roopurt18

I refuse to help you with your actual question until you remove the unsanitized data from your MySQL query. http://www.php.net/mysql_real_escape_string

I'm curious why you would want to do this. I don't think a sure-fire way to detect which browser the user is really using exists.

If you use the event models correctly in all recent browsers, there is no reason for any Javascript to be present within your HTML. I keep all of my Javascript in .js files or in the head section of the document.

I don't have a specific example in mind, but I've had situations in the past where I've set DOM properties before insertion into the document and those properties have then been reset after insertion into the document. Just another thing to watch out for.

A few things: 1) You are testing the existence of window.event to determine if the browser is IE, which is fine, but then you are assigning the keyCode from e.keyCode and e will be undefined in IE. 2) You are not canceling the default action correctly. 3) I can't remember the details because my example is on a PC at home, but FF, Netscape, and Opera do not set the which property the same, so you may need to do additional testing there. Anyways, try this: function cbHandleKeyDown(e) { e= e || window.event; var keynum; /* get keystroke number */ if (window.event) { /* IE */ keynum = e.keyCode; } else if (e.which) { /* Netscape / Opera / Firefox */ keynum = e.which; } /* reject arrow keys,home,end,pgup,pgdown - everything that could move the selection. */ if (keynum > 32 && keynum < 41) { if(window.event){ e.returnValue = false; }else{ e.preventDefault(); } return false; } /* pass other keys through, so it is still possible to navigate with letters*/ return true; }

I think most web work is done via contracted positions because most companies don't have a need for a permanent web developer. If you're looking for a permanent position, I think you'll need to work at a large company that has lots of web-related mini-projects or any position working on a web application. These threads spring up every once in a while and the results vary on a few factors. The type of work (design vs. experience vs. database programming vs. something else) and location. I make decent salary, more than most starting web developers IMO, but I live in southern California where the cost of living is fairly high so I feel like I never really have any money.

Try changing: <select name="state" id="state" onChange="selectArea(this.value)"> to <select name="state" id="state" onChange="selectArea(this.options[this.selectedIndex].value)"> I'd be curious to see the function selectArea.

On second thought, here is another way of doing the same thing which makes updating easier: <?php // Array of search words where 'search' => 'style' $Search = Array("cab" => "truck", "convertible" => "", "coupe" => "", "hatchback" => "", "wagon" => "", "van" => "", "sedan" => "" ); $type = $vehicle->vehicletype; // Shorthand $bodyStyle = "UNAVAIL"; // Final result // Start our search foreach($Search as $key => $val){ $pos = stripos($type, $key); // Search for $key within $type if($pos === FALSE){ continue; } // not found, skip // If we're still here, we found a match. If $val is set we // will use it, otherwise we use $key if(strlen($val)){ $bodyStyle = strtoupper($val); }else{ $bodyStyle = strtoupper($key); } } echo $bodyStyle; ?>

<?php switch($mode){ case 1: case 2: case 3: echo "1, 2, or 3"; break; case 4: default: echo "4 or anything else"; break; } ?> The break is the keyword in a switch. Switch evaluates the expression and starts execution at the corresponding case. Execution continues line by line until break is encountered, at which point execution continues after the switch is closed.

I completely agree; however, it's impossible to make a site completely secure. The best we can hope for is to make it difficult enough that only the most clever individuals can bypass security measures. The suggestion I started this topic with would really only be used in the more extreme situations, such as protecting bank or credit card information IMO.

Consider taking it one step further and using a static function in combination with a static variable: <?php class foo { static $bar = true; public static function performTest(){ return foo::$bar; } } if (foo::performTest()) { echo "true"; } ?> The benefit is not apparent until you decide that a simple flag is not enough to determine the condition. In the future, you may have to compare $bar with multiple values or perform additional logical operations. Should that occur, you will have to go through all of your code and update your conditionals that are testing the value foo::$bar. However, if you wrap the test inside of a static method and later decide to change the test, you only have to change it in one place and all of your code will continue to work.

Silly me. Instead, I should have told him to close the site's tab and then to revisit the page.

Not necessarily. If you are using a tabbed browser and only close the tab of a site using sessions without ending the session, if you re-open the site in a new tab your session will most likely still be active.

