Ninjakreborn

[quote]startup session.cookie_lifetime  = 14400[/quote] How do I set this to infinite.  I am creating myself an admin page, it'll only be me logging in, I am using sessions.  Even if someone hacks it, it won't be that big of a deal, it's mostly for testing purposes, and to make my site easier to update, and take care of when needed, since I don't normally have a lot of time to work on it, what do I set that to, to get infinite.

When I do another reworking on the site I Will take all of this into account. I may go ahead and program something on the site, where she can add in her own pictures, but the thing is with each picture there has to be a .htm equivelant in this case all of those would change to php, but there has to be a php version that is created that has the paypal information on it, as well as the picture, and a few links, I don't know how to get this to work right through her admin page.

actually you are right, when I have some more spare time and go back over the site, I will remove those underlines on both of those, any more advice or anything, thanks for what you have said so far.

After a lot of work, "on a free site" this is what I came up with.  Any advice on this one www.moondancedesign.com I made sure now every page is totally xhtml valid, and the css is 100% valid without any warnings as well.  Everything has undergone massive grammar checks, and changes, plus alignments.  It is a free project, just a portfolio builder, so for now on this one I didn't want to pull out the php gd library I have had a few suggestions to do that so I may in the future in my spare time

without the capitol href and type, it doesn't validate

cookies and sessions, by default are used together.  You don't have to do anything, php does everything for you.  the first thing, above EVERY page that uses sessions simply have session_start(); at the top with no white space, or nothing above it, keep any echo's a ways away from it or you get header errors. As far as sesisons to setup a session $_SESSION['variable'] = "whatever"; that session is set, if it's logging you out then you have to set the session maxlifetime high enough so it doesn't automatically close when the browser shuts down, or also doesn't cut them off in the middle of something either.

to check the field you can do this. [code]$select = "SELECT name FROM memberlist WHERE email = '$email';"; $query = mysql_query($select);[/code] // that set's the foundation for it then.. [code]if (mysql_num_rows($query)) { // if it finds something it does this. }[/code] or if you wanted vice versa [code]if (!mysql_num_rows($query)) { // if it didn't find anything it does this. }[/code] That is just to test them, if you wanted to have access to the database variables you have to use mysql_fetch_array or a similiar function, and use the variable name as the key like [code]while($row = mysql_fetch_array($select)) { // THen you access your table columns through the array.  Using there names as values like echo $row['email']; // that would print out the email address from the database. }[/code]

Are you trying to keep someone from getting to the page if they don't come from the form, You won't do that with just checking for isset post or get, because if someone uses another form to get to your page, it'll still be from post or get all they have to do is change that.  You can do 2 other things, but a hidden form field they can see, and just put on there other form anyway it's a waste of time. You can use http referer to check where the url is coming from and only accept it if it's coming from that specific url.  PLus use the 3 variables to make sure.

[quote]bool arsort ( array &array [, int sort_flags] )[/quote] From the manual it seems it can take 2 arrays

the htaccess code issued a severe 505 server error, but the other thing, I put it on the include page, RIGHT ABOVE the section about that, and it worked fine, now everything validates successfully on the homepage I am checking around and updating the other pages now.  Thanks for all the help.

What do you have so far, and what's the point??

[code]<?php if (isset($ok)) {   echo "hi"; }else {   echo "bye"; } ?>[/code] You have to figure out how to format correctly first.  Passing variables have to come from another page.  You have to have a page with a link or something to pass the variables.  I guess you MIGHT be able to type it for the same page, and hit enter to reload the page.  It would pass a get variable to itself, but even then you would have to do if (isset($_GET['ok'])) { instead of what you have.

give us the code you have.

The logic behind it was incorrect, you were correct the ! was what I needed in that situation I was looking at it from the wrong angle, so thank you.

