would become better in this code if I replaced static methods with instance method? Which benefits would I get and do I need them? OO is generally advised for bigger projects since they allow you to describe things which makes it easier/intuitive to work with them. Like Struct and Enum's in C. Take for example a message array versus a Message object. $message->setSubject('..'); compare this to $message['subject'] = '..'; The $message array has to be validated first every time you want to work with the contents and the code is sensitive for typo errors. Imagine what would happen in case of schema changes.. You would have to do a find/replace on your entire project instead of just having to open the Message class file and change the field name. There are more advantages than these, but are beyond the scope of this post. I think I will move functions to the corresponding model methods. For example PrepareReplySubject() could be moved to MessageService::PrepareReplySubject(). MessageService is not the proper place to put this, as you mentioned before it's business logic so it does not belong in a service instead I would opt for either a Special Case ReplyMessage which extends Message and has a isReplyFor(Message $message) or a simple $message->isReply(true); afterwards you can easily check if it's a reply and add 'Re:' in your view.

Remarks: [*] Many of those functions handle too many responsibilities. GetMessagesHtml() for example save's replies, display's a reply form, and returns messages. It also relies on globals $_GET and $_POST which means that the function may return something different than what was intended and no ability to enforce any specific output. [*] Object specific behavior is performed by external functions. For example PrepareReplySubject() is used on a $message object to prepend a 'Re: ' string to it's Subject.. IMO this should be wrapped inside a Reply() method on a DAO or Repo that loads the message from the database and already adds Re: or Fwd: to the Subject. [*] Controller/Presenter contains model behavior. For example getReplyMessageFormHtml() returns a Form with fields that map to a model/aggregate and duplicates validation (or calls $model->getvalidator())? [*] Poor use of OO, classes are not more than namespaces for static methods. [*] Namespacing functions would help to identify all functions that work on the same data. Which in turn helps in converting these to models.

That's not true, anyone can login with: username: any existing username followed by ' -- password: whatever, everything will work ^^ If you don't know the username, try: username: foobarbat' OR 1 -- password: whatever, again anything will work here ^^ Just an example of how you can use sql injection to log into your application with and without a valid username. To figure out why the query is failing change line 12 to: $logSearch=mysql_query($query) or die(mysql_error());

Without the backslash it means it will match any character followed by in. So ".bin" will match ".in" since . means any character. Try doubling the backslash \\ or trippling.

No need for regex: if (substr(trim($email), -3) === '.in') { // we got a problem! } Regex would be: if (preg_match('!\.in$!', $email)) { // we got more problems here! }

Or send a Refresh header. header('Refresh: 5,redirect.here');

It's supposed to handle when a user tries to access something they are not authorized to. So user_forbidden_handle() should either redirect to or display a not authorized webpage. You can extend this further to also log this in the database so that you can track malicious activity.

Preferably, yes. How you want to handle wether a user has access to a certain page is up to you to implement in the user_has_access() function.

On top of each page: if (!user_has_access(__FILE__)) { user_forbidden_handle(); } If you use a single point of entry like index.php which routes to a controller/page then write this in your index.php.

You never call the function delcontact in delete.php.

Or use DirectoryIterator http://www.php.net/manual/en/directoryiterator.construct.php

