Ninjakreborn

[code]<?php       $sql = "select extension from role";       $Pass = $db->query($sql);             echo '<tr><td>View Roles :</td><td><select name="role">';       while($Pass->fetchInto($row)){       $id = $row[0];         echo '<option name="role"value='.$id.'>'.$id.'</option>';       }       echo '</select>';      ?>  [/code] for one try reformatting the code, see if that helps [code]<?php       $sql = "select extension from role";       $Pass = $db->query($sql);             echo "<tr><td>View Roles :</td><td><select name=\"role\">";       while($Pass->fetchInto($row)){       $id = $row[0];         echo "<option name=\"role\" value=\"{$id}\">{$id}</option>";       }       echo "</select>";      ?>  [/code] if that doesn't work say what is happening, is the value just turning up blank.

You shouldn't need to wordwrap those, just take a few extra seconds to add in br tags.  Be careful with html emails it ALWAYS double emails.  one with html and one without I believe is what the manual says

you can but it's not necessary on includes, without how many you end up using it's easies include 'url'; automatically includes, it's faster if you use a lot of includes also in the url sometimes in php.ini it has a prefix, if so you ALWAYS have to put a ./ in front of the url and ../ if it's 2 levels feep

[code]<?php $dir = 'pending/apps/' . date('l \\t\h\e jS \of F Y g:i:s a').'/'; mkdir($dir); $file1 = $dir.basename($_FILES['snapshot']['name']); if (move_uploaded_file($_FILES['snapshot']['tmp_name'], $file1)) $file2 = $dir.basename($_FILES['userfile']['name']); if (move_uploaded_file($_FILES['userfile']['tmp_name'], $file2)) $comments = $_POST['comments']; $commentsfile = fopen($dir . 'comments.txt','a+');                   {if ((filesize($file1) <= 153600) && (filesize($file2) <= 26214400) && (fwrite($commentsfile,$comments)) {echo 'All your information has been uploaded successfully. One of our staff members will look it over and if it passes our inspection, it will be on as soon as possible. Thank you.'; } } else { echo 'Something went wrong during the upload please go to our contact page and tell us what happened.';           unlink($file1);           unlink($file2); } ?> [/code] Your really screwing yourself over, ALWAYS put the if (whatever) { } always put the brackets.  Your going to have to reformat the whole thing.

[code]} } else { [/code] change that part to [code]}else { // whatever }[/code]

oh you'll have to redirect him to something that shows him what he is like a certain midget site, that people shouldn't go to, just pop it in the url, and he will be redirected to another page using header, he won't be too ahppy, or find a site you KNOW has a virus, and redirect him to that site, and he will automatically get a virus on his computer. using header, you can redirect them

actually you probably can I probably have a theory. If you can find out his ip, wait until you have his ip, log the post's via ip.  Ok follow me here 1. Log all posts via ip, and database them with teh posting id. When you find out you know is him, look up the id, and find out the ip.  Set up a script on the login page DON"T BAN HIM, just set up a script on the login page.  Put down [code] <?php //check for ip, I don't know how to do that part yet. if (ip = whatever) { // however you check for an ip address $_SESSION['fuckyou'] = false; if ($_SESSION['fuckyou'] = false) { echo "Go to hell your not going to keep posting this bullshit, dumb ass fagget"; } ?> [/code] Alright now, do this everytime you see a new post, with a new ip, take that ip, and ADD it to an array of ip's, check those ip's each imte, no 2 people can have the same ip, so he will go through a lot of ip changes, and it won't matter, because it'll keep happening, eventually he'll get the point.

yes like manually approve them through an admin, if your having that kind of issue. or better yet, get a friend to manually moniter posts, and have to manually approve all of them daily, get like 3 people with username's and passwords into an admin page, and get them too proofread them daily, whoever get's a chance can just empty them, with 3-4 people checking them, regularly it shouldn't delay the postings for very long.

Just use a joint query then [url=http://www.hudzilla.org/phpbook/read.php/9_9_0]http://www.hudzilla.org/phpbook/read.php/9_9_0[/url]

[code]<?php $q = "SELECT * FROM '$prefix', users WHERE created >= '$_SESSION[last_login]' ORDER BY id"; $rs = mysql_query($q) or die("Problem with the query: $q<br>" . mysql_error()); ?>[/code]

[code]mysql_query("SELECT * FROM " . $prefix . "users WHERE created >= ".$_SESSION['last_login']." ORDER BY id") or die(query_error());[/code] $select  = "SELECT * FROM users, WHERE atleast explain what the $prefix is, and for what if you are trying to pass a variable to check the name like a variable as what you are selecting it should be "SELECT * FROM '$prefix', users WHERE created >= '$_SESSION[last_login]';";  The only thing you need for the session is $_SESSION[last_login] surrounded by single quotes.