The error display is all set correctly, it is suppose to display all errors, I haven't had to ask for help in awhile because I learned alot, and I am running for this issue off a server with the same php.ini configuration as my own site.  ALl errorhandling is on.  THe thing with this query, I need it to test to see if the information was in the database, IF IT IS in the database it returns an error, that echo no-rows was there as debug.  Here are 2 things I used on another script, they BOTH worked just fine, I used these to test for a username, and for a email address to prevent someone from entering them when they were already in the database, and these work flawlessly. [code]$selectuser = "SELECT `username` FROM `userinfo` WHERE `username` = '$username';"; $queryuser = mysql_query($selectuser); if (mysql_num_rows($queryuser)) { $errorhandler .= "The username Already Exists."; } $selectemail = "SELECT `email` FROM `userinfo` WHERE `email` = '$email';"; $queryemail = mysql_query($selectemail); if (mysql_num_rows($queryemail)) { $errorhandler .= "The Email Address Already Exists."; }[/code] that tests to see if the username exists, if it does already exist, it returns that error, if the email exists it returns that error, if one or both of them don't exist it just skips over it, and continues validation.  You see that I modeled the script I am having problems with around the other the ONLY different is the new script I am trying to get to work has a longer select query [code]$select = "SELECT * FROM userinfo WHERE username = '$resetpassusername' AND email = '$resetpassemail' AND  city = '$resetpasscity' AND state = '$resetpassstate' AND zipcode = '$resetpasszipcode' AND phone = '$resetpassphone' AND birthdate = '$resetpassbirthdate';";[/code]

on the page that you are trying to prevent direct access to, you can set 3 variables.  That only you know.  Alright, now set them as sessions, from the previous page.  For instance on the page with the form set like 3 special sessions, WITH 3 special words. $_SESSION['variable1'] == "Special Word"; session 2 session 3 on the other page you want to be careful on access at the very top put <?php session_start(); if ($_SESSION['variable1'] == "whatever" && $_SESSION['variable2'] == "whatever" && $_SESSION['variable3'] == "whatever") { ?> entire page here at the bottom put <?php } ?> ONLY people coming from that form can gain access.  That way you are sure of it, only ones coming directly from that form will have a chance of getting to that page.

show the code.

It runs through everything as far as validation of characters, it's been awhile since I had to ask for help.  THe thing is it does all validation, it checks all empty fields, so I know it's reading my isset. That entire structure is getting read.  Also when I get to the point of the first query it just ignores the test completely.  Whether I test for a positive or negative, then on the second query it runs the script for it, like the echo but does nothing with the database.  It's like the queries themselves are just getting ignored. I rewrote it 2 times to see if I could find out what was causing it, it's like my queries are invisible somehow.

How can you make them work without even knowing how to format them correctly, change them to this. [code]<?php   $navigation_menu['top']['Home']['url'] = "index.html" ?>[/code] [code]<?php   foreach ($navigation_menu['top'] as $name => $link) {   echo "<a href=\"{$link[url]}\">{$name}[/url]";   } ?>[/code] [code] <?php   if (is_array($VirtualPage)) {     echo $VirtualPage['content'];   }elseif (file_exists("include/$Page.php") {     include 'include/{$Page}.php';   } ?>[/code] Now that I can actually ready it what do you want it to do in cordination with the above?

uh, maybe foreach or while or something, more of for each, $_FILES that will run through each one.

yes in fact there is 2 easier ways.  You can use php's wide array of file handling functions to create a file and write the html to that file, and read contents from that file when needed.  Like session variables are stored to there own file you can do so with php file handling to store whateveer you want in whatever file type you want, only thing is keep them outside the server, unlessyou don't mind people being able to pull them up just by typing them in the url.