I pushed your code through a beautifier to make it readable again. So that people who want to help at least now can.. I also removed most duplication. if (isset($_POST['pc'])) { $con = mysql_connect("localhost", "root", "mypassword") or die("Could not connect: " . mysql_error()); $to = "[email protected]"; $subject = "New Change Request - Reference Number $_POST[reference]_$_POST[lname]"; if ($_POST["pc"] == "Desktop" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%" || $_POST["pc"] == "Laptop" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%" || $_POST["champ_portal"] == "Champ Portal" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%" || $_POST["email"] == "E-Mail" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%" || $_POST["phone"] == "Hard Phone" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%" || $_POST["phone"] == "Soft Phone" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%" || $_POST["lan"] == "LAN" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%" || $_POST["g_drive"] == "G:" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%" || $_POST["h_drive"] == "H:" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%" || $_POST["distribution"] == "Yes" && $_POST["access_card"] == "Access Card" && $_POST["organogram"] == "%") { $message = "Action Required"; } else if ($_POST["pc"] == "Desktop" && $_POST["access_card"] == "Access Card" || $_POST["pc"] == "Laptop" && $_POST["access_card"] == "Access Card" || $_POST["champ_portal"] == "Champ Portal" && $_POST["access_card"] == "Access Card" || $_POST["email"] == "E-Mail" && $_POST["access_card"] == "Access Card" || $_POST["phone"] == "Hard Phone" && $_POST["access_card"] == "Access Card" || $_POST["phone"] == "Soft Phone" && $_POST["access_card"] == "Access Card" || $_POST["lan"] == "LAN" && $_POST["access_card"] == "Access Card" || $_POST["g_drive"] == "G:" && $_POST["access_card"] == "Access Card" || $_POST["h_drive"] == "H:" && $_POST["access_card"] == "Access Card" || $_POST["distribution"] == "Yes" && $_POST["access_card"] == "Access Card") { $message = "Action Required"; } else if ($_POST["pc"] == "Desktop" && $_POST["organogram"] == "%" || $_POST["pc"] == "Laptop" && $_POST["organogram"] == "%" || $_POST["champ_portal"] == "Champ Portal" && $_POST["organogram"] == "%" || $_POST["email"] == "E-Mail" && $_POST["organogram"] == "%" || $_POST["phone"] == "Hard Phone" && $_POST["organogram"] == "%" || $_POST["phone"] == "Soft Phone" && $_POST["organogram"] == "%" || $_POST["lan"] == "LAN" && $_POST["organogram"] == "%" || $_POST["g_drive"] == "G:" && $_POST["organogram"] == "%" || $_POST["h_drive"] == "H:" && $_POST["organogram"] == "%" || $_POST["distribution"] == "Yes" && $_POST["organogram"] == "%") { $message = "Action Required"; } else if ($_POST["pc"] == "Desktop" || $_POST["pc"] == "Laptop" || $_POST["champ_portal"] == "Champ Portal" || $_POST["email"] == "E-Mail" || $_POST["phone"] == "Hard Phone" || $_POST["phone"] == "Soft Phone" || $_POST["lan"] == "LAN" || $_POST["g_drive"] == "G:" || $_POST["h_drive"] == "H:" || $_POST["distribution"] == "Yes") { $message = "IT Action Required"; } else if ($_POST["access_card"] == "Access Card") { $message = "Forensics Action Required"; } else if ($_POST["organogram"] == "%") { $message = "Organogram Action Required"; } if ($_POST["pc"] == "Desktop" && $_POST["organogram"] == "%" || $_POST["pc"] == "Laptop" && $_POST["organogram"] == "%" || $_POST["champ_portal"] == "Champ Portal" && $_POST["organogram"] == "%" || $_POST["email"] == "E-Mail" && $_POST["organogram"] == "" || $_POST["phone"] == "Hard Phone" && $_POST["organogram"] == "%" || $_POST["phone"] == "Soft Phone" && $_POST["organogram"] == "%" || $_POST["lan"] == "LAN" && $_POST["organogram"] == "%" || $_POST["g_drive"] == "G:" && $_POST["organogram"] == "%" || $_POST["h_drive"] == "H:" && $_POST["organogram"] == "%" || $_POST["distribution"] == "Yes" && $_POST["organogram"] == "%") { $message = "Action Required"; } $message = " New Churn Request - $_POST[churn_type]. " . $message . " A Churn request has been logged for $_POST[fname] $_POST[lname]. Please log onto the churn management system via the link http://10.249.135.30 and action the request accordingly. "; }

http://pulsecms.com/ http://www.couchcms.com/ http://cms.pagelime.com

The PEAR packages are unfortunately written like that. To get rid of the strict error messages alter error_reporting to error_reporting(E_ALL & ~(E_STRICT | E_NOTICE));

Pretty much like everyone seems to know everything about the law. Until they are in a courtroom...

Let's just assume for a moment the referer would ALWAYS be available. You can not use it to authenticate users on your website, doing so will compromise your website by design. If xyz.com does not support OAuth then you can't use authenticated users on xyz.com to be also authenticated on abc.com. And trying to use anything else then OAuth (or something like it) will result in compromising your website.

Are you running the latest version of Wordpress? If not, upgrade! What specifically did you ask him to code for you? If this is related to Wordpress core functionality then I doubt the programmer would have to use/write new functions and thus the memory leaks come from existing functions. Which would be resolved when upgrading Wordpress. Have you contacted the programmer who wrote this for you? Can you, in any way, show us the code he has written for you? We may be able to spot the serious problems or tell you which code may be causing the memory leak. If these are many files then include them in a zip file.

I would have to actually check. I switch so many times between color themes I lost count.. Even sometimes in one editing session (CTRL+~ to switch themes in PhpStorm). I use PhpStorm like Kevin and their color themes... SUCK ! And they don't allow me to color certain keywords different, so I also regularly switch editors too (netbeans, PDT, notepad++, ace, sublime text 2, ..). But since I use it at work and it has all the features I need/want.. and there is no other editor like it, I always end up back with PhpStorm. But I would switch in a flash for another editor that has all the features I need AND allows me to color certain keywords differently.

No mod with an auto-format option? Since most code here is indented with a random number between 1 and 8 spaces for each line.. (I intended to say something else, but I should be nice.) Just look at the indentation of the code here: http://forums.phpfreaks.com/index.php?topic=362257.msg1713875#msg1713875 Then compare that to: http://forums.phpfreaks.com/index.php?topic=362257.msg1713894#msg1713894 I used an online PHP formatter for that.

http://codebirth.com/index.php?topic=82.0 looks good. Does not copy line numbers when selecting, does not format though... Based on Geshi, mod can be found at http://custom.simplemachines.org/mods/index.php?mod=3070 (updated 11 jan '12). Would be cool if it included a toolbar so you also could copy-to-clipboard. Not many possibilities though: http://custom.simplemachines.org/mods/index.php?action=search;basic_search=syntax+highlighting The only other one in that list is (has no line numbers): http://custom.simplemachines.org/mods/index.php?mod=2925 And the 3rd is only when editing themes... Would it be hard to let a 3rd party plugin handle tags?

Is the double case really necessary? case ($str_item === '"' || $str_item === "'") && !$indoublequotes: