.josh

<?php $days = array('monday','tuesday','wednesday','thursday','friday','saturday','sunday'); if (in_array(strtolower($_POST['day']), $days)) { $_POST['day2'] = array_keys($days,$_POST['day']); } else { $errorstatus = $errorstatus + 1; echo "<br><Strong>ERROR </Strong>"; echo $errorstatus . ':'; echo "<b>No Day entered</b>"; } ?> I win. edit: modified to add strtolower forgot about that.

I stay hidden pretty much for the same reason as Dan: People see you online or in a forum or thread and suddenly you're bombarded with PMs asking for personal help, very often a c/p job of what was in their thread to begin with.

I would start with learning proper English.

You can use file_get_contents or curl from an external source and it would be just like accessing it from your browser. You won't have access to it like you would locally (like, knowing all the vars and doing stuff with them, etc..) the file would specifically have to output something in a format you could then parse on your own server.

Will it even fit in the slot? It's possible you can downgrade the speed by switching some jumpers manually or else maybe in the BIOS, but you'll have to read your manuals. edit: But you don't want to just set it in there and flip the switch and go about your business. If your motherboard and your cpu aren't "attuned" to each other, bad things happen.

http://www.phpfreaks.com/forums/index.php/topic,95426.0.html

anyways, in your function, return $ext; should be return $type;

by echoing it out and seeing what it's holding.

Looks like you want to make use of sql's LIKE SELECT column FROM table WHERE column LIKE 'something' You can use some regex withing your 'something' to filter results. For instance, if you have a column like so: Names John Joe Jane Joanna Mary and you ran this query: SELECT names FROM table WHERE names LIKE 'Jo%' John, Joe and Joanna would be returned. You will pretty much have to build your '...' string the way you want it to be returned, just like with any regex operation. So for instance, if you want "tests123ab" to return "TeSt's 123 aB" you would have to add %'s like so: "%TeSt%s%123%aB%" That's something you're going to have to build with php and there's really no set method of doing it; it just depends on how "open ended" you want your search to be. In php you could easily explode your $_GET var and add a % between every character and it would return that data just the same, but I don't really think that's all that practical...

update users set geld = geld + 10000 where userid = x (change userid to whatever is appropriate) or manually do it in phpmyadmin.

Doesn't look like there's anything in that code that actually prints anything. Looks like just has to do with formatting and figuring out which day is what, but not actually displaying anything. Need to look elsewhere man.

...and what "programming" prevents you from using 2 diff names for 2 diff radio buttons?

As far as...what? No matter how many rows are in your table, it's always more efficient to do everything you can in the query itself. That's what the db is there for.

Upon doing some research, I concede to regex being better. SQL Injection attacks do not necessarily require the attacker to include quotes. Here's an article I found: http://www.webappsec.org/projects/articles/091007.txt

You just want 10 random rows right? <?php $query = "SELECT * FROM $tblname ORDER BY RAND() LIMIT 10"; $content = mysql_query($query); while ($list = mysql_fetch_array($content)) { echo "blah blah is" . $list['win_path'] . "\r\n"; } Also if the only column you are using is 'win_path' then you should only select that from your table: <?php $query = "SELECT win_path FROM $tblname ORDER BY RAND() LIMIT 10"; $content = mysql_query($query); while ($list = mysql_fetch_array($content)) { echo "blah blah is" . $list['win_path'] . "\r\n"; }

....And it looks like you are wanting to limit it to 10 results, another thing you could be doing in your query string: SELECT * FROM $tblname ORDER BY RAND() LIMIT 10

Haven't looked at your code yet, but why not just order by rand() in your query string so the results are already randomized?

Care to elaborate as to how using regex is better? edit: For SQL injection attacks, that is.

mysql_real_escape_string

php is parsed on the server and then the results are sent to the client. You can't have php tell the iframe to refresh. You would need to do that clientside with javascript or mixing javascript with php (ajax).

if you return something from a function it will be assigned to the var that called the function, so... function something() { $x = rand(1,5); return $x; } // the random number would be assigned to $y... it would be "called" $y $y = something();

I'd also like to point out that there are lots of browser addons (for FF anyways) that will do all the hard work for you and give you a nice list of every single image on the page, no matter how it's displayed, and from there, a simple rightclick > save as is possible. Or just screen capturing as someone else mentioned. People trying to steal your image may not have "web dev" experience, but you can bet they probably have some photoshop type experience, at least enough to use the screen capturing utilities. Point is, no, it will not deter the "average joe."

...which can still be worked around quite easily. afaik there's no way to do that, that can't be easily circumvented. Hence watermarking.

fyi you don't need to add section=test in your action='...'