[code]Regarding the database, i quite agree that it's not the most logically laid out, but i cheated........the basic bare bones and database structure was a pre-built module, so i can't change it unfortunately.[/code] lesson learned, don't cheat. Also don't use pre-built databases. Also no database can't be changed. If htere is a database, and you can get into it, then you can change it.

That is an even better idea, I will have to keep that in mind.

if it's the right type of site you can just initiate a password protection policy.  Give the password to who you trust, or allow them to sign up, in order for him to get into your site, he has to put in a lot of information, just keep deleting his username, because you will know if he's putting in bullshit.  Make it a free registry, adn quick login, you don't even have to be that secure, just throw in a few sessions, without even worrying about it, then you can refine stuff in a few weeks if it turns out.

Oh yes, also what you wanted to do is there too, in that script it takes the name that they chose for name, in teh other script and names as files by that, and also checks and makes sure the file doesn't already exist, you should be able to get what you need from bit's and pieces of that.

[code]<?php $management = true; $errorhandler = ""; $dateinfo = strtotime("now"); $dateformatted = date("n-d-y", $dateinfo); $connect = mysql_connect("localhost", "####", "#####"); $select = mysql_select_db("funnyemailforwards"); if (!$connect && !$select) { exit("There was an error connecting to, or selecting the database"); } $name = $_POST['name']; $name = strtolower($name); $name = str_replace(" ", "", $name); $nameselect = "SELECT nameoffunny FROM fileinfo WHERE nameoffunny = '$name';"; $namequery = mysql_query($nameselect) or die(mysql_error()); if (mysql_num_rows($namequery)) { $errorhandler .= "The name you have chosen for your funny already appears<br />"; $errorhandler .= "The way to correct this problem would be to choose<br />"; $errorhandler .= "Another name, I apologize for the inconvenience.<br />"; exit(); } $errorhandler = ""; if ($_POST['name'] == "") { $errorhandler .= "The Name field has been left blank<br />"; } if ($_POST['keywords'] == "") { $errorhandler .= "The Keywords were left blank<br />"; } if(!is_uploaded_file($_FILES['file']['tmp_name'])){ $errorhandler .= "No file has been uploaded<br />"; } if ($errorhandler != "") { echo "{$errorhandler}"; exit(); } $_accepted_extensions = array('.tiff', '.png', '.mpeg', '.mpg', '.wav', '.avi', '.mid', '.jpg', '.txt', '.gif', '.mp3', '.jpeg', '.gif', '.swf', '.swc', '.flv', '.mov', '.ram', '.rm', '.ra', '.rpm', '.asf', '.wma', '.wmv', '.wm', '.asf', '.wma', '.wm', '.avi', '.mpeg', '.mpg', '.mp2', '.mp3', '.mid', '.midi', '.wav'); $tmp = pathinfo($_FILES['file']['name']); if (in_array('.' . $tmp['extension'],$_accepted_extensions)) { $filemanager = true; }else { exit("The file extension is not correct, please upload a different extension"); } // Relative URL with desired folder name and the name of the file on the user's machine $newfile = "uploads/".basename($_FILES['file']['name']); $newfiletemp = "{$_FILES[file][tmp_name]}"; if (file_exists($newfile)) { exit("The file already exists"); } if (!move_uploaded_file($newfiletemp, $newfile)) { exit("There was some sort of problem moving the file"); } $query = "SELECT * from fileinfo WHERE type = '" . implode("", $_POST['type']) . "' AND nameoffunny = '" . mysql_real_escape_string($_POST['name']) . "' AND keywords = '" . mysql_real_escape_string($_POST['keywords']) . "' AND funnyurl = '" . mysql_real_escape_string($newfile) . "' AND entrydate = '" . mysql_real_escape_string($dateinfo) . "'"; $result = mysql_query($query); $matches = mysql_num_rows($result); if ($matches == 0) { $inserter = "INSERT INTO fileinfo (type, nameoffunny, keywords, funnyurl, entrydate) VALUES ('" . implode("", $_POST['type']) . "', '" . mysql_real_escape_string($name) . "', '" . mysql_real_escape_string($_POST['keywords']) . "', '" . mysql_real_escape_string($newfile) . "', '" . mysql_real_escape_string($dateinfo) . "')"; if(!mysql_query($inserter)){ exit("The information was not databased properly"); } }else { exit("The data was already in the database"); } $selectemail = "SELECT id, email FROM signoninfo;"; $emailquery = mysql_query($selectemail); while ($row = mysql_fetch_array($emailquery)) {   $to = "{$row[email]}";   $subject = "Funny Email Forwards Database Results";   $message = "You can see the results at this page: ";   $message .= "http://www.funnyemailforwards.com/apex/limitedemailresults.php";   if (mail($to, $subject, $message)) { echo "The information has been distributed to everyone on the mailing list<br />";   } }   $to = "information@theyellowpagesnetwork.com";   $subject = "Funny Email Forwards Entry Approval";   $message = "http://www.funnyemailforwards.com/administration/approval.php";   mail($to, $subject, $message); ?>[/code] A little outdated compared to my current style, but I had to create an entire file handling, and file management system, that ended up being able to play almost every file type concievable.  Flash files, and video files, music, movie sound and everything I used that above to accept the file submissions, maybe that will help, I will show you a few more scripts I use to handle file information, when people were trying to view it maybe it can lead you in the right direction [code]<?php # getLoc() grabs the current URL and parses the fake folders into variables. function getLoc(){ $dirname = split("/", getenv("REQUEST_URI")); foreach ($dirname as $var) { if (($var!="BidRent")&&($var!="display")&&($var!="")){ $p[] = $var; } } return $p; } # They are called and set here. $pages = getLoc(); $folder = trim($pages[0]); $pagename = trim($pages[1]); $site = "http://www.funnyemailforwards.com/apex/"; $pageTitle = "Page For $page1"; mysql_connect("localhost", "#####", "#####")or die(mysql_error()); mysql_select_db("funnyemailforwards")or die(mysql_error()); $select = "SELECT * FROM fileinfo WHERE nameoffunny = '$pagename'"; $query = mysql_query($select); $count = mysql_num_rows($query); $fetch = mysql_fetch_assoc($query); if ($count > 0){ if(extract($fetch)) { $successful = true; }else $successful = false; }else{ echo "The file Does not Exist in the database<br />"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title><?php echo "{$nameoffunny}" ?></title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <!--<link href="style.css" rel="stylesheet" type="text/css" />--> </head> <body> <?php $funnyurl = $site . $funnyurl; if (preg_match("/[.txt]$/i", $funnyurl)){ require_once("./includes/view_text.php"); }elseif (preg_match("/[.jpg|.gif|.jpeg|.bmp|.tiff]$/i",$funnyurl)) { require_once("./includes/view_picture.php"); }elseif (preg_match("/[.mov]$/i",$funnyurl)) { require_once("./includes/view_quicktime.php"); }elseif (preg_match("/[.ram|.rm|.ra|.rpm]$/i",$funnyurl)) { require_once("./includes/view_realmedia.php"); }elseif (preg_match("/[.asf|.wma|.wmv|.wma|.wm|.asf|.avi|.mpeg|.mpg|.mp2|.mp3|.mid|.midi|.wav]$/i",$funnyurl)) { require_once("./includes/view_windowsmedia.php"); }elseif (preg_match("/[.swf|.swc|.flv]$/i",$funnyurl)) { require_once("./includes/view_flash.php"); }else { echo "No file exists at this location"; } ?> </body> </html>[/code] That is what views the files, on every url, I use get strings, to filter information to a display.php page, that chops up the information and redirects it to the appropriate includes, that has all the necessary information to view each file type.  This is all the help I can give you.

sorry. ok you don't want people to be able to submit information without making a choice. Do this on hte page with the form roughly [code]<form action="nextpage.php" method="get"> <input type="radio" name="form_gen" value="male" />Male <input type="radio" name="form_gen" value="female" />Female <input type="radio" name="form_gen" value="none" checked="checked" />None <input type="radio" name="form_car" value="bmw" />BMW <input type="radio" name="form_car" value="ford" />ford <input type="radio" name="form_car" value="jeep" />jeep <input type="radio" name="form_car" value="none" checked="checked" />None <input type="submit" name="submit" id="submit" value="Submit"> </form>[/code] None on your php page put this where you do validation if you append it to a screen, use exit, relocate, whatever you do to validate your forms the setup is roughly like this [code] <?php if ($_GET['formgen'] == "none" || $_GET['form_car'] == "none") { // You must select values for the 2 radio buttons.  Whatever you do to validate here. } >> [/code]

value="none" then when it get's to the next page use something to validate that if $_POST['whatever'] == "none'] there was an error sorry don't have time to format

Nothing above, nothing at all.  Nothing but top of document <?php that is it, it has to come directly after that if you some much as piss in the area above it, the headers are already sent.

mailer = var_dump(mail($to, $subject, $body)); By my knowledge replace body with $message, and the name of the variable to $message, it can't be sent with anything but either $message or "" with something in it, that is what I gathered, that is all I ever used.

VERY top of the page before any includes or anything right?

if they never logged in they never gained that session. The thing you put is the same thing I put just wrote differently.  No they can come to the page if they wanted.  ANyway just by typing it in the url, so either way would work, personal preference, mostly.

PERFECT, hostfreak had a perfect idea, that would work like a miracle, I have to keep that in mind for later.

No matter what if session_start(); is not LINE 1, ONLY, no other line, no spaces, no text, nothing at all before session_start() then error headers already sent, always pop's up at the top of the screen always cop y and paste session_start() above all pages using sessions. Preferably in it's own <?php session_start(); ?> exactly like that before html or anything if you have any includes, it's best to do them in another island, below the session start code island

THe only thing mysql_real_escape_string() doesn't do that needs to be done if magic quotes isn't on, is strip slashes for databasing.  and it may even do that. php.net tells you everything it does on them.