The :: operator allows you to access a class method statically, i.e. without an instance of the class. <?php class Foo{ function hello(){ echo "Hello, World!"; } } // Access the function without an instance of the class: Foo::hello(); ?> Keep in mind that the $this variable only exists within instances of a class. (EDIT) In this sense, you can fake name spaces in PHP.

The code that I gave you shows the session is being correctly deleted. Try this. Run the code segment I provided again and leave out all redirects. When the page loads, close the browser. Then reopen it and go back to the home page. Does it provide you with a login screen or does it treat you as still being logged in?

What does this output: <?php session_start(); include("dbconnect.php"); // track logout time in statistics if user logged in if($_SESSION['online'] && $_SESSION['LoginStatus']){ @mysql_query("UPDATE stats_ppl_online SET logout_time=now() WHERE session_id='".session_id()."'"); } echo "<pre style=\"text-align: left;\">" . print_r($_SESSION, true) . "</pre>"; session_unset(); session_destroy(); $_SESSION = array(); echo "<pre style=\"text-align: left;\">" . print_r($_SESSION, true) . "</pre>"; ?>

You certainly could, but I recommend not doing so. Avoid globals like the plague. Instead, why not create a class or interface with functions like isLoggedIn(), logout, etc. that check / edit what's in $_SESSION? Then in your site you can just say: <?php if(MySession::isLoggedIn()){ echo "You are logged in."; }else{ echo "You are not logged in."; } ?> Many newer programmers ask what the point of using classes or objects is; well this is one of them. If you later decide to change how the site tracks logged in users, you only edit your functions MySession::isLoggedIn(), etc. and the rest of the site continues to work. In other words, if you have to change implementation details later, as long as you keep the interface (in this case, MySession) the same, you don't have to modify code elsewhere.

I'm curious if anyone has used PHP's rename_function() to increase security for their site. Apache can be set to execute scripts before and after every request, so why not rename certain functions, such as mysql_query(), to company specific names that only the developers know. Then you could create a new mysql_query() function that logs user information. Does anyone else think that could help increase site security?

Try this: <?php session_start(); session_unset(); session_destroy(); $_SESSION = Array(); ?> Also, I don't see the point in "good bye" or "you have been logged out" messages with a link back to the home page. Why not just redirect back to the home page, the user will know they've logged out when they're faced with the log in screen again.

This is one of those things you must play by ear. I don't think most sites receive enough traffic for a single controller to become a bottleneck. Also, there are some steps you must take every time someone visits a site in the page so they tend to be in a centralized location. Keep in mind that a front controller should be short and to the point, don't allow any unnecessary processing in a site's entry point. Also, you should only direct traffic that needs to go through the controller and let the web server handle everything else. For example, there's no point to send a site's images through a controller. Hope that helps some.

By asking specific questions and practicing. That's almost specific. Pasting the code and asking if there's a more efficient way of doing the same thing would be even more specific.

By providing a specific field for that kind of information, you make it easier to interface your software with existing software that also uses that same information. Otherwise, I don't usually include that type of information because I don't really want to be contacted.

I almost never use classes for my data, I find that arrays suit my needs just fine 99% of the time. I do use classes heavily for components of the site's back end. For example, I have some of the following classes: CTemplate, CPage, CDatabase, etc. One of the nicest features of using classes is they eliminate polluting the global namespace with variables and functions. It's really difficult to learn how and why to use classes until you've worked on a large project or tried to reuse pieces of an old one.

I may be wrong, but AFAIK PHP doesn't natively support threading. You can fake the concept though by using exec or system function calls and redirecting the output to /dev/null; this will cause the script to execute in the background and immediately return control to the calling script. After you successfully execute multiple scripts at once, the next step is to allow them to communicate with each other. Since neither script will have access to the other's memory space, you will need to use disk storage to accomplish cross-script communication. Note that disk storage is just a general term for files, whether they're text files, database files, etc. Hope that helps you out some. Also, you might try google searching any of the following terms along with PHP: fork, child process, mutex

Enjoyable. I liked it. (note to others, turn off brain before watching mindless fun)