DougieB2

maybe using a different httpd.conf than the one you're looking at, or may have another .conf file Included.

and your other server is the same? the #'s are comments, which means the server ignores that line when it starts up. you need to un-comment (delete the #'s) the php directives (lines) for the php version you have installed.

Have you restarted the webserver since you made the changes (to enable php)? Are you on unix or windows? if unix 'grep -i php httpd.conf' and what's the output? should be something like: AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps DirectoryIndex index.html index.php LoadModule php4_module libexec/httpd/libphp4.so AddModule mod_php4.c also worth running through: [a href=\"http://www.php.net/manual/en/install.php\" target=\"_blank\"]http://www.php.net/manual/en/install.php[/a]

php files are 'run' by the webserver and not the browser. Check the AddHandler section of the apache.conf (httpd.conf) file is configured correctly.

many people use sha1() to generate a hashed version of the string you want to protect. This is a one-way process, no un-sha1() function. Store the hashed version of the string in your database. $string = 'secret'; $encoded = sha1($string); if (sha1($user_password) === $encoded) { // both encoded versions match }

A tip is to echo out your query string, so you can see what's going on. [code] $query = "SELECT * FROM security_menu_main WHERE sec_level <= '$_SESSION[seclevel]' AND isactive = 'y'"; echo "original query: " . $query; $query = "SELECT * FROM security_menu_main WHERE sec_level <= '" . $_SESSION['seclevel'] . "' AND isactive = 'y'"; echo "new query: " . $query; $result = mysql_query($query); [/code]

^ means match the beginning of a string. [0-9]{5,5} mean match any character in the 0-9 range a minimum of 5 times and a maximum of 5 times. So match a string of 5 numbers. \- means match the - character, the \ escapes it. Then match 4 0-9's. $ matches the end of the string. so ^12345-1234$, looks like this 12345-1234 as a string.

[a href=\"http://localhost/test.php?p=icons\" target=\"_blank\"]http://localhost/test.php?p=icons[/a] works for me. test.php: [code] <?php $pattern = '/^[a-z0-9]*$/i'; if (!preg_match($pattern, trim($_GET["p"])) || strlen(trim($_GET["p"]) == 0)) { echo "<html><body>fails</body></html>"; exit; } echo "<html><body>success</body></html>"; ?> [/code]

seems to work ok. can you give an example of a 'p' string that fails?

Well said mate. Again, not trying to be a tosser, but we've learned perl and php the hard way (over the years and the errors) and to fess up a working bunch of code on request seems a crazy request to me.

your submit variable had no $, and you're sending output to the browser after the mail command. The redirect was also missing. [code]<?php if($submit) { @extract($_POST); $name = stripslashes($name); $email = stripslashes($email); $brand = stripslashes($brand); $model = stripslashes($model); $country = stripslashes($country); $op = stripslashes($op); $imei = stripslashes($imei); mail('*purposely_removed*','Unlock Request',"Brand: $brand \n Model: $model \n Country: $country \n Operator: $op \n IMEI: $imei \n Proof: $proof \n Email: $email","From: $name <$email>") or die("Error sending information. Please contact bridgey[at]gmail.com"); // don't send this text to the browser //echo("<font color=yellow><b>Thank you, your request has been sent. A reply will be sent to the email address you provided.</b></font>"); // redirect the browser header("Location: http://www.scott-hodson.com/bridgey/thanks.php"); exit; } else { echo "<font color=orange><b>You must fill in all fields before sending.</b></font>"; } ?>[/code] you also need to somehow set the $submit variable to true if there's $_POST data.

post the source

you must put your redirect at the top of your script, before you send any output to the browser. The above code suggestion buffers the output (ie doesn't send it) so it should work, but I'm guessing you've put if after you've already started sending output. move the if ($submit) ... code to before you're printing the <html> code. <?php if ($submit) { header("Location: [a href=\"http://www.scott-hodson.com/bridgey/thanks.php");\" target=\"_blank\"]http://www.scott-hodson.com/bridgey/thanks.php");[/a] exit; } // else continue ?> <html> <body> etc, etc, etc

if you use a header redirect you must do it before sending any output to the browser. where are you doing the redirect? are you printing any output beforehand?