btherl

I'm not sure how you want to improve your code. You could use SQL joins in place of multiple queries, that may simplify your code. I also recommend not using variable names like $sql and $sql1. Instead you can use $sql_programs and $sql_ids, for example. It makes code clearer and reduces typos. If you want to clean up the usage of $_GET and $_SESSION within your code, you can have a section at the start of the program that gives alternate names for each of those variables you might use later, eg $unit_it = (int) stripslashes($_GET['unit_id']); $PSN = $_SESSION['PSN']; etc etc

This is only a problem because you used $names as a 1-level array first, and then used it as a 2-level array. If you use a fresh variable you should not have any problems making the 2-level array.

If you view your site and set your browser to view it as utf8, does it display properly? If yes, then the problem is how to tell the browser to use utf8. If no, then the problem is your code is not generating utf8.

If you set your browser manually to show utf8, does it work?

If you are using utf8 in your html, then yes you should declare that with http-equiv. You can also set a header in php like this: header('Content-type: text/html; charset=utf-8');

This looks fine to me, as you had in your last post: echo "<input name='".$row[$varArray[$i] . $f]."' type='text' size='13' value= '".$row[$varArray[$i] . $f]."'; ?> />"; An alternative is this syntax: echo "<input name='{$row[$varArray[$i] . $f]}' type='text' size='13' value= '{$row[$varArray[$i] . $f]}'; ?> />"; Is that what you're looking for? I find the {} syntax to be least confusing, as it lets you do just about anything inside.

You're welcome Did you test it with multiple events on a day? The second code fragment in your first post will only work with a single event.

You need to build a result set and return it all at once, instead of having a return inside the foreach loop. You also need to bring $conn into scope. Try this: function getevents($day) { global $conn; $sql = "SELECT event FROM calendar WHERE day = " . $day; $results = array(); foreach($conn->query($sql) as $event) { $results[] = $event["event"]; } return $results; }

$_SESSION only stores data for you. If you take data from a user that contains an sql injection, store it in $_SESSION then take it out, then you are still at risk. But if you take data from the user (from $_POST for example), sanitize it, then store it in $_SESSION, then it is now safe data. So $_SESSION basically has no effect on safety of variables, since session data is set by you, not by the user. The thing to check is whether the data you put in $_SESSION originated from $_POST or $_GET (or $_REQUEST or $_COOKIE)

Does phpinfo() show that ssl is enabled?

Actually the new code tells you why it's not working. It gives this important message: "<p>Unable to find class for driver smtp</p>" Here's the code that generates the error: function &factory($driver, $params = array()) { $driver = strtolower($driver); @include_once 'Mail/' . $driver . '.php'; $class = 'Mail_' . $driver; if (class_exists($class)) { $mailer = new $class($params); return $mailer; } else { return PEAR::raiseError('Unable to find class for driver ' . $driver); } } So basically it attempted to include "Mail/smtp.php" and check for the Mail_smtp class, but was unable to find it. So either Mail/smtp.php doesn't exist, or including it did not define the Mail_smtp class. Can you see the Mail/smtp.php file?

EchoFool also wants "-1" to fail, but "-1" is numeric by that regexp. I think it should just be this: preg_match('~^\d+$~', $n);

You can install the pear libs if your host doesn't have them pre-installed. Hosts will typically only have common pear libs installed, if any, but you can install your own.

The sequence should be curl_setopt(generic options), curl_setopt(first url), curl_exec(), curl_setopt(second url), curl_exec(). Did you try that sequence before or were you setting the second url before curl_exec() ?

You need the code snippet with $smtp as well, not just $mail. Both can be pear errors if they fail.

You're running on windows right? I think you'll need the smtp mail object. Sendmail is a unix thing. Give it the hostname and port from comcast, as well as the auth information, and it ought to work. From the constructor method here it looks like you can give all of the auth data in the constructor itself. Oddly formatted documentation there, but it looks like it wants an array like you are passing to the mail factory in your latest post.

Oops, I didn't notice that .. I'm pretty sure php's built in mail doesn't do smtp auth. But the pear package does: http://pear.php.net/package/Mail There's also an smtp package if you want more control (but I'm guessing you just want to get it working). Here's that one: http://pear.php.net/package/Net_SMTP/docs/1.3.1/Net_SMTP/Net_SMTP.html

There's no need to direct 587 from outside back to your server, just 587 going out. php should be configured for smtp.comcast.net port 587, as in the documentation here: http://www.comcast.com/customers/faq/FaqDetails.ashx?ID=4240&fss=smtp If that doesn't work, then I would next try to find if the connection is actually getting through any pc and router firewalls you may have. That's difficult to test without some networking knowledge though.

You need to call the function like this: vac_week($array, $temp); I think you will also need to break out of the loop when the ideal vacation week is found (if you only want to find one), otherwise do the $k++ outside of the "else". Jordan: I saw your post before you edited, I will keep it secret

Google showed up some interesting snippets, especially this one http://russj.livejournal.com/43575.html By the sounds of it, you'll need to configure your local smtp software to use comcast's smtp server as a relay.

I wouldn't recommend sessions, for the reason premiso gave (the hacker just has to not send the session cookie and the system is defeated). You definitely need to store the data server side. As for letting them retry after a set period of time, you can store the identifying info (username or ip) in a database, along with a timestamp. Next time they try to login, check how old that timestamp is. No need for a cron job. About IPs .. well, it is easy for a hacker to find perhaps 100 or 200 proxy servers to spoof their ip with. But if they only get 4 attempts per server, that's still just 400-800 tries. Maybe that's an acceptable limit. The shared proxy with a single outside ip is a bigger issue IMHO, because you'll end up blocking innocent users. A disadvantage of a 5 minute username ban is you are also blocking the REAL owner of the account from logging in. But many sites use such a system successfully.

Can you post your code? Edit: And your OS, and version of php please It may well be a firewalling issue and that's very OS dependent.

There's two things you need 1. A way to identify your user (probably $_SERVER['REMOTE_ADDR'], but be careful with shared proxies. Or if you lock a particular username out, then this part is easy, it's just the username) 2. A way to remember how many times they tried to login (mysql database?) I can give more detail, but I'm not sure what kind of help you are looking for.

Sessions sound ideal for this. Unless you have tens of thousands of users, you should have no problem with resources.

The error message is saying that $smtp is a pear error, meaning the Mail::factory() call failed. Add this code after that call: if (PEAR::isError($smtp)) { echo("<p>" . $smtp->getMessage() . "</p>"); }