roopurt18

Oh God here we go again with this nonsense. Use a white list. <?php $good = array( 'contact', 'about', 'home', 'index' ); $requested = array_key_exists( 'page', $_GET ) ? $_GET['page'] : 'home'; if( in_array( $requested, $good ) ) include( $requested . '.php' ); else { header( 'Location: 404.php' ); exit(); } ?>

Not sure if this helps you or not, but there is a library called ODBTP for talking to MS SQL. My coworker uses it in all his projects and swears by it. You may want to take a peek at it.

No.

@emopoops Yes the OP can store the user's permissions in a session variable after they've been loaded from the database once. But a session variable in no way shape or form helps the development and design of a permissions system for an application. This is an old thread that may assist: http://www.phpfreaks.com/forums/index.php/topic,113143.0.html

I've not met an employer yet that cared about Zend certification but my experience is rather limited. I also have a Bachelors of Science in Computer Science and a minor in Physics, so I don't have much need for certification either IMO.

I suspect you could but I don't know for sure. What you can do to test though, is to create a duplicate table with a different name. You can do something like "CREATE TABLE mytesttable LIKE myexisting table;" refer to the MySQL documentation for details. Then you can do "INSERT INTO mytesttable SELECT * FROM myexistingtable WHERE 1=1;" Again, see the MySQL documentation for particulars. Now that your test table is populated, you can mess around with it any way you want to. Add new columns and see what happens. When you're done, eliminate the test table: DROP TABLE mytesttable;

As thorpe pointed out, a template engine is not the same as a CMS. You should make sure you really understand what they each are before you possibly confuse yourself. Anyways, PHP is a template engine. There's absolutely no reason to use any template language / engine such as smarty. Any person that can learn a template language can just as easily learn the four or five language elements of PHP required to use it instead. And since they'll be collaborating with a PHP developer anyways, the PHP developer will usually be on hand to answer simple questions about PHP.

FYI if anyone wants to look me up on xbox live, my handle is: TheDeadlyWaffle I can't promise you that I'm any good though! I mostly play team death match, either hardcore or regular. Sometimes I get 25+ kills, sometimes I get 3!

How about favorite load-outs? I think my most successful is one I call sneaky: scavenger pro, cold-blooded pro, ninja pro, m4a1 w/ silencer or a holographic, handgun, semtex or frag, and flash or stuns When a map isn't going my way I'll switch to: akimbo p-90, akimbo shotties, marathon pro, lightweight pro, commando pro and run around shanking people I have some classes for sniping but I think with how good assault rifles are sniping is mostly a waste of time. I don't think I've ever gone a whole round with a sniper rifle and gotten more than 10 kills. Whereas I can run around like an idiot with an assault rifle and get 20+ kills with just as many deaths (it's usually a 1:1 trade off of killing some guy and then getting shot by his buddy).

Ditto.

Is anyone actually able to earn their 6 or 7+ kill streak rewards reliably? I always seem to come so close and then some a-hole shoots me in the back.

Did you figure out what was causing the parse error?

So I could enjoy it on a huge TV! Also I get kind of tired of dealing with hackers and cheaters in games like counter strike.

Please enclose your code between [ code ] and [/ code ] tags, without the spaces, when posting. It makes it so much easier to help you.

There's no need to apologize; the primary purpose of this site is for you to ask questions and learn from the responses (assuming the responses are worth learning from). Programming itself can be very confusing because your own internal thought process is very different from that of a computer. When your brain thinks "move my arm" your arm just moves. When you want to "move the computer's arm" it's not enough to just think it, you have to tell it how. And then you realize there's about 50 different ways you can try to tell it the "how." And just in case you understood it this way, my post was in no way meant to be condescending or make you feel stupid. You'll find that many responses in technical forums will be very terse or concise. It doesn't mean the person is being rude; more often it means they are being efficient in terms of word usage or are time limited because they are at work. Also, how much work a person will do on your behalf is sometimes an indication of what they think of you. My approach is to give you some information and then let you mull it over and come to a decision of your own. That's good practice for you because programming will present you with many opportunities to think about which solution is best or to come up with your own answer based on facts. If on the other hand someone just throws you the entire solution and explains nothing, it may mean one of two things: 1) They are time constrained and just need to be quick about it 2) They don't think you're worth explaining it to. Hope that helps some.