[code]<?php session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="Description" content="Your description goes here..." /> <meta name="Keywords" content="your,keywords,goes,here" /> <meta name="author" content="Joyel Puryear.  http://www.freelancebusinessman.com" /> <link rel="stylesheet" type="text/css" href="elost.css" /> <title>Reset Password</title> </head> <body> <div id="wrap"> <div id="header"> <?php include './includes/topnav.inc.php'; ?> </div> <div><img src="images/elostandfound.jpg" alt="ELostAndFound Logo" /></div> <div id="content"> <p>We require all the following information to reset a password so we can make sure it's actually you resetting the password and not someone else.  All this information has to match our database information 100% for it to allow the password reset.  To change around your account information that can be done from inside your control panel once you login, at the top of the screen. Click on the link called my account, there you can change your account settings. </p> <?php if (isset($_POST['submitresetpass'])) { $errorhandler = ""; $regexphone = " /^[0-9]{3}-[0-9]{3}-[0-9]{4}$/";  // regex phone validation $regexemail = "^[A-Za-z0-9\._-]+@([A-Za-z0-9][A-Za-z0-9-]{1,62})(\.[A-Za-z][A-Za-z0-9-]{1,62})+$"; if ($_POST['resetpassusername'] == "") { $errorhandler .= "The username field was left blank<br />"; } if ($_POST['resetpassemail'] == "") { $errorhandler .= "The email field was left blank<br />"; } if ($_POST['resetpasscity'] == "") { $errorhandler .= "The city field was left blank<br />"; } if ($_POST['resetpasszipcode'] == "") { $errorhandler .= "The zipcode field was left blank<br />"; } if ($_POST['resetpassphone'] == "") { $errorhandler .= "The phone field was left blank<br />"; } if ($_POST['resetpassbirthdate'] == "") { $errorhandler .= "the birthdate field was left blank<br />"; } if (!ereg("$regexemail", $_POST['resetpassemail'])) { $errorhandler .= "The email address is improperly formatted<br />"; } if ($_POST['resetpassphone'] == "") { $errorhandler .= "The Phone was left blank<br />"; } if(!(getmxrr(substr(strstr($_POST['resetpassemail'], '@'), 1), $temp)) || checkdnsrr(gethostbyname(substr(strstr($_POST['resetpassemail'], '@'), 1)), "ANY")) { $errorhandler .= "The Domain name for the email address does not exist<br />"; } if ($_POST['desiredpassword'] == "") { $errorhandler .= "The desired password field was left blank<br />"; } mysql_connect("localhost", "######", "#####"); mysql_select_db("elostand_general"); $resetpassusername = mysql_real_escape_string($_POST['resetpassusername']); $resetpassemail = mysql_real_escape_string($_POST['resetpassemail']); $resetpasscity = mysql_real_escape_string($_POST['resetpasscity']); $resetpassstate = mysql_real_escape_string($_POST['resetpassstate']); $resetpasszipcode = mysql_real_escape_string($_POST['resetpasszipcode']); $resetpassphone = mysql_real_escape_string($_POST['resetpassphone']); $resetpassbirthdate = mysql_real_escape_string($_POST['resetpassbirthdate']); $desiredpassword = mysql_real_escape_string($_POST['desiredpassword']); $resetpassusername = strtolower($resetpassusername); $resetpassemail = strtolower($resetpassemail); $resetpasscity = strtolower($resetpasscity); $resetpassstate = strtolower($resetpassstate); $resetpassphone = strtolower($resetpassphone); $select = "SELECT * FROM userinfo WHERE username = '$resetpassusername' AND email = '$resetpassemail' AND  city = '$resetpasscity' AND state = '$resetpassstate' AND zipcode = '$resetpasszipcode' AND phone = '$resetpassphone' AND birthdate = '$resetpassbirthdate';"; $query = mysql_query($select); if (mysql_num_rows($query)) { echo "NO ROWS"; $errorhandler .= "There is no such info in the database<br />"; $errorhandler .= "Please try again or contact us for questions<br />"; } if ($errorhandler != "") { echo $errorhandler; } if ($errorhandler == "") { $passhash = md5($desiredpassword); $update = "UPDATE userinfo SET password = '$passhash' WHERE username = '$resetpassusername';"; if(mysql_query($update)) { echo "The password was changed successfully"; $message = " You just recently had your password changed, here were the results. User Name: {$resetpassusername} Password: {$desiredpassword} "; mail($resetpassemail, "Password Notification", $message); $temp = true; }else { echo "There was some kind of problem updating the password.<br />"; echo "Please either contact support or try again<br />"; }// close update query else statement }// end else } // close isset ?> <?php if ($temp != true) { ?> <form name="resetpass" id="resetpass" action="resetpassword.php" method="post"> <label for="resetpassusername">*Username:</label> <input name="resetpassusername" type="text" id="resetpassusername" value="<?php echo $_POST['resetpassusername']?>" maxlength="80" /> <br /> <label for="resetpassemail">*Email Address</label> <input name="resetpassemail" id="resetpassemail" type="text" maxlength="80" value ="<?php echo $_POST['resetpassemail']?>" /> <br /> <label for="resetpasscity">*City:</label> <input name="resetpasscity" id="resetpasscity" type="text" maxlength="80"  value ="<?php echo $_POST['resetpasscity']?>"/> <br /> <label for="resetpassstate">*State:</label> <input name="resetpassstate" id="resetpassstate" type="text" maxlength="80" value="<?php echo $_POST['resetpassstate']?>" /> <br /> <label for="resetpasszipcode">*Zip Code:</label> <input name="resetpasszipcode" id="resetpasszipcode" type="text" maxlength="20" value="<?php echo $_POST['resetpasszipcode']?>" /> <br /> <label for="resetpassphone">*Phone:</label> <input name="resetpassphone" id="resetpassphone" type="text" maxlength="80" value="<?php echo $_POST['resetpassphone']?>" />(555-555-5555) <br /> <label for="resetpassbirthdate">*Birth Date:</label> <input name="resetpassbirthdate" id="resetpassbirthdate" type="text" maxlength="80" value="<?php echo $_POST['resetpassbirthdate']?>" />(mm/dd/yyyy) <br /> <label for="desiredpassword">*New Password:</label> <input name="desiredpassword" id="desiredpassword" type="password" maxlength="80" /> <br /> <input name="submitresetpass" id="submitresetpass" type="submit" value="submit" /> <input name="resetpassreset" id="resetpassreset" type="reset" value="Clear Form!" /> </form> <?php } ?> <p class="box"><strong>Note:</strong> You must agree to the Disclaimer to sign up for the site.  You should also check out the privacy policy, rules page, and other information on the site before signing up.  It is HIGHLY recommended that you click the following link to make the web site go over to a secure connection.  This will increase security during the login, and logout process. <a href="https://www.elostandfound.info" title="Secure Site">Here</a> Please give it just a second to switch over to the secure connection, it can sometimes take a few seconds.  The secure connection is 100 times more secure than the standard connection, the downfall however is that is loads slower.  It will also display a message about having secure and non-secure items on the same page, these non-secure items are the validation links in the bottom left hand corner of the page, and they are nothing to worry about.</p> </div> <div id="sidebar"> <h3>Welcome</h3> <a href="index.php" title="Back To the Homepage">Home:</a><br /> <a href="resetpassword.php" title="Reset Password">Reset Your Password!</a> <?php if ($_SESSION['controller'] == true) { ?> <a href="logout.php" title="LogOut">Log Out!</a><br /> <?php } ?> <h2>Categories:</h2> <?php include './includes/categories.inc.php'; ?> <h2>Site news:</h2> <?php include './includes/news.inc.php'; ?> <h2>Validation Links</h2> <p>Inactive when over a secure connection</p> <ul class="links"> <li><a href=" http://jigsaw.w3.org/css-validator/validator?uri=http://70.103.140.141/~elostand/elost.css" target="_blank"><img src="http://jigsaw.w3.org/css-validator/images/vcss" alt="Valid CSS!" /> </a> </li> <li><a href="http://validator.w3.org/check?uri=referer" target="_blank"> <img src="http://www.w3.org/Icons/valid-xhtml11" alt="Valid XHTML 1.1" /></a></li> </ul> </div> <?php include './includes/footer.inc.php'; ?> </div> </body> </html>[/code] I haven't encountered this type of problem for a very long time, this whole script is running but it's totally ignoring my query for no known reason.  I thought it was working until someone pointed out an issue, it's worse than I thought, I am trying to test the database to see if the query exists, so I know whether or not they are int he datbase, in order to allow them to change there username and password, but it's not working the way it should be it's ignoring my first query completely.  It's not returning errors, or returning anything, but it's not registering it with my errorhandler. Here is the line I am having problems with. [code]$select = "SELECT * FROM userinfo WHERE username = '$resetpassusername' AND email = '$resetpassemail' AND  city = '$resetpasscity' AND state = '$resetpassstate' AND zipcode = '$resetpasszipcode' AND phone = '$resetpassphone' AND birthdate = '$resetpassbirthdate';"; $query = mysql_query($select); if (mysql_num_rows($query)) { $errorhandler .= "There is no such info in the database<br />"; $errorhandler .= "Please try again or contact us for questions<br />"; }[/code] I tried mysql fetch arrays and everything else but something is keeping that part from running smoothly, any advice.

I know I can use htaccess I asked the webhost already, and also I have it loaded down with a few other things already I was using on it, a couple of redirects and a number of other things as well.

Is there another way to put that in the htaccess file, it told me 505 server error when I added it, so I had to take it off.

to fix the css error just set it twice display: block; display: inline; that MIGHT avoid picking up an error.  But it can only be block or inline, so there has to be something else you can do.