PHP code will only run when invoked by some mechanism. The three most common ways for PHP code to be invoked are: 1) The user makes a web request through your web server, i.e: apache 2) A user logs into a machine and runs a php script manually by calling: php.exe script_name.php 3) A scheduled task or cron job runs a php script by invoking a command: php.exe script_name.php Based on what I've just told you, what do you think? a) user have to refresh page b) does php automatically run query after 5seconds

Haha Daniel! I visited some family for Thanksgiving and they had this on xbox. We spent 4 days playing it and I bought an xbox and new TV just for this when we got home. Since 1998 I've only had the patience to complete three games in single player: Half Life Half Life 2 Warhammer 40k: Dawn of War 2 Otherwise all of my gaming is strictly multiplayer and MW2 is so addicting. My only complaint centers around playing first-person shooters on game controllers. Trying to aim with a joystick and my right thumb is the most frustrating experience on the planet. I can't tell you how many "easy" kills I've missed that sent me into a swearing tirade under my breath. Give me a mouse and keyboard any day.

This is stupid IMO. Twelve browsers? Seriously? People have a hard enough time making choosing between pepperoni and sausage and almost everyone is informed as to what those are.

As long as you always use mysql_real_escape_string() (or whatever is appropriate for your database), nobody should be able to inject SQL into your codes. In other words, nobody should be able to turn a statement such as: select * from users where username='foo' and password='password' into select * from users where username='foo'; update users set password='asdf' where 1=1; select * from users where password='password'; However, that's not the only type of vulnerability your application could fall prey to. There's all sorts of inherent dangers in scripts that upload files, delete files, or use any sort of user input for anything. You should always, always use strict pattern checking on anything that comes from the user. Also, if you want to be even more secure, invest in some sort of PHP encoding program, such as Zend Guard or nu-coder. What you use depends on what you can get installed on your server, but these types of protection will prevent someone from walking off with your source and easily discovering passwords or other important information. Plain-text passwords scare the crap out of me. You back up your PHP code, your host backs up your PHP code, your client backs up your PHP code. The back ups get backed up and before long who knows where they are and who has access to them and your most sensitive information is in them. :/

<a href="/style_switcher.php?style=blue"><img src="blue.png" alt="Blue Style" /></a> <a href="/style_switcher.php?style=silver"><img src="silver.png" alt="Silver Style" /></a> <a href="/style_switcher.php?style=red"><img src="red.png" alt="Red Style" /></a> You can output links like that and then style_swither.php, or whatever script you want to link to, can perform the logic of setting the cookie and redirecting to an appropriate page.

My understanding is that Microsoft Sql Server can not be used on web servers (or external servers) that meet a certain criteria due Microsoft's license for the product. I've never looked into this myself, but it is something my boss has mentioned in the past. Can anyone in the know shed any light on that particular topic? It seems like a stupid move on Microsoft's part and I'm too lazy to look into it.

If you want to handle this nicely and neatly in your database query, then I suggest you break this data out into another, normalized table. Otherwise you will have to select from the database, loop over the records at least once to calculate totals, and then loop over them again to do whatever it is you want to do with them. In other words, this second approach will require you to write and maintain more code.

I haven't actively used MySQL for a project in almost two years now anyways. Postgres is much nicer.

It gives you just enough time to alt+tab and reload the "Unread threads since last visit" link though.

I think the real important question is: "Is your site getting millions of hits and generating revenue?" If the answer is "No" then realistically, who cares if it takes .1s or 3s to load.